Security Affairs
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 329

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. EskyFun data leak, over 1 million Android gamers impacted Boffins show PIN bypass attack Mastercard and Maestro […]

newsletter

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the international press subscribe here.

EskyFun data leak, over 1 million Android gamers impacted
Boffins show PIN bypass attack Mastercard and Maestro contactless payments
Phorpiex botnet shuts down and authors put source code for sale
Atlassian released security patches to fix a critical flaw in Confluence
An RCE in Annke video surveillance product allows hacking the device
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
The FBI issued a flash alert for Hive ransomware operations
Victims of Ragnarok ransomware can decrypt their files for free
B. Braun Infusomat pumps could be hacked to alter medication doses
CISA publishes malware analysis reports on samples targeting Pulse Secure devices
Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches
Kaseya fixed two of the three Kaseya Unitrends zero-days found in July
Personal Data and docs of Swiss town Rolle available on the dark web
VMware addressed 4 High-Severity flaws in vRealize Operations
F5 addressed a flaw in BIG-IP devices rated as critical severity under specific conditions
FIN8 group used a previously undetected Sardonic backdoor in a recent attack
ShinyHunters group claims to have data of 70M AT&T customers
Modified version of Android WhatsApp installs Triada Trojan
Samsung could use a TV Block feature to disable any of its TVs worldwide
CVE-2021-3711 in OpenSSL can allow to change an application’s behavior
New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware
FBI flash alert warns on OnePercent Group Ransomware attacks
Realtek SDK flaws exploited to deliver Mirai bot variant
CISA recommends immediately patch Exchange ProxyShell flaws
T-Mobile data breach could be worse than initially thought, 54 million customers impacted
 
Are you using a Sophos UTM appliance? Be sure it is up to date!
LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs
Memorial Health System forced to cancel surgeries after ransomware attack
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

If you want to also receive for free the international press subscribe here.

Follow me on Twitter: @securityaffairs and Facebook