Tag: Security Affairs

Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, released in January 2026. Anthropic discovered 22 security vulnerabilities in Firefox using its Claude Opus 4.6…

Read more →

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx UI, tracked as CVE-2026-27944 (CVSS score of 9.8), allows attackers to download and decrypt full…

Read more →

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distributing the BoryptGrab information stealer through more than 100 GitHub repositories. BoryptGrab is designed to…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer a human problem!   StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy…

Read more →

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI…

Read more →

The Federal Bureau of Investigation (FBI) is probing suspicious activity on an internal system containing sensitive surveillance and investigation data. The FBI is investigating suspicious cyber activity affecting an internal system that stores sensitive data tied to surveillance operations and…

Read more →

White House released President Trump’s Cyber Strategy for America, framing cyberspace as a strategic domain to project power and counter growing cyber threats The White House has released “President Trump’s Cyber Strategy for America,” a document that outlines how the…

Read more →

Researchers observed Iran-linked actors targeting IP cameras across Israel and Gulf countries, likely to support military intelligence and battle damage assessment. According to the Check Point Cyber Security Report 2026, cyber operations are increasingly used to support military activity and…

Read more →

Iran-linked APT MuddyWater targeted U.S. organizations, deploying the new Dindoor backdoor across sectors including banks, airports, and nonprofits. Broadcom’s Symantec Threat Hunter Team uncovered a campaign by the Iran-linked MuddyWater  (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) APT group targeting several U.S. organizations.…

Read more →

Cisco warns that two recently patched Catalyst SD-WAN flaws, CVE-2026-20128 and CVE-2026-20122, are already being actively exploited in the wild. Cisco warned customers that threat actors are actively exploiting two recently patched Catalyst SD-WAN vulnerabilities, CVE-2026-20128 and CVE-2026-20122. The networking…

Read more →

Microsoft warns of ClickFix campaign using Windows Terminal to deliver Lumma Stealer via social engineering attacks. Microsoft revealed a new ClickFix campaign where attackers exploit Windows Terminal to run a complex attack chain, ultimately deploying Lumma Stealer malware. The campaign…

Read more →

A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the…

Read more →

Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While…

Read more →

Russian national Evgenii Ptitsyn (43) pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Russian national Evgenii Ptitsyn pleaded guilty in the US to wire fraud conspiracy for his role in the Phobos ransomware scheme. The…

Read more →

Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign linked to Russia that targets Ukrainian organizations using two new malware families, BadPaw and MeowMeow. The…

Read more →

The Federal Bureau of Investigation seized the LeakBase cybercrime forum in an international crackdown led by Europol. The Federal Bureau of Investigation seized the LeakBase cybercrime forum (leakbase[.]la), a platform used to trade hacking tools and stolen data. The action…

Read more →

Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 13–17.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also…

Read more →

Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls. Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall…

Read more →

Security teams want lower MTTR, but flaws persist. How to use automation vs. orchestration to reduce risk effectively? Almost all security teams want to reduce their Mean Time to Remediate (MTTR). And for good reason: research from 2024 found that…

Read more →