Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION

Wait 5 sec.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.U.S. Government Agency Paid $1M to Data Extortion Group KairosFBI: TeamPCP Compromised Dev Tools to Steal Cloud CredentialsPegasus Used Against MEP Investigating Pegasus, Citizen Lab FindsJADEPUFFER: First End-to-End AI-Driven Ransomware OperationThe Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel IncidentLaw enforcememt operation disrupted Malicious Residential Proxy Networks NetNutGovernment and Healthcare Are the Weakest Links in Global Email SecurityEurope Confirms Record €4.1B Penalty Against Google for Android PracticesU.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog430,000 FortiGate Devices Exposed in FortiBleed Ransomware LinkAdobe fixed multiple maximum-severity flaws in ColdFusion and Campaign ClassicAlleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime ChargesOracle E-Business Suite Flaw Under Active Attack, 950 Systems ExposedAzure CLI Targeted in LSHIY Password Spray Campaign Across 64 OrgsCISA Warns BlueHammer Flaw Is Now Exploited in Ransomware AttacksRustDuck: The Botnet That’s Still Small but Engineering Like It Plans to GrowGuardFall Flaw Hits 10 of 11 Popular Open-Source AI AgentsXSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’tU.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalogHackers Steal Data of 4.38 Million Aflac Japan CustomersApple Fixes WebKit Flaws in iOS and macOS, With Help From AI ToolsAttackers actively exploit the Oracle E-Business Suite flaw CVE-2026-46817WhatsApp Usernames Are Coming. You Can Reserve Yours Right NowU.S. Targets Russian Cyber Spies With $10M Bounty Over Messaging App AttacksStegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two YearsSSU and FBI Uncover Russian Cyber Espionage Operation Against Officials and Military PersonnelKDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPsInternational Press – NewsletterCybercrimeBlackfield ransomware asks Nidec Corporation for $2 million ransomXSS forum: from DaMaGeLaB to the 2025 takedown   No (Bad) CAP: Inside an Ongoing LSHIY Password Spray Attack Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States SOCRadar Links FortiBleed Campaign to INC and Lynx Ransomware OperationsFBI Seizes NetNut Proxy Platform, Popa Botnet From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks       Cyber Criminal Group TeamPCP  MalwareHijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer  Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain  Chromium extension uses AI‑related branding to redirect browser search  Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique      HackingOracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the WildCVE-2026-48558: SimpleHelp Authentication Bypass Indicators of Compromise   GuardFall: a universal shell injection vulnerability in open-source AI agents  Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain VectorHidden LLM Backdoors Could Detonate At Massive Scale Intelligence and Information Warfare  Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging CredentialsUNC5792 – RewardMustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECONPolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source EcosystemsEspionage Against the European Parliament         Lazarus-Linked npm Malware Masquerades as Rollup PolyfillsCybersecurityIt’s time to reserve your WhatsApp usernameMassive breach spills credentials for thousands of sensitive networks  Over 900 Oracle E-Business instances exposed to ongoing attacks Google Android: the Court of Justice upholds Google’s fine of around €4.1 billion Which industry & country has the worst email security? An analysis of 5,800+ domains for SPF, DMARC, DKIM & MTA-STS protocolsChina Has Matched Anthropic in Cybersecurity, Resetting AI Race      Google’s Continued Disruption of Malicious Residential Proxy Networks Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic saysFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)