Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 169 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      A hacker devised a method to unlock […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      A hacker devised a method to unlock any iPhone and iPad device
·      Vulnerabilities in Fredi Wi-Fi baby monitor can be exploited to use it a spy cam
·      WannaSpam – Beware messages from WannaCry-Hack-Team, it is the last hoax
·      China Tick APT group targeting air-gapped systems in Asia
·      CSE Malware ZLab – A new variant of Ursnif Banking Trojan served by the Necurs botnet hits Italy
·      Oracle issued security patches for recently discovered Spectre and Meltdown issues
·      UK Tax Agency HMRC has recorded the voice tracks of 5.1 Million Brits
·      Lazarus APT hackers leverages HWP Documents in a recent string of attacks
·      Misconfigured Java web server component Jolokia expose website at cyber attacks
·      One more reason to hate your cellphone battery when it sends private data to the bad actors
·      Recent spam campaigns powered by Necurs uses Internet Query File attachments
·      The Wi-Fi Alliance announced the launch of the WPA3 security standard
·      FastBooking Hotel booking software firm suffered a data breach
·      Recently discovered RANCOR cyber espionage group behind attacks in South East Asia
·      Russian police detained cybercriminals who broke into the accounts of 700,000 customers of popular Internet stores
·      Unpatched WordPress file deletion vulnerability could allow site takeover and code execution
·      Apophis Squad hacker group is the alleged responsible for the DDoS attack against ProtonMail
·      Ops … the DoublePulsar NSA-Linked implant now works also on Windows Embedded devices
·      Talos releases ThanatosDecryptor, a free Thanatos Ransomware decryptor
·      Adidas warns US consumers of a potential security breach
·      Hackers compromised Gentoo Linux GitHub Page and planted a malicious code
·      Ticketmaster suffered a data breach and blamed a third-party provider over the incident
·      Twitter shared details about its strategy for fighting spam and bots
·      Facebook Quiz app NameTests left 120 Million users data exposed online
·      Recently discovered OSX.Dummy mac malware is targeting the cryptocurrency community
·      The popular online survey software Typeform suffered a security breach

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]