A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages Hospitality Sector Hit by […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages

Hospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails

DirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to Root

Chinese APT CL-STA-1062 Expands Attacks on Southeast Asian Critical Infrastructure With Custom Malware

Activist Phone Hacked With Cellebrite After Russia Contract Cancellation

U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst

Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet

Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure

Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months

Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame

Why Frontier AI makes prioritization the most important part of your CTEM program

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog

FortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog

One Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why

Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild

DifyTap: Four Bugs Put over 1 million AI Apps at Risk

Xsolis Data Breach Impacts 1.4 Million People

ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

usbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices

International Press – Newsletter

Cybercrime

The Broker Behind FortiBleed: Anatomy of a Russian-Speaking Access Operation  

Security News This Week: Hackers Claim to Leak Stolen Madison Square Garden Data 

Scaling cybercrime disruption through innovation and AI

Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks

Third Defendant Sentenced To Prison For Hacking Fantasy Sports And Betting Website    

ACE, UEFA, UC3 and Mexican Authorities Disrupt Major PirloTV-Linked Sports Piracy Ring Serving Latin America

India’s Tata Electronics hit by cyber breach claiming to expose Apple, Tesla trade secrets     

Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack      

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access  

Malware

More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers  

A VBScript campaign distributed through WhatsApp deploying RMM software 

Prinz Eugen ransomware: a deep dive into a new Go-based encryptor

Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker  

Miasma Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem  

Hacking

Introducing usbliter8 

Squidbleed (CVE-2026-47729) Heartbleed’s ancient cousin, hiding in Squid since 1997  

PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channels  

DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps  

When Defenses Become Attack Surface: CVE-2026-20971, a Samsung Kernel UAF  

Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager   

AISLE Discovers 6 New CVEs in curl, Including the Oldest Issue Ever Reported 

A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak  

Elite network says it was hacked after members’ personal data was left exposed  

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503)  

Intelligence and Information Warfare  

Claude Fable 5 Resurfaces in Android App as NSA Breach Testimony Reshapes Ban  

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

Five Eyes cyber security agencies statement The AI shift in cyber risk: why leaders must act now   

Weaponized AI: Inside The Criminal Ecosystem Fueling The Fifth Wave of Cybercrime  

macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox  

Russia Breaks Into Human Rights Activist’s Phone With Cellebrite 

CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure

Russian Intelligence Services Continue to Target Commercial Messaging Applications  

Cybersecurity

Deutsche Bahn halts trains nationwide amid IT meltdown

How to Disappear From the Internet in 7 Days 

The quantum threat: Navigating cryptographic risks in a new computing era

Dozens of America’s largest companies have no simple way to report security flaws      

Xsolis Data Breach Affects 1.4 Million Individuals  

‘Wake-up call’: Europe reacts to Anthropic halting access to its Fable 5 and Mythos 5 AI models  

Meta Pauses Employee-Tracking Program Following Internal Data Leak 

State of SDLC Security 2026 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/194372/security/security-affairs-newsletter-round-583-by-pierluigi-paganini-international-edition.html