Security Affairs
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Top 2023 Security Affairs cybersecurity stories

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. 1.7 TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE […]

Security Affairs logo

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it.

CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA

Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported.

1.7 TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE

1.7 TB of data stolen from Cellebrite, a digital intelligence company that provides tools for law enforcement, were leaked online.

LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.

FBI HACKER USDOD LEAKS HIGHLY SENSITIVE TRANSUNION DATA

Researchers from vx-underground reported that FBI hacker ‘USDoD‘ leaked sensitive data from consumer credit reporting agency TransUnion.

RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13

Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts.

TWO FLAWS IN LINUX UBUNTU AFFECT 40% OF UBUNTU USERS

Wiz researchers discovered two Linux vulnerabilities in the Ubuntu kernel that can allow an unprivileged local user to gain elevated privileges.

TWO SPYWARE SENDING DATA OF MORE THAN 1.5M USERS TO CHINA WERE FOUND IN GOOGLE PLAY STORE

Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China.

DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS

DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches.

PII BELONGING TO INDIAN CITIZENS, INCLUDING THEIR AADHAAR IDS, OFFERED FOR SALE ON THE DARK WEB

Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web.

A FLAW IN SYNOLOGY DISKSTATION MANAGER ALLOWS ADMIN ACCOUNT TAKEOVER

A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator’s password.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories)