Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 368 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Anonymous: Operation Russia after 100 days of war GitLab addressed critical account take over via […]

newsletter

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Anonymous: Operation Russia after 100 days of war
GitLab addressed critical account take over via SCIM email change
LuoYu APT delivers WinDealer malware via man-on-the-side attacks
Clipminer Botnet already allowed operators to make at least $1.7 Million
Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited
Microsoft blocked Polonium attacks against Israeli organizations
LockBit ransomware attack impacted production in a Mexican Foxconn plant
Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks
An international police operation dismantled FluBot spyware
A critical RCE flaw in Horde Webmail has yet to be addressed
New XLoader Botnet version uses new techniques to obscure its C2 servers
Experts uncovered over 3.6M accessible MySQL servers worldwide
China-linked TA413 group actively exploits Microsoft Follina zero-day flaw
Hive ransomware gang hit Costa Rica public health service
SideWinder carried out over 1,000 attacks since April 2020
Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina
Experts warn of ransomware attacks against government organizations of small states
Three Nigerian men arrested in INTERPOL Operation Killer Bee
A new WhatsApp OTP scam could allow the hijacking of users’ accounts
Multiple Microsoft Office versions impacted by an actively exploited zero-day
GoodWill Ransomware victims have to perform socially driven activities to decryption their data
EnemyBot malware adds new exploits to target CMS servers and Android devices
Pro-Russian hacker group KillNet plans to attack Italy on May 30
US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]