A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Two US cybersecurity experts sentenced in ransomware case, third awaits July rulingTrellix discloses the breach of a code repositoryNew Deep#Door RAT uses stealth and persistence to target WindowsDigital attacks drive a new wave of cargo theft, FBI saysCarding service Jerry’s Store leak exposes 345,000 stolen payment cardsAnthropic launches Claude Security to counter rapid AI-Powered exploitsSonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them nowCopy Fail: New Linux bug enables Root via page‑cache corruptionAgent’s claims on WhatsApp access spark security concernsMeta accused of violating DSA by failing to safeguard minorsLarge-scale Roblox hacking operation shut down by Ukrainian authoritiesCVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosureInternet censorship index reveals Russia’s lead and widespread content blockingAll supported cPanel versions hit by critical auth bug, now patchedU.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalogShinyHunters exploit Anodot incident to target VimeoCVE-2026-3854 GitHub flaw enables remote code executionSignal Phishing Campaign Targets German Officials in Suspected Russian OperationMicrosoft fixes Entra ID flaw enabling privilege escalationNew Android spyware Morpheus linked to Italian surveillance firmNCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort linksMedtronic discloses security incident after ShinyHunters claimed theft of 9M+ recordsChinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense softwareLINKEDIN BROWSERGATEFirefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprintingFast16: Pre-Stuxnet malware that targeted precision engineering softwareItaly moves to extradite Chinese national to the U.S. over hacking chargesU.S. utility giant Itron discloses a security breachCritical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observedGopherWhisper: new China-linked APT targets Mongolia with Go-based malwareTrigona ransomware adopts custom tool to steal data and evade detectionInternational Press – NewsletterCybercrimeHold the Phone! International Revenue Share Fraud Driven by Fake CAPTCHAs Video site Vimeo blames security incident on Anodot breachA hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia Scammers vibecode server to verify stolen credit cards, leak details of 345K cards Cyber-Enabled Strategic Cargo Theft Surging Anti-DDoS Firm Heaped Attacks on Brazilian ISPs Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours Malware73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations LofyStealer: Malware targeting Minecraft players Deep#Door Stealer: Stealthy Python Backdoor and Credential Stealer Leveraging Tunneling, Multi-Layer Persistence, and In-Memory Surveillance CapabilitiesPoisoning the well: AI supply chain attacks on Hugging Face and OpenClaw 8.3M Downloads Compromised: Lightning & Intercom-Client Infected in Latest Shai-Hulud AttackHackingWe found a stable Firefox identifier linking all your private Tor identities Agent ID Administrator scope overreach: Service Principal takeover in Entra ID Securing GitHub: Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854)CVE-2026-42208: Targeted SQL injection against LiteLLM’s authentication path discovered 36 hours following vulnerability disclosure Copy Fail: 732 Bytes to Root on Every Major Linux Distribution Inspektor Gadget Security AuditLiving off the orchard: understanding LOOBins and native macOS attack techniques Claude Security is now in public beta Intelligence and Information Warfarefast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet NASA Investigators Expose a Chinese National Phishing for Defense Software Italy to extradite suspected Chinese hacker wanted by US authorities, says source An alarm clock you can’t ignore: How CapFix attacks Russian organizations Germany suspects Russia is behind Signal phishing that targeted top officials A conflict of attrition: Iran’s bet on asymmetric warfare Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia CybersecurityPalantir employees are talking about company’s “descent into fascism”World-first NCSC-engineered device secures vulnerable display links ‘It’s a real shock’: quantum-computing breakthroughs pose imminent risks to cybersecurity The Global Internet Censorship Index 2026 Commission preliminarily finds Meta in breach of Digital Services Act for failing to prevent minors under 13 from using Instagram and FacebookTennessee becomes second state to ban cryptocurrency ATMs over scam concerns A federal agent said WhatsApp’s encryptionTrellix Confirms Source Code Breach With Unauthorized Repository AccessEvolving the Android & Chrome VRPs for the AI Era Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)