A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog Over 400,000 […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network

12-year-old Pack2TheRoot bug lets Linux users gain root privileges

Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner

Checkmarx supply chain attack impacts Bitwarden npm distribution path

China-linked threat actors use consumer device botnets to evade detection, warn UK and partners

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

Microsoft Graph API misused by new GoGra Linux malware for hidden communication

DDoS wave continues as Mastodon hit after Bluesky incident

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

Venezuela energy sector targeted by highly destructive Lotus wiper

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

North Korea’s Lazarus APT stole $290M from Kelp DAO

The US NSA is using Anthropic’s Claude Mythos despite supply chain risk

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

France’s ANTS ID System website hit by cyberattack, possible data breach

Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Third-party AI hack triggers Vercel breach, internal environments accessed

AI Model Claude Opus turns bugs into exploits for just $2,283

Cyber attacks fuel surge in cargo theft across logistics industry

International Press – Newsletter

Cybercrime

Beyond the breach: inside a cargo theft actor’s post-compromise playbook 

British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency

Cyberattack at French identity document agency may have exposed personal data  

Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims  

Teen arrested in Northern Ireland over cyberattack on school network 

Inside RAMP: What a leaked database reveals about Russia’s ransomware marketplace 

The National Police dismantles the largest online illicit distribution platform for manga in Spanish in Almeria  

Extortion in the Enterprise: Defending Against BlackFile Attacks  

Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft  

Malware

The iPhone — invincible no more: a look at DarkSword and Coruna  

FIRESTARTER Backdoor  

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware  

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained  

Is Shai-Hulud Back? Compromised Bitwarden CLI Contains a Self-Propagating npm Worm  

Hacking

A Deep Dive Into Attempted Exploitation of CVE-2023-33538  

Bluesky Disrupted by Sophisticated DDoS Attack  

Our evaluation of Claude Mythos Preview’s cyber capabilities  

Exploiting Serial-to-Ethernet Converters in Critical Infrastructure  

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

CVE-2026-33626: How attackers exploited LMDeploy LLM Inference Engines in 12 hours  

Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability  

Intelligence and Information Warfare

Hacked hospitals, hidden spyware: Iran conflict shows how digital fight is ingrained in warfare  

Scoop: NSA using Anthropic’s Mythos despite blacklist  

Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics

Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor  

GopherWhisper: A burrow full of malware 

Defending against China-nexus covert networks of compromised devices  

President of German parliament hit by Signal hack, report says 

UAT-4356’s Targeting of Cisco Firepower Devices 

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

Cybersecurity

Eliminating Your Attack Surface Is the Best Defense Against Vulnerabilities Discovered by Anthropic’s Mythos Model 

Vercel April 2026 security incident  

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats  

ENISA Cybersecurity Market Analysis Framework (ECSMAF) – V3.0  

Microsoft Vibing — capturing screenshots and voice samples without governance  

SANS Critical Advisory: BugBusters – AI Vulnerability Discovery Hype vs. Reality  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/191305/breaking-news/security-affairs-newsletter-round-574-by-pierluigi-paganini-international-edition.html