Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 409 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M stolen credit/debit […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

FiXS, a new ATM malware that is targeting Mexican banks
BidenCash leaks 2.1M stolen credit/debit cards
Pegasus spyware used to spy on a Polish mayor
Hundreds of thousands of websites hacked as part of redirection campaign
MQsTTang, a new backdoor used by Mustang Panda APT against European entities
Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices
The U.S. CISA and FBI warn of Royal ransomware operation
Retailer WH Smith discloses data breach after a cyberattack
GunAuction site was hacked and data of 565k accounts were exposed
Cryptojacking campaign targets insecure deployments of Redis servers
Cisco fixed a critical command injection bug in IP Phone Series
Threat actors target law firms with GootLoader and SocGholish malware
Canada is going to ban TikTok on government mobile devices
BlackLotus is the first bootkit bypassing UEFI Secure Boot on Windows 11
Satellite TV giant Dish admitted that the recent outage was caused by a ransomware attack
Parallax RAT used in attacks aimed at cryptocurrency entities
Google Gmail client-side encryption is available globally
Bitdefender released a free decryptor for the MortalKombat Ransomware family
U.S. Marshals Service suffers a ransomware attack
CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog
Resecurity identified the investment scam network ‘Digital Smoke’
LastPass: hackers breached the computer of a DevOps engineer in a second attack
Threat actors leak Activision employee data on hacking forum
PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks
Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker
PureCrypter used to deliver AgentTesla to govt organizations
ChromeLoader campaign uses VHD files disguised as cracked games and pirated software
Ransomware attack on food giant Dole Food Company blocked North America production
Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)