A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access MessagesHospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint EmailsDirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to RootChinese APT CL-STA-1062 Expands Attacks on Southeast Asian Critical Infrastructure With Custom MalwareActivist Phone Hacked With Cellebrite After Russia Contract CancellationU.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalogThird-Party Breach at Polymarket Leads to $2.94M Crypto TheftmacOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the AnalystTata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and TeslaCurl Fixes a 25-Year-Old Bug in Its Largest CVE Release YetInside Mistic, the New Stealth Backdoor in Ransomware IntrusionsCisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before DisclosureNathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 MonthsEuropol Disrupts StealC and Amadey Malware Infrastructure in Operation EndgameWhy Frontier AI makes prioritization the most important part of your CTEM programU.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalogFortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product CatalogOne Railway Radio Outage Stopped Trains Across Germany and Nobody Knew WhySamsung KNOX Kernel UAF Exposes Millions of Galaxy DevicesCisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the WildDifyTap: Four Bugs Put over 1 million AI Apps at RiskXsolis Data Breach Impacts 1.4 Million PeopleShapedPlugin Supply Chain Attack Backdoors Pro Plugin UpdatesSquidbleed: 29-Year-Old Squid Bug Leaks User Credentials4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malwareusbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 DevicesInternational Press – NewsletterCybercrimeThe Broker Behind FortiBleed: Anatomy of a Russian-Speaking Access Operation Security News This Week: Hackers Claim to Leak Stolen Madison Square Garden Data Scaling cybercrime disruption through innovation and AIGlobal cyber strike disrupts SocGholish, Amadey, and StealC malware networksThird Defendant Sentenced To Prison For Hacking Fantasy Sports And Betting Website ACE, UEFA, UC3 and Mexican Authorities Disrupt Major PirloTV-Linked Sports Piracy Ring Serving Latin AmericaIndia’s Tata Electronics hit by cyber breach claiming to expose Apple, Tesla trade secrets Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access MalwareMore Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers A VBScript campaign distributed through WhatsApp deploying RMM software Prinz Eugen ransomware: a deep dive into a new Go-based encryptorBackdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker Miasma Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem HackingIntroducing usbliter8 Squidbleed (CVE-2026-47729) Heartbleed’s ancient cousin, hiding in Squid since 1997 PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channels DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps When Defenses Become Attack Surface: CVE-2026-20971, a Samsung Kernel UAF Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager AISLE Discovers 6 New CVEs in curl, Including the Oldest Issue Ever Reported A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak Elite network says it was hacked after members’ personal data was left exposed New Linux pedit COW Exploit Enables Root Access by Poisoning Cached BinariesDissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503) Intelligence and Information Warfare Claude Fable 5 Resurfaces in Android App as NSA Breach Testimony Reshapes Ban From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire SleetFive Eyes cyber security agencies statement The AI shift in cyber risk: why leaders must act now Weaponized AI: Inside The Criminal Ecosystem Fueling The Fifth Wave of Cybercrime macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox Russia Breaks Into Human Rights Activist’s Phone With Cellebrite CL-STA-1062 Targets Southeast Asian Governments and Critical InfrastructureRussian Intelligence Services Continue to Target Commercial Messaging Applications CybersecurityDeutsche Bahn halts trains nationwide amid IT meltdownHow to Disappear From the Internet in 7 Days The quantum threat: Navigating cryptographic risks in a new computing eraDozens of America’s largest companies have no simple way to report security flaws Xsolis Data Breach Affects 1.4 Million Individuals ‘Wake-up call’: Europe reacts to Anthropic halting access to its Fable 5 and Mythos 5 AI models Meta Pauses Employee-Tracking Program Following Internal Data Leak State of SDLC Security 2026 Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)