Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. INC RANSOM ransomware gang claims to have breached Xerox Corp Spotify music converter TuneFab puts users […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

INC RANSOM ransomware gang claims to have breached Xerox Corp
Spotify music converter TuneFab puts users at risk
Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania
Russia-linked APT28 used new malware in a recent phishing campaign
Clash of Clans gamers at risk while using third-party app
New Version of Meduza Stealer Released in Dark Web
Operation Triangulation attacks relied on an undocumented hardware feature
Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data
Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network
Experts warn of critical Zero-Day in Apache OfBiz
Xamalicious Android malware distributed through the Play Store
Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841
Elections 2024, artificial intelligence could upset world balances
Experts analyzed attacks against poorly managed Linux SSH servers
A cyberattack hit Australian healthcare provider St Vincent’s Health Australia
Rhysida ransomware group hacked Abdali Hospital in Jordan
Carbanak malware returned in ransomware attacks
Resecurity Released a 2024 Cyber Threat Landscape Forecast
APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw
Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor
Europol and ENISA spotted 443 e-stores compromised with digital skimming
Video game giant Ubisoft investigates reports of a data breach

Cybercrime

Cyber sleuths reveal how they infiltrate the biggest ransomware gangs

KHO IT system failure after cyber attack

Cybercriminals Launched “Leaksmas” Event In The Dark Web Exposing Massive Volumes Of Leaked PII And Compromised Data  

Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data

Malware

NCC Group Monthly Threat Pulse – November 2023

Analysis of Attacks That Install Scanners on Linux SSH Servers  

Stealth Backdoor “Android/Xamalicious” Actively Infecting Devices   

ESET Threat Report H2 2023  

Hacking

Barracuda Email Security Gateway Appliance (ESG) Vulnerability

Hackers stole $2 billion in crypto in 2023, data shows     

SMTP Smuggling  

SonicWall Discovers Critical Apache OFBiz Zero-day -AuthBiz  

Meet Joe Biden’s Favorite Hacker  

Intelligence and Information Warfare

Ukraine’s partners launch Tallinn Mechanism to amplify cyber support  

Threat Actor ‘UAC-0099’ Continues to Target Ukraine  

Microsoft: Hackers target defense firms with new FalseFont malware  

End government by WhatsApp, urges former GCHQ head  

The Rebirth of Russian Spycraft  

Operation Triangulation: The last (hardware) mystery  

APT28: From initial attack to creating threats to a domain controller in an hour (CERT-UA#8399) 

China’s social-media attacks are part of a larger ‘cognitive warfare’ campaign  

What to Know About the Hacker Group That Shut Down 70% of Iran’s Gas Stations

Inside the world of deep-cover spies that Russia is deploying to infiltrate the West     

How China’s Ministry of State Security is using AI to hunt American spies in Beijing in ‘new Cold War’ with the CIA: Powerful software creates instant dossiers to weed out enemy agents       

Cybersecurity

Five bold cybersecurity predictions for 2024

Cloud CISO Perspectives: Our 2024 Cybersecurity Forecast report

Albanian Parliament and One Albania Telecom Hit by Cyber Attacks

The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead

Google settles $5bn lawsuit for ‘private mode’ tracking  

New York Times sues Microsoft, ChatGPT maker OpenAI over copyright infringement

US cyber warriors issue a call to arms  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)