National Cyber Warfare Foundation (NCWF)

Security Affairs newsletter Round 584 by Pierluigi Paganini INTERNATIONAL EDITION


0 user ratings
2026-07-05 05:13:32
milo
Blue Team (CND)
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Government Agency Paid $1M to Data Extortion Group Kairos FBI: TeamPCP Compromised Dev Tools to […


A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.





Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.





U.S. Government Agency Paid $1M to Data Extortion Group Kairos
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation
The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident
Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut
Government and Healthcare Are the Weakest Links in Global Email Security
Europe Confirms Record €4.1B Penalty Against Google for Android Practices
U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog
430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link
Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic
Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges
Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed
Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs
CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks
RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow
GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents
XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t
U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
Hackers Steal Data of 4.38 Million Aflac Japan Customers
Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools
Attackers actively exploit the Oracle E-Business Suite flaw CVE-2026-46817
WhatsApp Usernames Are Coming. You Can Reserve Yours Right Now
U.S. Targets Russian Cyber Spies With $10M Bounty Over Messaging App Attacks
StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years
SSU and FBI Uncover Russian Cyber Espionage Operation Against Officials and Military Personnel
KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs




International Press – Newsletter





Cybercrime





Blackfield ransomware asks Nidec Corporation for $2 million ransom





XSS forum: from DaMaGeLaB to the 2025 takedown   





No (Bad) CAP: Inside an Ongoing LSHIY Password Spray Attack 





Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States 





SOCRadar Links FortiBleed Campaign to INC and Lynx Ransomware Operations





FBI Seizes NetNut Proxy Platform, Popa Botnet 





From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks       





Cyber Criminal Group TeamPCP  





Malware





Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer  





Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale 





A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain  





Chromium extension uses AI‑related branding to redirect browser search  





Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique      





Hacking





Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild





CVE-2026-48558: SimpleHelp Authentication Bypass Indicators of Compromise   





GuardFall: a universal shell injection vulnerability in open-source AI agents  





Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector





Hidden LLM Backdoors Could Detonate At Massive Scale 





Intelligence and Information Warfare  





Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials





UNC5792 – Reward





Mustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECON





PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems





Espionage Against the European Parliament         





Lazarus-Linked npm Malware Masquerades as Rollup Polyfills





Cybersecurity





It’s time to reserve your WhatsApp username





Massive breach spills credentials for thousands of sensitive networks  





Over 900 Oracle E-Business instances exposed to ongoing attacks 





Google Android: the Court of Justice upholds Google’s fine of around €4.1 billion 





Which industry & country has the worst email security? An analysis of 5,800+ domains for SPF, DMARC, DKIM & MTA-STS protocols





China Has Matched Anthropic in Cybersecurity, Resetting AI Race      





Google’s Continued Disruption of Malicious Residential Proxy Networks 





Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says





Follow me on Twitter: @securityaffairs and Facebook and Mastodon





Pierluigi Paganini





(SecurityAffairs – hacking, newsletter)



Source: SecurityAffairs
Source Link: https://securityaffairs.com/194772/security/security-affairs-newsletter-round-584-by-pierluigi-paganini-international-edition.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.