Pierluigi Paganini
May 24, 2026
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Tycoon 2FA Operators Adopt OAuth Device Code Phishing
201 arrests in first-of-its-kind cybercrime operation in MENA region 18 May 2026
Exposing Fox Tempest: A malware-signing service operation
B1ack’s Stash Releases 4.6 Million Stolen Credit Cards for Free
The App Store stopped over $2.2 billion in potentially fraudulent transactions in 2025
Cybercriminal VPN used by ransomware actors dismantled in global crackdown
Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers
Canadian man arrested by international authorities, charged with administrating KimWolf DDoS botnet
Ransomware ditched encryption in May 2026 — here’s why
Malware
Popular node-ipc npm Package Infected with Credential Stealer
Void Botnet uses Ethereum smart contracts for seizure-resistant C2
Kash Patel’s clothing brand website shut down after reports it was hacked
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
Hacking
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Huawei zero-day attack behind last year’s crash of Luxembourg’s entire telecoms network
DirtyDecrypt: Linux kernel LPE in the RxGK subsystem (CVE-2026-31635) with public PoC
First public macOS kernel memory corruption exploit on Apple M5
PTRACE_MAY_DREAM: CVE-2026-46333, forgotten too soon, full privesc included
Hackers bypass SonicWall VPN MFA due to incomplete patching
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
VPN Exploitation When Patched Doesn’t Mean Protected
Imperva Customers Protected Against CVE-2026-9082 in Drupal Core
Project Glasswing: An initial update
Mythos for Offensive Security: XBOW’s Evaluation
Intelligence and Information Warfare
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
Poland directs officials to ditch Signal in favor of ‘secure’ state-developed alternative
Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems
Cybersecurity
Millions Impacted Across Several US Healthcare Data Breaches
Cybersecurity Will Swallow Digital Policy in the AI Age
Upcoming highly critical release on May 20, 2026 – PSA-2026-05-18
US probes automatic tank gauge system breaches, exposing OT risks across critical infrastructure
Every Voice and Video Call on Discord Is Now End-to-End Encrypted
Customers say Trump Mobile is leaking their personal information
Mozilla warns UK: Breaking VPNs will not magically fix Britain’s age-check mess
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
