MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85

 | 

Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

 | 

PayPal discloses extended data leak linked to Loan App glitch

 | 

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

 | 

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025

 | 

Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions

 | 

PromptSpy abuses Gemini AI to gain persistent access on Android

 | 

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

 | 

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

 | 

Irish regulator probes X after Grok allegedly generated sexual images of children

 | 

Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports

 | 

French Ministry confirms data access to 1.2 Million bank accounts

 | 

Notepad++ patches flaw used to hijack update system

 | 

VS Code extensions with 125M+ installs expose users to cyberattacks

 | 

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

 | 

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

 | 

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

 | 

SmartLoader hackers clone Oura MCP project to spread StealC malware

 | 

Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini February 22, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog
PayPal discloses extended data leak linked to Loan App glitch
North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.
FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025
Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions
PromptSpy abuses Gemini AI to gain persistent access on Android
Germany’s national rail operator Deutsche Bahn hit by a DDoS attack
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog
CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs
Irish regulator probes X after Grok allegedly generated sexual images of children
Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports
French Ministry confirms data access to 1.2 Million bank accounts
Notepad++ patches flaw used to hijack update system
VS Code extensions with 125M+ installs expose users to cyberattacks
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog
Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign
SmartLoader hackers clone Oura MCP project to spread StealC malware
Polish cybercrime Police arrest man linked to Phobos ransomware operation
Poorly crafted phishing campaign leverages bogus security incident report
South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach
Encrypted RCS messaging support lands in Apple’s iOS 26.4 developer build
Hackers steal OpenClaw configuration in emerging AI agent threat
Hackers sell stolen Eurail traveler information on dark web
A security flaw at DavaIndia Pharmacy allowed attackers to access customers’ data and more
ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached
Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup
Google fixes first actively exploited Chrome zero-day of 2026
Japanese sex toys maker Tenga discloses data breach
Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign

International Press – Newsletter

Cybercrime

Snail mail letters target Trezor and Ledger users in crypto-theft attacks  

Canada Goose investigating as hackers leak 600K customer records 

Fake Incident Report Used in Phishing Campaign

A 47-year-old man associated with the Phobos group was detained by CBZC police officers  

Operation DoppelBrand: Massive Fortune 500 Brand Impersonation Campaign Uncovered  

SmartLoader Clones Oura Ring MCP to Deploy Supply Chain Attack  

Crypto is playing a growing role in human trafficking networks, report shows  

Hacking conference Def Con bans three people linked to Epstein 

Major operation in Africa targeting online scams nets 651 arrests, recovers USD 4.3 million  

Increase in Malware Enabled ATM Jackpotting Incidents Across United States

Inside Southeast Asia’s industrialised fraud factories

Ukrainian National Sentenced in ‘Laptop Farm’ Scheme That Generated Income for North Korean IT Workers      

Malware

Ninja Browser & Lumma Infostealer  

Ghost Tapped: Tracking the Rise of Chinese Tap-to-pay Android Malware  

PromptSpy ushers in the era of Android threats using GenAI  

Android.Phantom Trojans infiltrate smartphones through games and pirated mods of popular apps. They use machine learning and video streams to manipulate clicks    

NFCShare Android Trojan: NFC card data theft via malicious APK 

Hacking

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Hacking a pharmacy to get free prescription drugs and more  

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning 

Four Vulnerabilities Expose a Massive Security Blind Spot in IDE Extensions

Critical Vulnerabilities in Ivanti EPMM Exploited      

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Hacker accessed data from 1.2 million bank accounts, French Economy Ministry says 

Hackers Expose Age-Verification Software Powering Surveillance Web

German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack      

Intelligence and Information Warfare

Starlink restrictions hit Russian forces as Moscow seeks workarounds  

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day  

Journalism under attack: Predator spyware in Angola  

A Chinese hack exposes data of 5,000 Italian counterterrorism officers

the watchers: how openai, the US government, and persona built an identity surveillance machine that files reports on you to the feds 

Cybersecurity

Space emerges as new front in great power competition, officials warn 

Sex Toy Maker Tenga Discloses Customer Data Breach 

Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches

Giving OpenClaw The Keys to Your Kingdom? Read This First

iOS 26.4 beta adds support for testing end-to-end encrypted RCS messaging      

Ireland joins regulator smackdown after X’s Grok AI accused of undressing people

2026 OT Cybersecurity Year in Review  

Data Protection Commission opens investigation into X (XIUC)

Grok floods X with sexualized images of women and children      

Critical infra Honeywell CCTVs vulnerable to auth bypass flaw 

Fake Videos, Real Emotions: Viewers Believe AI-Generated Content Even When It’s Labeled  

Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data

PayPal Confirms Data Breach — Money Stolen, Passwords Reset 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini February 22, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
Read more
Pierluigi Paganini February 21, 2026
U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85

Malware / February 22, 2026

Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / February 22, 2026

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

Security / February 21, 2026

PayPal discloses extended data leak linked to Loan App glitch

Data Breach / February 20, 2026

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

Cyber Crime / February 20, 2026