A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Inside GentleKiller: The EDR-Killer Powering The GentlemenFortiBleed Exposes Global Credential-Spraying OperationCISA Warns of Active Exploitation Following FortiBleed Leak14,971 WordPress Sites Cleaned in Global SocGholish TakedownU.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by SundayPeter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail24 Billion Stolen Credentials Exposed in Massive Data LeakTor-Based Clipper Malware Targets Wallet Seed PhrasesCisco fixed a critical ISE vulnerability that lets attackers to gain root accessF5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code ExecutionMicrosoft Confirms RoguePlanet Zero-Day in Defender, Patch Under DevelopmentFortiBleed Exposes Admin Passwords for 75,000 Fortinet FirewallsDragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two MonthsU.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalogNew Rokarolla Android Trojan Targets 217 Banking and Crypto AppsEdTech Faces a Cybersecurity Crisis: Data Breaches SurgeFulcrumSec Targets Novo Nordisk, Leaks Clinical and Research DataChina-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit HintsiRhythm Hit by Cyberattack, Patient Data Stolen and Ransom DemandedFortinet Warned as Three Critical FortiSandbox Bugs Come Under AttackCVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted ExploitationU.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalogChina-linked actor spent two years inside medical research networksAustralian Sugar Producer Mackay Sugar Reports Cyber IncidentNovo Nordisk Confirms Data Theft: What Attackers Took and What They Didn’tPalo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS FlawSupply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDNInfostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s RiseUkrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware SchemeInternational Press – NewsletterCybercrimeThe Gentlemen ransomware: 483 victims and a leaked playbook iRhythm Confirms Data Stolen in HackWho Runs the Ransomware Group ‘The Gentlemen?’Novo Nordisk hit by FulcrumSec: the stealer logs saw it coming FTC Data Show People Reported Losing $3.5 Billion to Imposter Scams in 2025‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm International law enforcement initiate hunt on malware group SocGholish Killing me gently: Inside Gentlemen’s EDR killer framework MalwareOptinMonster supply chain attack hits 1.2 million sites Rokarolla : Android Banker with Complete Device Takeover Capabilities WordPress PBN Plugin Drops Dual Webshells via Database Injection Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk Crypto Clipper uses Tor and worm-like propagation for persistence and control Sayonara, SocGholish: Operation Endgame Disrupts Major Cybercrime Operation HackingThreat Brief: Active Exploitation of PAN-OS CVE-2026-0257 CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege EscalationA Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale FortiBleed — 75k Fortinet firewalls have admin passwords cracked Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went OfflineSocGholish Compromised WordPress Sites Special Report1.16 billion attacks: how the FortiBleed crew broke FortiGate Intelligence and Information WarfarePublic and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense ResearchAnalysis of APT37 NarwhalRAT Leveraging MS-Themed Phishing and Dead-drop C2Don’t Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency FishMonger’s arsenal upgraded: SprySOCKS for Windows White House’s export limits on Anthropic linked to concerns about Chinese access Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ SocietyFrench president urges US to share cutting-edge AI and democracies to cooperate on regulation CybersecurityIT security incident at Novo NordiskMaine closes data breach portal to the public after fake reportsHow we’re combatting AI scams with security, legislation and more UK to ban social media access for children under 16We Audited the Same Codebase with Claude Opus 4.8 and MiniMax M3 24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you? CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)