Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 184 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      APT28 group return to covert intelligence gathering […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      APT28 group return to covert intelligence gathering ops in Europe and South America.
·      D-Link fixed several flaws in Central WiFiManager access point management tool
·      Expert presented a new attack technique to compromise MikroTik Routers
·      Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it
·      Kaspersky shed lights on the overlap of operations conducted by Turla and Sofacy
·      The Git Project addresses a critical arbitrary code execution vulnerability in Git
·      WECON PI Studio HMI software affected by code execution flaws
·      BEC scams, hacked accounts available from $150 up to $5,000
·      How Secure Are Bitcoin Wallets, Really?
·      Project Strobe, what will change after the Google security breach?
·      Researchers presented an improved version of the WPA KRACK attack
·      CVE-2018-8453 Zero-Day flaw exploited by FruityArmor APT in attacks aimed at Middle East
·      GAO report reveals new Pentagon weapon systems vulnerable to hack
·      Group-IB: $49.4 million of damage caused to Russias financial sector from cyber attacks
·      Hackers can compromise your WhatsApp account by tricking you into answering a video call
·      Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature
·      Exaramel Malware Links Industroyer ICS malware and NotPetya wiper
·      Juniper Networks provides dozens of fix for vulnerabilities in Junos OS
·      New Gallmaker APT group eschews malware in cyber espionage campaigns
·      SAP October 2018 set of patches fixes first Hot News security note for SAP BusinessObjects in 5 years
·      DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More
·      Facebook Data Breach Update: attackers accessed data of 29 Million users
·      Fitmetrix fitness software company may have exposed millions of customer records
·      Five Eyes Intelligence agencies warn of popular hacking tools
·      Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor
·      Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update
·      NHS is still assessing the cost of WannaCry one year later
·      Pentagon Defense Department travel records data breach

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]