
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
GTA-maker Rockstar Games hacked again but downplays impact
Crypto-exchange Kraken extorted by hackers after insider breach
Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market
Europol-supported global operation targets over 75 000 users engaged in DDoS attacks
Defendant Sentenced To Prison For Hacking Betting Website
Ransomware attack continues to disrupt healthcare in London nearly two years later
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram
Malware
Fake Claude site installs malware that gives attackers access to your computer
JanelaRAT: a financial threat targeting users in Latin America
Mirax extraction pipeline for StreamTV-like droppers
PowMix botnet targets Czech workforce
QEMU abused to evade detection and enable ransomware delivery
Hacking
New Booking.com data breach forces reservation PIN resets
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
Composer 2.9.6: Perforce Driver Command Injection Vulnerabilities (CVE-2026-40261, CVE-2026-40176)
Hackers are abusing unpatched Windows security flaws to hack into organizations
CVE-2026-39987 update: How attackers weaponized marimo to deploy a blockchain botnet via HuggingFace
The n8n n8mare: How threat actors are misusing AI workflow automation
A Deep Dive Into Attempted Exploitation of CVE-2023-33538
Intelligence and Information Warfare
A conflict of attrition: Iran’s bet on asymmetric warfare
Uncovering Webloc An Analysis of Penlink’s Ad-based Geolocation Surveillance Tech
Sweden blames pro-Russian group for cyberattack last year on its energy infrastructure
Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems
Cybersecurity
When deleting Signal is not enough: the FBI, iPhone notifications, and what forensics can reveal
Operation Atlantic: Protecting Victims Against Crypto Fraud
European regulators sidelined on Anthropic superhacking model
Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
The April 2026 Security Update Review
AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon
Bringing Rust to the Pixel Baseband
NIST Updates NVD Operations to Address Record CVE Growth
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)



