A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
12-year-old Pack2TheRoot bug lets Linux users gain root privileges
Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner
Checkmarx supply chain attack impacts Bitwarden npm distribution path
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
Luxury cosmetics giant Rituals discloses data breach impacting member personal details
iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
DDoS wave continues as Mastodon hit after Bluesky incident
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters
Venezuela energy sector targeted by highly destructive Lotus wiper
Ransomware negotiator caught secretly assisting BlackCat extortion scheme
North Korea’s Lazarus APT stole $290M from Kelp DAO
The US NSA is using Anthropic’s Claude Mythos despite supply chain risk
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
France’s ANTS ID System website hit by cyberattack, possible data breach
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful
Third-party AI hack triggers Vercel breach, internal environments accessed
AI Model Claude Opus turns bugs into exploits for just $2,283
Cyber attacks fuel surge in cargo theft across logistics industry
International Press – Newsletter
Cybercrime
Beyond the breach: inside a cargo theft actor’s post-compromise playbook
British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency
Cyberattack at French identity document agency may have exposed personal data
Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims
Teen arrested in Northern Ireland over cyberattack on school network
Inside RAMP: What a leaked database reveals about Russia’s ransomware marketplace
The National Police dismantles the largest online illicit distribution platform for manga in Spanish in Almeria
Extortion in the Enterprise: Defending Against BlackFile Attacks
Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft
Malware
The iPhone — invincible no more: a look at DarkSword and Coruna
FIRESTARTER Backdoor
Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
Is Shai-Hulud Back? Compromised Bitwarden CLI Contains a Self-Propagating npm Worm
Hacking
A Deep Dive Into Attempted Exploitation of CVE-2023-33538
Bluesky Disrupted by Sophisticated DDoS Attack
Our evaluation of Claude Mythos Preview’s cyber capabilities
Exploiting Serial-to-Ethernet Converters in Critical Infrastructure
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
CVE-2026-33626: How attackers exploited LMDeploy LLM Inference Engines in 12 hours
Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability
Intelligence and Information Warfare
Hacked hospitals, hidden spyware: Iran conflict shows how digital fight is ingrained in warfare
Scoop: NSA using Anthropic’s Mythos despite blacklist
Same packet, different magic: Mustang Panda hits India’s banking sector and Korea geopolitics
Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor
GopherWhisper: A burrow full of malware
Defending against China-nexus covert networks of compromised devices
President of German parliament hit by Signal hack, report says
UAT-4356’s Targeting of Cisco Firepower Devices
Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener
Cybersecurity
Eliminating Your Attack Surface Is the Best Defense Against Vulnerabilities Discovered by Anthropic’s Mythos Model
Vercel April 2026 security incident
Apple Patches iOS Flaw Allowing Recovery of Deleted Chats
ENISA Cybersecurity Market Analysis Framework (ECSMAF) – V3.0
Microsoft Vibing — capturing screenshots and voice samples without governance
SANS Critical Advisory: BugBusters – AI Vulnerability Discovery Hype vs. Reality
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
( SecurityAffairs – hacking, newsletter)
