MUST READ

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Canadian Tire 2025 data breach impacts 38 million users

 | 

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

12 Million exposed .env files reveal widespread security failures

 | 

ManoMano data breach impacted 38 Million customer accounts

 | 

Trend Micro fixes two critical flaws in Apex One

 | 

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

 | 

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

 | 

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

 | 

Untrusted repositories turn Claude code into an attack vector

 | 

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

 | 

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

 | 

Lazarus APT group deployed Medusa Ransomware against Middle East target

 | 

SolarWinds patches four critical Serv-U flaws enabling root access

 | 

VMware Aria Operations flaws could enable remote attacks

 | 

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini March 01, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Canadian Tire 2025 data breach impacts 38 million users
Iran ’s Internet near-totally blacked out amid US, Israeli strikes
Microsoft warns of RAT delivered through trojanized gaming utilities
Aeternum botnet hides commands in Polygon smart contracts
iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification
Juniper issues emergency patch for critical PTX router RCE
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently
12 Million exposed .env files reveal widespread security failures
ManoMano data breach impacted 38 Million customer accounts
Trend Micro fixes two critical flaws in Apex One
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog
Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
Untrusted repositories turn Claude code into an attack vector
Critical Zyxel router flaw exposed devices to remote attacks
ShinyHunters cyberattack on CarGurus impacts 12.4 Million users
Former U.S. Defense contractor executive sentenced for selling zero-day exploits to Russian broker Operation Zero
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog
Lazarus APT group deployed Medusa Ransomware against Middle East target
SolarWinds patches four critical Serv-U flaws enabling root access
VMware Aria Operations flaws could enable remote attacks
Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign
Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration
Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen
Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth
Romanian hacker pleads guilty to selling access to Oregon state networks
CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products
AI-powered campaign compromises 600 FortiGate systems worldwide
Anthropic unveils Claude Code Security to detect and fix code bugs
Luxury hotel stays for just €0.01. Spanish police arrest hacker

International Press – Newsletter

Cybercrime

The National Police arrest a young man for cyberattacking a payment gateway and making reservations at luxury hotels for one cent 

AI-augmented threat actor accesses FortiGate devices at scale  

Romanian National Pleads Guilty to Selling Access to Networks of Oregon State Government Office and Other U.S. Victims  

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA 

Former General Manager for U.S. Defense Contractor Sentenced to 87 Months for Selling Stolen Trade Secrets to Russian Broker  

Olympique Marseille confirms ‘attempted’ cyberattack after data leak

Malware

Arkanix Stealer: a C++ & Python infostealer  

New Malicious npm Package “ambar-src” Targets Developers with Open Source Malware 

New Dohdoor malware campaign targets education and health care

Exploring Aeternum C2: a new botnet that lives on the blockchain  

Hacking

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)

Active exploitation of Cisco Catalyst SD-WAN by UAT-8616

datapizza-ai, Yet Another Vulnerable AI Framework     

Caught in the Hook: RCE and API Token Exfiltration Through Claude Code   

Check Point Researchers Expose Critical Claude Code Flaws 

Large Reasoning Models Are Autonomous Jailbreak Agents

Millions of Publicly Exposed .env Files Put Internet Services at Risk: A Mysterium VPN Research     

MalTool: Malicious Tool Attacks on LLM Agents

Intelligence and Information Warfare

Cellebrite cut off Serbia citing abuse of its phone unlocking tools. Why not others?

Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns      

Operation Olalampo: Inside MuddyWater’s Latest Campaign  

Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure  

North Korean Lazarus Group Now Working With Medusa Ransomware  

Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools  

Mercenary Akula Hits Ukraine-Supporting Financial Institution

Ukraine says cyberattacks on energy grid now used to guide missile strikes     

Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign

APT37 Adds New Capabilities for Air-Gapped Networks  

Cybersecurity

Making frontier cybersecurity capabilities available to defenders  

CERT EU – Cyber Threat Intelligence Framework  

FBI agents visited my home about an article I wrote, and now I can’t go to Mexico  

European DYI chain ManoMano data breach impacts 38 million customers  

Exclusive: US orders diplomats to fight data sovereignty initiatives 

CrowdStrike says attackers are moving through networks in under 30 minutes  

Apple iPhone and iPad Cleared for Classified NATO Use  

Canadian Tire Corporation E-Commerce Data Incident  

Anthropic refuses Pentagon’s demand in AI safeguards dispute  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini February 28, 2026
Canadian Tire 2025 data breach impacts 38 million users
Read more
Pierluigi Paganini February 28, 2026
Iran ’s Internet near-totally blacked out amid US, Israeli strikes
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

Security / March 01, 2026

Canadian Tire 2025 data breach impacts 38 million users

Data Breach / February 28, 2026

Microsoft warns of RAT delivered through trojanized gaming utilities

Malware / February 28, 2026

Aeternum botnet hides commands in Polygon smart contracts

Mobile / February 27, 2026

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

Security / February 27, 2026