Security Affairs
U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 517 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme Experts warn of the new sophisticate […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme
Experts warn of the new sophisticate Crocodilus mobile banking Trojan
Crooks are reviving the Grandoreiro banking trojan
Russian authorities arrest three suspects behind Mamont Android banking trojan
Mozilla fixed critical Firefox vulnerability CVE-2025-2857
U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog
Crooks target DeepSeek users with fake sponsored Google ads to deliver malware
U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)
New ReaderUpdate malware variants target macOS users
BlackLock Ransomware Targeted by Cybersecurity Firm
Google fixed the first actively exploited Chrome zero-day since the start of the year
Authentication bypass CVE-2025-22230 impacts VMware Windows Tools
Android malware campaigns use .NET MAUI to evade detection
Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack
A cyberattack hits Ukraine’s national railway operator Ukrzaliznytsia
Chinese APT Weaver Ant infiltrated a telco in Asia for over four years
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools
Attackers can bypass middleware auth checks by exploiting critical Next.js flaw
FBI warns of malicious free online document converters spreading malware
Cloak ransomware group hacked the Virginia Attorney General’s Office
UAT-5918 ATP group targets critical Taiwan

International Press – Newsletter

Cybercrime

Ransomware Group Claims Attack on Virginia Attorney General’s Office      

FBI Denver Warns of Online File Converter Scam  

The DNA of organised crime is changing – and so is the threat to Europe  

Exclusive: DOGE staffer ‘Big Balls’ provided tech support to cybercrime ring, records show

A Sneaky Phish Just Grabbed my Mailchimp Mailing List

Arrests in Tap-to-Pay Scheme Powered by Phishing

DeepSeek users targeted with fake sponsored Google ads that deliver malware          

Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes  

DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme  

Malware

Microsoft Trusted Signing service abused to code-sign malware

Shedding light on the ABYSSWORKER driver 

Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks

Shifting the sands of RansomHub’s EDRKillShifter  

Multiple crypto packages hijacked, turned into info-stealers  

CoffeeLoader: A Brew of Stealthy Techniques

PJobRAT makes a comeback, takes another crack at chat apps      

Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices

Hacking

Next.js and the corrupt middleware: the authorizing artifact  

Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

New GitHub Action supply chain attack: reviewdog/action-setup  

OpenAI Offering $100K Bounties for Critical Vulnerabilities

Over 150K websites hit by full-page hijack linking to Chinese gambling sites  

Intelligence and Information Warfare

Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation  

Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US

RedCurl’s Ransomware Debut: A Technical Deep Dive

You will always remember this as the day you finally caught FamousSparrow      

Private Data and Passwords of Senior U.S. Security Officials Found Online

TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN’S YOUTH LAPTOP SCHEME TO TARGET INDIA  

Cybersecurity

The Trump Administration Accidentally Texted Me Its War Plans

Flailing OpenAI Calls for Ban on Chinese AI 

Why government workers and military planners all love Signal now  

SignalGate Isn’t About Signal    

TCCing is Believing  

Oracle Health breach compromises patient data at US hospitals

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)