Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 369 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers HID Mercury Access Controller flaws […]

newsletter

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
HID Mercury Access Controller flaws could allow to unlock Doors
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
PACMAN, a new attack technique against Apple M1 CPUs
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
Symbiote, a nearly-impossible-to-detect Linux malware
Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia
New Emotet variant uses a module to steal data from Google Chrome
Tainted CCleaner Pro Cracker spreads via Black Seo campaign
0Patch released unofficial security patch for new DogWalk Windows zero-day
US dismantled and seized SSNDOB cybercrime marketplace
China-linked threat actors have breached telcos and network service providers
Black Basta ransomware now supports encrypting VMware ESXi servers
Evil Corp gang starts using LockBit Ransomware to evade sanctions
Black Basta ransomware operators leverage QBot for lateral movements
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
Microsoft seized 41 domains used by Iran-linked Bohrium APT
Another nation-state actor exploits Microsoft Follina to attack European and US entities
Red TIM Research discovers a Command Injection with a 9,8 score on Resi
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online
Security Affairs newsletter Round 368 by Pierluigi Paganini
Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]