Security Affairs
Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Top stories of 2020

Below the list of the top stories of 2020. December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware BleepingComputer researchers confirmed that Garmin has received the […]

Cybersecurity

Schloesser mit den Namen von etlichen Liebespaaren sind am Donnerstag, 23. April 2009, am Gitter der Hohenzollernbruecke in Koeln zu sehen. Seit Silvester 2008 haben Paare hier ihre Liebe manifestiert und aller Welt kundgetan, indem sie ein Schloss mit ihren Namen an der Bruecke befestigt haben. Bei dem Schloesser-Trend handelt es sich um einen Brauch […]

Below the list of the top stories of 2020.

December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA.

August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware.

January 21 – Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. 

April 27 – Hacking Microsoft Teams accounts with a GIF image

Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions.

December 31 –New Golang-based Crypto worm infects Windows and Linux servers

Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers.

May 2 – Fake Microsoft Teams notifications aim at stealing Office365 logins

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins.

November 22 – Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs.

January 3 – Cisco addresses several flaws in its DCNM product

Cisco has released software updates for its Data Center Network Manager (DCNM) product to address several critical and high-severity issues.

February 27 – Hunting the coronavirus in the dark web

Let me share with you the result of a one-night long analysis of major black marketplaces searching for anything related to the coronavirus epidemic.

April 26 – Hackers exploit SQL injection zero-day issue in Sophos firewall

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Top stories 2020)

[adrotate banner=”5″]

[adrotate banner=”13″]