Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 390

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Daixin Team targets health organizations with ransomware, US agencies warn Threat actors exploit critical flaw in […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Daixin Team targets health organizations with ransomware, US agencies warn
Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners
EnergyAustralia Electricity company discloses security breach
Experts warn of CVE-2022-42889 Text4Shell exploit attempts
CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog
GUAC – A Google Open Source Project to secure software supply chain
News URSNIF variant doesn’t support banking features
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
BlueBleed: Microsoft confirmed data leak exposing customers’ info
Internet disruptions observed as Russia targets critical infrastructure in Ukraine
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang
Experts discovered millions of .git folders exposed to public
Text4Shell, a remote code execution bug in Apache Commons Text library
Researchers share of FabriXss bug impacting Azure Fabric Explorer
The missed link between Ransom Cartel and REvil ransomware gangs
Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality
Law enforcement arrested 31 suspects for stealing cars by hacking key fobs
China-linked APT41 group targets Hong Kong with Spyder Loader
Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike
Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
Retail giant Woolworths discloses data breach of MyDeal online marketplace
New UEFI rootkit Black Lotus offered for sale at $5,000
Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted
Bulgaria hit by a cyber attack originating from Russia
Interpol arrested 75 members of the cybercrime ring Black Axe
45,654 VMware ESXi servers reached End of Life on Oct. 15
Mysterious Prestige ransomware targets organizations in Ukraine and Poland
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]