MUST READ

VVS Stealer, a new python malware steals Discord credentials

 | 

Resecurity Caught ShinyHunters in Honeypot

 | 

What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

 | 

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

President Trump blocks $2.9M Emcore chip sale over security concerns

 | 

French authorities investigate AI ‘undressing’ deepfakes on X

 | 

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

 | 

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

 | 

Covenant Health data breach after ransomware attack impacted over 478,000 people

 | 

Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails

 | 

IBM warns of critical API Connect bug enabling remote access

 | 

Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen

 | 

React2Shell under attack: RondoDox Botnet spreads miners and malware

 | 

ESA disclosed a data breach, hackers breached external servers

 | 

Singapore CSA warns of maximun severity SmarterMail RCE flaw

 | 

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

 | 

Coupang announces $1.17B compensation plan for 33.7M data breach victims

 | 

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

 | 

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

 | 

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini January 04, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

French authorities investigate AI ‘undressing’ deepfakes on X
Thousands of ColdFusion exploit attempts spotted during Christmas holiday
Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case
Covenant Health data breach after ransomware attack impacted over 478,000 people
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
IBM warns of critical API Connect bug enabling remote access
Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen
React2Shell under attack: RondoDox Botnet spreads miners and malware
ESA disclosed a data breach, hackers breached external servers
Singapore CSA warns of maximun severity SmarterMail RCE flaw
MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs
Coupang announces $1.17B compensation plan for 33.7M data breach victims
Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver
Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
Romania’s Oltenia Energy Complex suffers major ransomware attack
Korean Air discloses data breach after the hack of its catering and duty-free supplier
MongoBleed flaw actively exploited in attacks in the wild
Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor
Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk
Stolen LastPass backups enable crypto theft through 2025

International Press – Newsletter

Cybercrime

Hacker Leaks 2.3M Wired.com Records, Claims 40M-User Condé Nast Breach 

Foreign hackers who distributed virtual asset embezzlement malwareNew recruits secured through Interpol warrants,extradited to Korea and arrested  

Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware 

Bitfinex crypto thief who was serving five years thanks Trump for early release

Malware

Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations  

EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps Through Domestic Government and Enterprise Entities  

GlassWorm Goes Mac: Fresh Infrastructure, New Tricks  

RondoDoX Botnet Weaponizes React2Shell  

Hacking

MongoBleed (CVE-2025-14847): MongoDB Memory Leak Flaw  

MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know  

Trust Wallet Browser Extension v2.68 Incident: An Update to Our Community  

Phishing Campaign Leverages Trusted Google Cloud Automation Capabilities to Evade Detection  

New ErrTraffic service enables ClickFix attacks via fake browser glitches

ColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamity  

The Anatomy of a React2Shell Compromise  

Intelligence and Information Warfare

Evasive Panda APT poisons DNS requests to deliver MgBot

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor  

Silver Fox Targeting India Using Tax Themed Phishing Lures  

DarkSpectre: Unmasking the Threat Actor Behind 8.8 Million Infected Browsers  

You’ve been targeted by government spyware. Now what?

Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill  

APT36 : Multi-Stage LNK Malware Campaign Targeting Indian Government Entities  

Cybersecurity

December 27 Advisory: MongoBleed – Critical MongoDB Uninitialized Memory Disclosure Vulnerability [CVE-2025-14847]

Data breach at Korean Air leaks 30,000 employee records     

Coupang to Issue $1.17 Billion in Vouchers Over Data Breach  

European Space Agency confirms breach following leak of internal data  

Non Proliferation and Iran-related Designations; Cyber-related and Russia-related Designations Removals  

France to investigate deepfakes of women stripped naked by Grok 

REGARDING THE ACQUISITION OF CERTAIN ASSETS OF EMCORE CORPORATION BY HIEFO CORPORATION  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini January 05, 2026
VVS Stealer, a new python malware steals Discord credentials
Read more
Pierluigi Paganini January 05, 2026
Sedgwick discloses data breach after TridentLocker ransomware attack
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

VVS Stealer, a new python malware steals Discord credentials

Malware / January 05, 2026

Resecurity Caught ShinyHunters in Honeypot

Security / January 04, 2026

What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?

Intelligence / January 04, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

Malware / January 04, 2026

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / January 04, 2026