China-Linked groups target Southeast Asian government with advanced malware in 2025
China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-lin...
Security Affairs
20 articles
It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies
A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI ...
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet F...
New macOS Infinity Stealer uses Nuitka Python payload and ClickFix
Infinity Stealer targets macOS via fake Cloudflare CAPTCHA, using Nuitka; first such campaign per Malwarebytes. Researchers at Malwarebytes spotted a new mac...
Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave
Russia-linked TA446 is using the DarkSword iOS exploit kit in targeted phishing campaigns to compromise iPhone users. Russia-linked APT group TA446 (aka SEAB...
Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data
Attackers are actively probing a critical Citrix NetScaler flaw (CVE-2026-3055) that can leak sensitive data via a memory overread issue. A critical vulnerab...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Use...
Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Apple issues urgent lock screen warnings for unpatched iPhones and iPads
Apple is alerting users of outdated iPhones and iPads via lock screen warnings about active web-based exploits, urging immediate software updates. Apple is s...
ShinyHunters claims the hack of the European Commission
The European Commission has allegedly been breached by ShinyHunters, with reported data dumps including content from mail servers. The European Commission ha...
Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account
Iran-linked group Handala claims it hacked FBI Director Kash Patel’s personal email, leaking files. The FBI says no government data was exposed.
U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog
The U.S.
The European Commission confirmed a cyberattack affecting part of its cloud systems
The European Commission confirmed a cyberattack affecting part of its cloud systems, now contained, with no impact on internal networks. On March 24, the Eur...
New AITM phishing wave hijacks TikTok Business accounts
A new AITM phishing campaign targets TikTok Business accounts to hijack them for malvertising, continuing tactics seen in earlier Google-themed scams. Push S...
CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw
CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an advisor...
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog
The U.S.
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked thre...
U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog
The U.S.
Coruna exploit reveals evolution of Triangulation iOS exploitation framework
Kaspersky found Coruna iOS exploits reuse updated code from the 2023 Operation Triangulation attacks, suggesting a possible link. Kaspersky researchers disco...
Researchers uncover WebRTC skimmer bypassing traditional defenses
Researchers found a new skimmer using WebRTC to steal and send payment data, bypassing traditional security controls. Sansec researchers discovered a new pay...