A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fintech firm Figure disclosed data breach after employee phishing attack U.S. CISA adds a flaw in […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Fintech firm Figure disclosed data breach after employee phishing attack

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Suspected Russian hackers deploy CANFAIL malware against Ukraine

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

Odido confirms massive breach; 6.2 Million customers impacted

ApolloMD data breach impacts 626,540 people

LummaStealer activity spikes post-law enforcement disruption

Apple fixed first actively exploited zero-day in 2026

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

Volvo Group hit in massive Conduent data breach

Reynolds ransomware uses BYOVD to disable security before encryption

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

ZeroDayRAT spyware grants attackers total access to mobile devices

Senegal shuts National ID office after ransomware attack

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

China-linked APT UNC3886 targets Singapore telcos

Critical Fortinet FortiClientEMS flaw allows remote code execution

BeyondTrust fixes critical pre-auth bug allowing remote code execution

European Commission probes cyberattack on mobile device management system

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Romania’s national oil pipeline firm Conpet reports cyberattack

Flickr moves to contain data exposure, warns users of phishing

DKnife toolkit abuses routers to spy and deliver malware since 2019

International Press – Newsletter

Cybercrime

Romanian oil pipeline operator Conpet discloses cyberattack    

Flickr Security Incident Tied to Third-Party Email System  

Senegal’s File Automation Directorate Hit by Cyberattack, Hackers Claim 139TB Data Breach  

Odido warns of data breach: millions of customer data stolen in cyber attack

BADIIS to the Bone: New Insights to a Global SEO Poisoning Campaign 

Malware

Threat Alert: TeamPCP, An Emerging Force in the Cloud Native and Ransomware Landscape  

Reynolds: Defense Evasion Capability Embedded in Ransomware Payload  

AgreeToSteal: The First Malicious Outlook Add-In Leads to 4,000 Stolen Credentials  

Fake recruiter campaign targets crypto devs

Hacking

Active Exploitation of SolarWinds Web Help Desk  

CVE-2026-1731: Pre-Auth RCE in BeyondTrust Remote Support & PRA  

Hacker Conversations: Professional Hacker Douglas Day  

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Reconnaissance Has Begun for the New BeyondTrust RCE (CVE-2026-1731): Here’s What We See So Far  

2026-01-14: The Day the telnet Died  

Intelligence and Information Warfare

Largest Multi-Agency Cyber Operation Mounted to Counter Threat Posed by Advanced Persistent Threat (APT) Actor UNC3886 to Singapore’s Telecommunications Sector  

Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data

Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT 

Russia’s hybrid attacks throughout Europe are becoming more dangerous  

UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering

North Korean IT workers are secretly employed in Norwegian companies 

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use       

New threat actor, UAT-9921, leverages VoidLink framework in campaigns

Beyond the Battlefield: Threats to the Defense Industrial Base     

Fake recruiter campaign targets crypto devs  

Cybersecurity

Commission responds to cyber-attack on its central mobile infrastructure 

The February 2026 Security Update Review  

Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed  

Hacker linked to Epstein removed from Black Hat cyber conference website

Fintech lending giant Figure confirms data breach 

Weaponising AI: The New Cyber Attack Surface  

Russia tries to block WhatsApp, Telegram in communication blockade

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/187996/security/security-affairs-newsletter-round-563-by-pierluigi-paganini-international-edition.html