A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.GlassWorm evolves with Zig dropper to infect multiple developer toolsCVE-2026-39987: Marimo RCE exploited in hours after disclosureRansomware attack on ChipSoft knocks EHR services offline across hospitals in the Netherlands and BelgiumUAT-10362 linked to LucidRook attacks targeting Taiwan-based institutionsEngageLab SDK flaw opens door to private data on 50M Android devicesBitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentialsEurail data breach impacted 308,777 peopleMalicious PDF reveals active Adobe Reader zero-day in the wildMasjesu botnet targets IoT devices while evading high-profile networksThe alleged breach of China’s National Supercomputing Center can have serious geopolitical consequencesInternet-Exposed ICS Devices Raise Alarm for Critical SectorsU.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalogRussia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tacticsSignature Healthcare hit by cyberattack, services and pharmacies impactedProject Glasswing powered by Claude Mythos: defending software before hackers doU.S. agencies alert: Iran-linked actors target critical infrastructure PLCsAttackers exploit critical Flowise flaw CVE-2025-59528 for remote code executionMajor outage cripples Russian banking apps and metro payments nationwideFast-moving Storm-1175 uses new exploits to breach networks and drop MedusaGPUBreach exploit uses GPU memory bit-flips to achieve full system takeoverU.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalogExperts published unpatched Windows zero-day BlueHammerPhishing LNK files and GitHub C2 power new DPRK cyber attacksBKA unmasks two REvil Ransomware operators behind 130+ German attacksAttackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain ExposedCVE-2026-35616: Fortinet fixes actively exploited high-severity flawImage or Malware? Read until the end and answer in comments International Press – NewsletterCybercrimeIOCTA 2026 – The evolving threat landscape: how encryption, proxies and AI are expanding cybercrimeGermany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations BreachForums Data Leaks: Technical Analysis and Timeline Attribution (2022–2026)Cryptocurrency ATM giant Bitcoin Depot reports $3.6 million stolen in cyberattack Company that supplies software for patient records attacked by hackers Senator launches inquiry into 8 tech giants for failures to adequately report CSAMMalwareThirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT EvasionEXPMON detected sophisticated zero-day fingerprinting attack targeting Adobe Reader users Critical Supply Chain Compromise in Smart Slider 3 Pro: Full Malware Analysis GlassWorm goes native: New Zig dropper infects every IDE on your machine CPUID hacked to deliver malware via CPU-Z, HWMonitor downloadsHackingA hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen dataOver 14,000 F5 BIG-IP APM instances still exposed to RCE attacksFortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMSGPUBreach: Privilege Escalation Attacks on GPUs using Rowhammer Critical Flowise Vulnerability in Attacker Crosshairs Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning’ CVE-2026-25769: Critical Remote Code Execution in Wazuh via Unsafe Deserialization Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk Marimo OSS Python Notebook RCE: From Disclosure to Exploitation in Under 10 Hours Intelligence and Information WarfareDPRK-Related Campaigns with LNK and GitHub C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group)Russia’s banks face major service outages amid internet crackdown Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Britons warned about Russian hackers targeting internet routers for espionage Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure EntitiesAPT28 exploit routers to enable DNS hijacking operations ICE acknowledges it is using powerful spyware Artificial Intelligence and Foreign Information Manipulation: Chinese and Russian approachesNew Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations UK says it exposed Russian submarine activity near undersea cablesBeyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT Iranian-Affiliated APT Targeting of Rockwell/Allen-Bradley PLCs Cybersecurity‘It’s a real shock’: quantum-computing breakthroughs pose imminent risks to cybersecurity The political effects of X’s feed algorithm Project Glasswing Critical Infrastructure at Risk: 179 ICS Devices Exposed Online ICE acknowledges it is using powerful spywareThe-broken-physics-of-remediationFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)