A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Starbucks data breach impacts 889 employees

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

Interpol – Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

Hackers targeted Poland’s National Centre for Nuclear Research

US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns

Google fixed two new actively exploited flaws in the Chrome browser

Beyond File Servers: Securing Unstructured Data in the Era of AI

Apple issues emergency fixes for Coruna flaws in older iOS versions

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog

Bell Ambulance data breach impacted over 238,000 people

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

BeatBanker malware targets Android users with banking Trojan and crypto miner

Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX

KadNap bot compromises 14,000+ devices to route malicious traffic

Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs

Attackers exploit FortiGate devices to access sensitive network information

APT28 conducts long-term espionage on Ukrainian forces using custom malware

Threat actors use custom AuraInspector to harvest data from Salesforce systems

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

Ericsson US confirms breach after third-party provider attack

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

FBI alert: scammers target zoning permit applicants

Russia-linked hackers target Signal, WhatsApp of officials globally

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

Anthropic Claude Opus AI model discovers 22 Firefox bugs

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Massive GitHub malware operation spreads BoryptGrab stealer

International Press – Newsletter

Cybercrime

Criminals Impersonating City and County Officials in Phishing Emails for Planning and Zoning Permits   

Inside Tycoon 2FA: Disrupting a Global Phishing Operation  

Global Scam Machines: Inside a Meta-Powered Investment Fraud Ecosystem Spanning 25 Countries 

Authorities Dismantle Global Malicious Proxy Service that Deployed Malware and Defrauded Thousands of U.S. Persons, Businesses, and Financial Institutions of Millions of Dollars in Losses

Europol and international partners disrupt ‘SocksEscort’ proxy service      

45,000 malicious IP addresses taken down in international cyber operation  

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft  

The FBI is investigating malware hidden inside games hosted on Steam  

Malware

New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript 

VOID#GEIST: Stealthy MultiStage Python Loader with Embedded Runtime Deployment, Startup Persistence, and Fileless Early Bird APC Injection into explorer.exe  

A Slopoly start to AI-enhanced ransomware attacks  

VENON: The First Brazilian Banker RAT in Rust  

Hacking

FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise   

Unauthenticated Backup Download with Encryption Key Disclosure 

Partnering with Mozilla to improve Firefox’s security  

Protecting Your Data: Essential Actions to Secure Experience Cloud Guest User Access  

Abusing .arpa: The TLD That Isn’t Supposed to Host Anything  

400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin  

Intelligence and Information Warfare

APT36: A Nightmare of Vibeware  

Russia targets Signal and WhatsApp accounts in cyber campaign  

Sednit reloaded: Back in the trenches  

Salt Typhoon is hacking the world’s phone and internet giants — here’s everywhere that’s been hit  

Stryker cyber attack: Thousands of Irish unable to work as hackers cripple global systems  

Poland says foiled cyberattack on nuclear centre may have come from Iran  

The contest of will between Trump and Iran 

Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia   

Cybersecurity

Hardening Firefox with Anthropic’s Red Team

Cloud Threat Horizons Report  

The March 2026 Security Update Review  

ENISA Technical Advisory for Secure Use of Package Managers

Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command  

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/189451/breaking-news/security-affairs-newsletter-round-567-by-pierluigi-paganini-international-edition.html