Pierluigi Paganini
February 02, 2026
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Nike Probes Potential Breach After Threat From Hacking Group
Crunchbase Confirms Data Breach After Hacking Claims
ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft
Who Operates the Badbox 2.0 Botnet?
Retro Phishing: Basic Auth URLs Make a Comeback in Japan
Notorious Russia-based RAMP cybercrime forum apparently seized by FBI
Co-Creator of Dark Web Marketplace Pleads Guilty in Chicago to Drug Conspiracy
Former Google Engineer Found Guilty Of Economic Espionage And Theft Of Confidential AI Technology
Malware
Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload Delivery
Malicious Chrome Extension Performs Hidden Affiliate Hijacking
Re-Evaluating Android Malware Detection: Tabular Features, Vision Models, and Ensembles
Hacking
Hands-Free Lockpicking: Critical Vulnerabilities in dormakaba’s Physical Access Control System
Microsoft patches actively exploited Office zero-day vulnerability
Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint
Over 6,000 SmarterMail servers exposed to automated hijacking attacks
PackageGate: 6 Zero-Days in JS Package Managers But NPM Won’t Act
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue
Intelligence and Information Warfare
KONNI Adopts AI to Generate PowerShell Backdoors
Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign
Inside a Multi-Stage Windows Malware Campaign
Operation DupeHike : UNG0902 targets Russian employees with DUPERUNNER and AdaptixC2
WhatsApp’s Latest Privacy Protection: Strict Account Settings
PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
Space Capabilities to Support Military Operations in the European Theatre
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088
Why a gradual move away from US tech is a good idea
ELECTRUM: Cyber Attack on Poland’s Electric System 2025
Energy Sector Incident Report – 29 December 2025
Dissecting UAT-8099: New persistence mechanisms and regional focus
Cybersecurity
Defending the 2026 Milano Cortina Winter Games
AI-Powered Disinformation Swarms Are Coming for Democracy
No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network
Informant told FBI that Jeffrey Epstein had a ‘personal hacker’
US Has Investigated Claims WhatsApp Chats Aren’t Private
Thousands more Oregon residents learn their health data was stolen in TriZetto breach
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
