Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 190 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      6,500+ sites deleted after Dark Web hosting […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      6,500+ sites deleted after Dark Web hosting provider Daniels Hosting hack
·      Hacking Gmails UX with from fields for phishing attacks
·      Instagram glitch exposed some user passwords
·      Suspected APT29 hackers behind attacks on US gov agencies, think tanks, and businesses
·      CarsBlues Bluetooth attack Affects tens of millions of vehicles
·      Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29
·      Israel aims at hardening aviation industry assets from cyberattack
·      Tianfu Cup PWN hacking contest – White hat hackers earn $1 Million for Zero-Day exploits
·      Experts analyzed how Iranian OilRIG hackers tested their weaponized documents
·      Hackers target Drupal servers chaining several flaws, including Drupalgeddon2 and DirtyCOW
·      Mac users using Exodus cryptocurrency wallet targeted by a small spam campaign
·      TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues
·      Two hackers involved in the TalkTalk hack sentenced to prison
·      A flaw in US Postal Service website exposed data on 60 Million Users
·      Amazon UK is notifying a data breach to its customers days before Black Friday
·      Experts found flaws in Dell EMC and VMware Products. Patch them now!
·      Facebook increases rewards for its bug bounty program and facilitate bug submission
·      Sofacy APT group used a new tool in latest attacks, the Cannon
·      Chaining 3 zero-days allowed pen testers to hack Apple macOS computers
·      Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
·      Flaw allowing identity spoofing affects authentication based on German eID cards
·      13 fraudulent apps into Google Play have been downloaded 560,000+ times
·      Beware Black Friday & Cyber Monday shoppers: fake products, credit cards scams and other types of fraud
·      Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits
·      New Emotet Thanksgiving campaign differs from previous ones
·      Software company OSIsoft has suffered a data breach
·      VMware fixed Workstation flaw disclosed at the Tianfu Cup PWN competition
·      Chat app Knuddels fined €20k under GDPR regulation
·      North Korea-linked group Lazarus targets Latin American banks
·      US Government is asking allies to ban Huawei equipment
·      Facebook appeals UK fine in Cambridge Analytica privacy Scandal

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]