Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 386

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog Guacamaya hacktivists stole sensitive data […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
Luxury hotel chain Shangri-La suffered a security breach
Witchetty APT used steganography in attacks against Middle East entities
US DoD announced the results of the Hack US bug bounty challenge
Microsoft confirms Exchange zero-day flaws actively exploited in the wild
Unpatched Microsoft Exchange Zero-Day actively exploited in the wild
Experts uncovered novel Malware persistence within VMware ESXi Hypervisors
Hacker groups support protestors in Iran using Telegram, Signal and Darkweb
A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums
Go-based Chaos malware is rapidly growing targeting Windows, Linux and more
Threat actors use Quantum Builder to deliver Agent Tesla malware
ONLINE DISINFORMATION: Under the hood of a Doppelgänger
APT28 relies on PowerPoint Mouseover to deliver Graphite malware
Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks
NUVOLA: the new Cloud Security tool
Meta dismantled the largest Russian network since the war in Ukraine began
North Korea-linked Lazarus continues to target job seekers with macOS malware
Defense firm Elbit Systems of America discloses data breach
WhatsApp fixed critical and high severy vulnerabilities
Erbium info-stealing malware, a new option in the threat landscape
Mandiant identifies 3 hacktivist groups working in support of Russia
Russia prepares massive cyberattacks on the critical infrastructure of Ukraine and its allies
China-linked TA413 group targets Tibetan entities with new backdoor
Metador, a never-before-seen APT targeted ISPs and telco for about 2 years
Exmatter exfiltration tool used to implement new extortion tactics
Attackers impersonate CircleCI platform to compromise GitHub accounts
OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]