A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.FBI probing intrusion into a system managing sensitive surveillance informationReading White House President Trump’s Cyber Strategy for America (March 2026)Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligenceIran-linked MuddyWater deploys Dindoor malware against U.S. organizationsCisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flawsMicrosoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma StealerIran-nexus APT Dust Specter targets Iraq officials with new malwareU.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalogGoogle GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets growPhobos Ransomware admin faces up to 20 years after guilty pleaRussian APT targets Ukraine with BadPaw and MeowMeow malwareOperation Leak: FBI and Europol dismantle LeakBase Cybercrime forumGoogle uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1Cisco fixes maximum-severity Secure FMC bugs threatening firewall securityAutomate or orchestrate? Implementing a streamlined remediation program to shorten MTTRLastPass warns of spoofed alerts aimed at stealing master passwordsFrom phishing to Google Drive C2: Silver Dragon expands APT41 playbookU.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalogData breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individualsFacebook is experiencing a global outageAriomex, Iran-based crypto exchange, suffers data leakOracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leakedPhishing campaign exploits OAuth redirection to bypass defensesAndroid devices hit by exploited Qualcomm flaw CVE-2026-21385Chrome security flaw enabled spying via Gemini Live assistantMiddle east crisis prompts UK NCSC warning on potential Iranian cyber activityRussia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patchAPT37 combines cloud storage and USB implants to infiltrate air-gapped systemsEuropol’s Project Compass nets 30 arrests in crackdown on “The Com”ClawJacked flaw exposed OpenClaw users to data theftUkrainian hacker pleads guilty to running OnlyFake AI ID scam siteShinyHunters leaked the full Odido datasetClaude code abused to steal 150GB in cyberattack on Mexican agenciesCVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instancesInternational Press – NewsletterCybercrimeProject Compass: first operational results against The Com network Creator Of “OnlyFake” Charged And Pleads Guilty To Selling More Than 10,000 Digital Fake Identification Documents U.S. Attorney’s Office EDNC Announces Seizure of $61 Million Dollars’ Worth of Cryptocurrency OAuth redirection abuse enables phishing LastPass Alerts Customers of Fake Email Chains Used in New Phishing Campaign; No Impact to LastPass Systems Major data leak forum dismantled in global action against cybercrime forum Global phishing-as-a-service platform taken down in coordinated public-private action Russian Ransomware Administrator Pleads Guilty to Wire Fraud Conspiracy FBI arrests suspect linked to $46M crypto theft from US Marshals MalwareMalware Reverse Engineering is no longer a human problem! Inside a fake Google security check that becomes a browser RAT InstallFix: How attackers are weaponizing malvertized install guides New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages HackingCoruna: The Mysterious Journey of a Powerful iOS Exploit KitClaude didn’t just plan an attack on Mexico’s government. It executed one for a month — across four domains your security stack can’t see OpenClaw Vulnerability: Website-to-Local Agent Takeover Hundreds of Thousands of Mobile Apps May Now Be Exposing AI Access Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2 Defending the gates: How a global coalition disrupted Tycoon 2FA, a major driver of initial access and large-scale online impersonation Retaliatory Hacktivist DDoS Activity Following Operation Epic Fury/Roaring Lion Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the WildIntelligence and Information WarfareStegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential StealerInside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran UK firms in Middle East face heightened threat from Iran hackers, agency warns Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes Alert: NCSC advises UK organisations to take action following conflict in the Middle East SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh Silver Dragon Targets Organizations in Southeast Asia and Europe Retaliatory Hacktivist DDoS Activity Following Operation Epic Fury/Roaring Lion Exposing a Russian Campaign Targeting Ukraine Using New Malware Duo: BadPaw and MeowMeow Dust Specter APT Targets Government Officials in Iraq Iranian APT Hacked US Airport, Bank, Software CompanySeedworm: Iranian APT on Networks of U.S. Bank, Airport, Software Company Threat Advisory Special Report: Iranian Threat Actor Group UpdateInterplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East UAT-9244 targets South American telecommunication providers with three new malware implantsCybersecurityCyber Battlefield: Ariomex, Iran-Based Crypto Exchange, Suffers Data Leak Quantum Decryption of RSA Is Much Closer Than ExpectedNow is a good time for doing crime iVerify Details First Known Mass iOS Attack Meta Ray-Ban Smart Glasses Are Sending Footage of People Having Sex, Undressing, and Using the Bathroom to Workers in KenyaLook What You Made Us Patch: 2025 Zero-Days in ReviewUS banks on high alert for cyberattacks as Iran war escalates White House Unveils President Trump’s Cyber Strategy for America FBI investigating ‘suspicious’ cyber activity on system holding sensitive surveillance information Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)