Security Affairs
Ernst & Young (EY) Investigates Data Breach Involving Third-Party Support Tickets|A cyberattack hit Nichirei, one of Japan’s largest food companies|New Russian Campaign Uses Fake Webex and Zoom Installers to Deploy Starland RAT|U.S. CISA adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog|Two Scattered Spider Members Sentenced to Prison Over £29 Million TfL Cyberattack|TuxBot v3: The IoT Botnet Built With AI – Bugs, Disclaimers and All|Claude Code and DeepSeek Powered Chinese Cyber Espionage Campaign|Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug|US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups|Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems|AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads|U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog|Ernst & Young (EY) Investigates Data Breach Involving Third-Party Support Tickets|A cyberattack hit Nichirei, one of Japan’s largest food companies|New Russian Campaign Uses Fake Webex and Zoom Installers to Deploy Starland RAT|U.S. CISA adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog|Two Scattered Spider Members Sentenced to Prison Over £29 Million TfL Cyberattack|TuxBot v3: The IoT Botnet Built With AI – Bugs, Disclaimers and All|Claude Code and DeepSeek Powered Chinese Cyber Espionage Campaign|Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug|US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups|Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems|AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads|U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 387

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. BlackByte Ransomware abuses vulnerable driver to bypass security solutions Unpatched remote code execution flaw in Zimbra […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

BlackByte Ransomware abuses vulnerable driver to bypass security solutions
Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited
VMware fixed a high-severity bug in vCenter Server
Fortinet urges customers to immediately fix a critical authentication bypass flaw in FortiGate and FortiProxy
Hacker stole $566 million worth of Binance Coins from Binance Bridge
LilithBot Malware, a new MaaS offered by the Eternity Group
Watch out, a bug in Linux Kernel 5.19.12 can damage displays on Intel laptops
Cisco fixed two high-severity bugs in Communications, Networking Products
City of Tucson Data Breach impacted 123,500 individuals
19-Year-Old man arrested for misusing leaked record from Optus Breach
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Avast releases a free decryptor for some Hades ransomware variants
New Maggie malware already infected over 250 Microsoft SQL servers
Telstra Telecom discloses data breach impacting former and current employees
OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel
A flaw in the Packagist PHP repository could have allowed supply chain attacks
Lazarus APT employed an exploit in a Dell firmware driver in recent attacks
Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group
Microsoft mitigations for recently disclosed Exchange zero-days can be easily bypassed
Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor
RansomEXX gang claims to have hacked Ferrari and leaked online internal documents
Finnish intelligence warns of Russia’s cyberespionage activities
Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info
BlackCat ransomware gang claims to have hacked US defense contractor NJVC
German police identified a gang that stole €4 million via phishing attacks

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]