A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WorldLeaks ransomware group breached the City of Los Angels PolyShell flaw exposes Magento and Adobe Commerce […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

WorldLeaks ransomware group breached the City of Los Angels

PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks

7,500+ Magento sites defaced in global hacking campaign

Navia data breach impacts nearly 2.7 Million people

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

DarkSword emerges as powerful iOS exploit tool in global attacks

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

Russia establishes Vienna as key western spy hub targeting NATO

U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Tracking the Iran War: A Month of Escalation and Regional Impact

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

CL-STA-1087 targets military capabilities since 2020

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

Attack on Stryker’s Microsoft environment wiped employee devices without malware

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

FBI launches inquiry into Steam games spreading malware

Former Germany’s foreign intelligence VP hit in Signal account takeover campaign

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Unprivileged users could exploit AppArmor bugs to gain root access

Payload Ransomware claims the hack of Royal Bahrain Hospital

International Press – Newsletter

Cybercrime

Seeking Victim Information in Steam Malware Investigation  

Casting a Wider Net: ClickFix, Deno, and LeakNet’s Scaling Threat

INTERPOL report warns of increasingly sophisticated global financial fraud threat  

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls  

Authorities disrupt world’s largest IoT DDoS botnets responsible for record breaking attacks targeting victims worldwide

He Built the Definitive Epstein Database—and It Consumed His Life     

Malware

New Payload ransomware – malware analysis  

AI Coding Tools Under Fire: Mapping the Malvertising Campaigns Targeting the Vibe Coding Ecosystem  

RondoDox Botnet: From Zero to 174 Exploited Vulnerabilities  

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors  

Hacking

ChatGPT as a Covert C2 Channel  

CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root  

Evil evolution: ClickFix and macOS infostealers  

ForceMemo: Hundreds of GitHub Python Repos Compromised via Account Takeover and Force-Push  

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root      

Vulnerability advisory: Pre-Auth Remote Code Execution via Buffer Overflow in telnetd LINEMODE SLC Handler

Attackers Wielding DarkSword Threaten iOS Users    

Large-Scale Magento Defacement Campaign Impacts Global Brands and Government Domains

Magento PolyShell: unrestricted file upload in Magento and Adobe Commerce     

Intelligence and Information Warfare

Cyberattack against former BND vice president  

Spies and subsidies: China joins Brazil’s $20bn delivery app war  

DRILLAPP: new backdoor targeting Ukrainian entities with possible links to Laundry Bear  

Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia  

Russia Turns Vienna Into West’s Biggest Spy Hub – Tracking NATO Communications 

Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency 

“StravaLeaks”: The aircraft carrier “Charles de Gaulle” located in real time by “Le Monde” thanks to the sports app

FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack  

Cybersecurity

Google VRPs in Review – 2025  

Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

Stryker attack wiped tens of thousands of devices, no malware needed 

Email blunder exposes $90bn Russian oil smuggling ring  

Cyber-attacks against the EU and its member states: Council sanctions three entities and two individuals  

Robotic Surgery Giant Intuitive Discloses Cyberattack 

Health plan information for over 2.6 million stolen from third-party admin Navia

Update iOS to protect your iPhone from web attacks

Meta on trial over child safety: can it really protect its next generation of users?      

Jaguar Land Rover’s cyber bailout sets worrying precedent, watchdog warns

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/189765/breaking-news/security-affairs-newsletter-round-568-by-pierluigi-paganini-international-edition.html