Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 262

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Coronavirus-themed attacks April 19 – April 25, 2020 Crooks target US universities with malware used by nation-state actors Hackers exploit SQL injection zero-day […]

newsletter

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

Coronavirus-themed attacks April 19 – April 25, 2020
Crooks target US universities with malware used by nation-state actors
Hackers exploit SQL injection zero-day issue in Sophos firewall
Group-IB helps to detain operators of scam-service issuing fake passes to move around Moscow amid COVID-19 virus lockdown
Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns
Hacking Microsoft Teams accounts with a GIF image
Previously undetected VictoryGate Botnet already infected 35,000 devices
Shade Ransomware gang shut down operations and releases 750K decryption keys
100k+ WordPress sites exposed to hack due to a bug in Real-Time Find and Replace plugin
Experts warn of deliveries scams that use a COVID-19 theme
Outlaw is Back, a New Crypto-Botnet Targets European Organizations
PhantomLance, a four-year-long cyberespionage spying campaign
SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE
Adobe addresses several critical flaws in Illustrator, Bridge, and Magento
Estonian intelligence reports foreign hackers breached Mail.ee email provider
Google found zero-click vulnerabilities in Apples multimedia processing components
Journalist Matthew Keys is now charged with an attack on a magazine
Chegg discloses the third data breach in the last two years
Crooks spread malware via pirated movies during COVID-19 outbreak
EventBot, a new Android mobile targets financial institutions across Europe
Experts found critical flaws in 3 popular e-Learning WordPress Plugins
Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide
RDP brute-force attacks rocketed since beginning of COVID-19
COVID-19 disinformation and misinformation campaigns continue to proliferate
Europol analyses on criminal operations in Europe during COVID-19 Crisis
Hackers are targeting recently patched WebLogic security vulnerability
Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR
Over 800K WordPress sites are at risk due to a flaw in Ninja Forms plugin
Fake Microsoft Teams notifications aim at stealing Office365 logins
French daily Le Figaro leaks 7.4 Billion records
President Trumps executive order bans foreign electrical equipment from national power grid
TrickBot operators exploit COVID-19 as lures

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – newsletter, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]