Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 166 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit Impervas […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit
Impervas research shows 75% of open Redis servers are infected
Microsoft reportedly acquires the GitHub popular code repository hosting service
North Korea-Linked Covellite APT group stopped targeting organizations in the U.S.
NYT: Facebook APIs gave device makers deep access to user data. FB disagrees
Thousands of organizations leak sensitive data via misconfigured Google Groups
Updated: Microsoft reportedly acquires the GitHub popular code repository hosting service
‘Zip Slip arbitrary file overwrite vulnerability affects thousands of projects
Iron cybercrime group uses a new Backdoor based on HackingTeams RCS surveillance sw
MyHeritage data breach – 92.3 million user credential exposed
Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks
The author of the Sigrun Ransomware decrypts Russian victims files for free
Are Wi-Fi hotspots in World Cup Russia host cities secure?
How Threat Hunters Operate in Modern Security Environments
HR Software company PageUp victim of a Data Breach, experts fear a domino effect
It’s not a joke, Owari botnet operators used root as username and password to access a C&C
Adobe fixed the CVE-2018-5002 Flash Zero-Day exploited in targeted attacks in the Middle East
Prowli Operation – Crooks already compromised over 40,000 servers and IoT Devices
Russia-linked Sofacy APT group adopts new tactics and tools in last campaign
VPNFilter malware now targets new devices, even behind a firewall
Cisco patches a critical vulnerability in Prime Collaboration Provisioning solution
DMOSK Malware Targeting Italian Companies
Facebook confirms privacy settings glitch in a new feature exposed private posts of 14 Million users
Multiple models of IP-based cameras from Chinese firm Foscam could be easily hacked. Update the firmware now!
Chinese state-sponsored hackers steal 600GB U.S. Navy data
Cisco removed hardcoded credentials in WAAS software. Undocumented accounts are a frequent issue
Trend Micro spotted a new variant of KillDisk wiper in Latin America

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]