Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 404 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Copycat Criminals mimicking Lockbit gang in northern Europe
Sandworm APT targets Ukraine with new SwiftSlicer wiper
ISC fixed high-severity flaws in DNS software suite BIND
Patch management is crucial to protect Exchange servers, Microsoft warns
Hacker accused of having stolen personal data of all Austrians and more
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer
UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups
An unfaithful employee leaked Yandex source code repositories
Hive Ransomware Tor leak site apparently seized by law enforcement
Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)
Zacks Investment Research data breach impacted hundreds of thousands of customers
Google Chrome 109 update addresses six security vulnerabilities
North Korea-linked TA444 group turns to credential harvesting activity
French rugby club Stade Français leaks source code
DragonSpark threat actor avoids detection using Golang source code Interpretation
VMware warns of critical code execution bugs in vRealize Log Insight
Pakistan hit by nationwide power outage, is it the result of a cyber attack?
GoTo revealed that threat actors stole customers’ backups and encryption key for some of them
FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist
Meta Platforms expands features for EE2E on Messenger App
CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog
Researcher found US ‘No Fly List’ on an unsecured server
Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code
Companies impacted by Mailchimp data breach warn their customers
Massive Ad fraud scheme VASTFLUX targeted over 11 million devices
Video game firm Riot Games hacked, now it faces problems to release content
Expert found critical flaws in OpenText Enterprise Content Management System
Roaming Mantis uses new DNS changer in its Wroba mobile malware

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)