A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching.

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog

Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

Fortinet patched a new critical FortiSandbox flaw

JDY Botnet Evolves After KV Takedown, Targets Military Networks

21,786 Home Cameras, No Password, No Warning

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

France’s Government Messaging App Tchap Got Breached

Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

Miasma Worm Compromises 73 Microsoft GitHub Repositories

Google fixes the fifth actively exploited Chrome zero-day of 2026

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits

Meta Accuses NSO of Violating WhatsApp Court Injunction

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

IoT Botnet C0XMO Adds Competitor-Killing Capability

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

International Press – Newsletter

Cybercrime

Facebook Phishing Email Campaign: How Attackers Are Weaponizing Meta Business Manager Partner Requests  

Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms  

Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)  

A data leak has reportedly affected the government messaging service Tchap, exposing over 643,000 messages  

ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit  

Ukrainian National Pleads Guilty to Wire Fraud Conspiracy in Connection with Conti Ransomware  

Malware

IronWorm: Shai-Hulud’s rustier cousin

Using AI Agents to Analyze Malware on REMnux  

The Miasma worm’s path of destruction 

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave  

Inside-Onyxc2-The-New-Stealer-Targeting-210-Apps

Hacking

Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin 

How a USB-connected speaker can infect a PC without ever being touched  

Reproducing CVE-2026-23111: How one character can change everything

Off By !: Exploiting a Use-after-Free in the Linux Kernel    

The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds  

Google patches new Chrome zero-day flaw exploited in the wild

Will AI Kill the Bug Bounty Industry?

Nightmare Eclipse – RoguePlanet 

GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan 

Max severity Ivanti Sentry vulnerability now exploited in attacks  

Intelligence and Information Warfare

VerdantBamboo: Just Another BRICKSTORM in the Firewall  

Hackers pose as women seeking romance to spy on Russian soldiers

Russia upgrades rules for its digital spy system to better track citizens online

Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open  

Expanded JDY IoT and SOHO botnet enables rapid vulnerability exploitation

Hackers pose as women seeking romance to spy on Russian soldiers 

OceanLotus: From external espionage to domestic targeting  

Cyber Intel Brief: Handala Claims Breach of California Water Service  

Cybersecurity

ESET APT Activity Report Q4 2025–Q1 2026  

AI tools becoming hot commodities on ransomware marketplaces

Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report  

Fighting Spyware: An Update From WhatsApp  

The June 2026 Security Update Review  

Nearly 22,000 Live Cameras With No Login Required: A Mysterium VPN Research

He Blew the Whistle on DOGE. Then His Brakes Were Cut      

Anthropic to disable its most advanced AI models after US order limiting foreign access

Statement on the US government directive to suspend access to Fable 5 and Mythos 5      

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/193600/security/security-affairs-newsletter-round-581-by-pierluigi-paganini-international-edition.html