MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88

 | 

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Starbucks data breach impacts 889 employees

 | 

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

 | 

Interpol - Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide

 | 

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers targeted Poland’s National Centre for Nuclear Research

 | 

US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

 | 

AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns

 | 

Google fixed two new actively exploited flaws in the Chrome browser

 | 

Beyond File Servers: Securing Unstructured Data in the Era of AI

 | 

Apple issues emergency fixes for Coruna flaws in older iOS versions

 | 

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

 | 

ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance

 | 

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog

 | 

Bell Ambulance data breach impacted over 238,000 people

 | 

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

 | 

BeatBanker malware targets Android users with banking Trojan and crypto miner

 | 

Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX

 | 

KadNap bot compromises 14,000+ devices to route malicious traffic

 | 

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini March 15, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Starbucks data breach impacts 889 employees
Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins
Interpol – Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide
U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog
Hackers targeted Poland’s National Centre for Nuclear Research
US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
Google fixed two new actively exploited flaws in the Chrome browser
Beyond File Servers: Securing Unstructured Data in the Era of AI
Apple issues emergency fixes for Coruna flaws in older iOS versions
Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites
ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance
U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog
Bell Ambulance data breach impacted over 238,000 people
Pro-Palestinian hacktivist group Handala targets Stryker in global disruption
BeatBanker malware targets Android users with banking Trojan and crypto miner
Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX
KadNap bot compromises 14,000+ devices to route malicious traffic
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs
Attackers exploit FortiGate devices to access sensitive network information
APT28 conducts long-term espionage on Ukrainian forces using custom malware
Threat actors use custom AuraInspector to harvest data from Salesforce systems
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog
Ericsson US confirms breach after third-party provider attack
Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
FBI alert: scammers target zoning permit applicants
Russia-linked hackers target Signal, WhatsApp of officials globally
Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients
Anthropic Claude Opus AI model discovers 22 Firefox bugs
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Massive GitHub malware operation spreads BoryptGrab stealer

International Press – Newsletter

Cybercrime

Criminals Impersonating City and County Officials in Phishing Emails for Planning and Zoning Permits   

Inside Tycoon 2FA: Disrupting a Global Phishing Operation  

Global Scam Machines: Inside a Meta-Powered Investment Fraud Ecosystem Spanning 25 Countries 

Authorities Dismantle Global Malicious Proxy Service that Deployed Malware and Defrauded Thousands of U.S. Persons, Businesses, and Financial Institutions of Millions of Dollars in Losses

Europol and international partners disrupt ‘SocksEscort’ proxy service      

45,000 malicious IP addresses taken down in international cyber operation  

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft  

The FBI is investigating malware hidden inside games hosted on Steam  

Malware

New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript 

VOID#GEIST: Stealthy MultiStage Python Loader with Embedded Runtime Deployment, Startup Persistence, and Fileless Early Bird APC Injection into explorer.exe  

A Slopoly start to AI-enhanced ransomware attacks  

VENON: The First Brazilian Banker RAT in Rust  

Hacking

FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise   

Unauthenticated Backup Download with Encryption Key Disclosure 

Partnering with Mozilla to improve Firefox’s security  

Protecting Your Data: Essential Actions to Secure Experience Cloud Guest User Access  

Abusing .arpa: The TLD That Isn’t Supposed to Host Anything  

400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin  

Intelligence and Information Warfare

APT36: A Nightmare of Vibeware  

Russia targets Signal and WhatsApp accounts in cyber campaign  

Sednit reloaded: Back in the trenches  

Salt Typhoon is hacking the world’s phone and internet giants — here’s everywhere that’s been hit  

Stryker cyber attack: Thousands of Irish unable to work as hackers cripple global systems  

Poland says foiled cyberattack on nuclear centre may have come from Iran  

The contest of will between Trump and Iran 

Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia   

Cybersecurity

Hardening Firefox with Anthropic’s Red Team

Cloud Threat Horizons Report  

The March 2026 Security Update Review  

ENISA Technical Advisory for Secure Use of Package Managers

Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command  

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs

you might also like

Pierluigi Paganini March 15, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88
Read more
Pierluigi Paganini March 14, 2026
Starbucks data breach impacts 889 employees
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88

Breaking News / March 15, 2026

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / March 15, 2026

Starbucks data breach impacts 889 employees

Security / March 14, 2026

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

Cyber Crime / March 14, 2026

Interpol - Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide

Cyber Crime / March 14, 2026