Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives…
Tag: articles
AI, Exploits, Global Security News
Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Coinflow CISO on crypto payments security under AI pressure Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs…
AI, Global Security News, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply Chain Attack Compromises @antv Packages on npm actions-cool/issues-helper GitHub Action Compromised: All Tags Point to…
AI, Data Breaches, Exploits, Global Security News
Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. Earbud sensors can authenticate users by their heartbeat, study…
AI, Global Security News
Arxiv: Researchers who submit AI-generated junk could get 1-year suspension
Arxiv, the open-access repository where researchers publish scientific articles before they have undergone formal peer review, is introducing stricter rules against AI-generated articles containing obvious errors and fabricated content. Researchers who submit texts with clear signs of so-called “AI slop” can now be banned from the platform for a year, according to 404 Media. Red…
AI, Exploits, Global Security News, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace installers with Python RAT malware New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment Operation…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet…
AI, Global Security News, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CloudZ RAT potentially steals OTP messages using Pheno plugin Backdoored PyTorch Lightning package drops credential stealer A rigged game: ScarCruft compromises gaming platform in a supply-chain attack Muddying the Tracks: The State-Sponsored Shadow Behind…
AI, Data Breaches, Exploits, Global Security News
Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in 2026 relies on mobile apps used alongside personal tools like banking and messaging. Ten widely used workplace apps, including Gmail, Microsoft Teams, Zoom, Slack, and Notion,…
AI, Global Security News, malware, Russia
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 95
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet 73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations An alarm clock you can’t ignore: How CapFix attacks…
AI, Exploits, Global Security News
Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The AI criminal mastermind is already hiring on gig platforms Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model…
AI, Exploits, Global Security News, malware, Network Security, Politics
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPhone — invincible no more: a look at DarkSword and Coruna Lotus Wiper: a new threat targeting the energy and utilities sector New NGate variant hides in…
AI, Data Breaches, Global Security News, malware
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack Fake Claude site installs malware that gives attackers access to your computer Malware Analysis Static SKILL for Codex JanelaRAT: a financial threat targeting users in Latin…
AI, Exploits, Global Security News
Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Bringing governance and visibility to machine and AI identities In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a…
AI, Cybersecurity, Global Security News, Government & Policy, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) Hackers Are Attempting to Turn ComfyUI Servers Into a…
Exploits, Global Security News
Week in review: Windows zero-day exploit leaked, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government RoadK1ll: A WebSocket Based Pivoting Implant axios Compromised: npm Supply Chain Attack via Dependency Injection …
AI, Exploits, Global Security News
Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets Trivy Supply Chain Attack Expands to Compromised Docker Images VoidStealer: Debugging Chrome to Steal…
AI, Global Security News, Network Security
Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance level for more…
AI, china, Exploits, Global Security News, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware – malware analysis DRILLAPP: new backdoor targeting Ukrainian entities with possible links to Laundry Bear When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation AI Coding Tools Under Fire:…
AI, Cybersecurity, Exploits, Global Security News
Week in review: ScreenConnect servers open to attack, exploited Microsoft SharePoint flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What smart factories keep getting wrong about cybersecurity In this Help Net Security interview, Packsize CSO Troy Rydman breaks down the biggest vulnerabilities in smart factory environments today, from IoT devices and legacy systems to human error. He explains how…
AI, Exploits, Global Security News, malware, Russia
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader New A0Backdoor Linked to…
AI, Cybersecurity, Global Security News, malware
Week in review: AiTM phishing kit used to hijack AWS accounts, year-long malware campaign targets HR
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Turning expertise into opportunity for women in cybersecurity Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produce change. Stages still skew heavily male, even as women…
AI, Apps, Europe, Global Security News, Government & Policy, malware, Network Security, privacy, Russia
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer a human problem! StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential Stealer Inside a fake Google security check that becomes a browser RAT SloppyLemming…
AI, Apps, Global Security News, malware
Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining Campaign Operation Olalampo: Inside MuddyWater’s Latest Campaign VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) Operation MacroMaze: new APT28 campaign using basic tooling and legit…
AI, Apps, Exploits, Global Security News, malware
Week in review: Self-spreading npm malware hits developers, Cisco SD-WAN 0-day exploited since 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Identity verification systems are struggling with synthetic fraud Fake and expired IDs keep showing up in routine customer transactions, from alcohol purchases to credit card applications. The problem shows up most often in industries that depend on fast onboarding and…
AI, Exploits, Global Security News, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ninja Browser & Lumma Infostealer Ghost Tapped: Tracking the Rise of Chinese Tap-to-pay Android Malware Hudson Rock Identifies Real-World Infostealer Infection Targeting OpenClaw Configurations Divide and conquer: how the new Keenadu backdoor exposed links…
AI, Exploits, Global Security News
Week in review: Firmware-level Android backdoor found on tablets, Dell zero-day exploited since 2024
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Security at AI speed: The new CISO reality The CISO role has changed significantly over the past decade, but according to John White, EMEA Field CISO, Torq, the most disruptive shift is accountability driven by agentic AI. In this Help…
AI, Global Security News, malware, Russia
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT Breaking Down ZeroDayRAT – New Spyware Targeting Android and iOS Old-School IRC, New Victims: Inside the Newly Discovered SSHStalker Linux Botnet Reynolds: Defense Evasion Capability…
AI, Exploits, Global Security News, Risk Management
Week in review: Exploited newly patched BeyondTrust RCE, United Airlines CISO on building resilience
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: United Airlines CISO on building resilience when disruption is inevitable In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising safety-critical environments, why resilience and continuity matter as…
AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Penetration Testing, Risk Management, Security, Security Practices, Risk Management
The hard part of purple teaming starts after detection
In my recent articles for CSO, I’ve talked about the limits of current SOC models and the importance of rehearsal. This time, I want to focus on something that’s becoming increasingly clear: purple teaming has lost its depth. We’ve turned one of the most powerful tools for resilience into a transactional exercise that feels reassuring…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…