Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini March 29, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

ShinyHunters claims the hack of the European Commission

Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

The European Commission confirmed a cyberattack affecting part of its cloud systems

New AITM phishing wave hijacks TikTok Business accounts

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog

Coruna exploit reveals evolution of Triangulation iOS exploitation framework

Researchers uncover WebRTC skimmer bypassing traditional defenses

Russian authorities arrest alleged LeakBase admin behind stolen data marketplace

Russian national convicted for running botnet used in attacks on U.S. firms

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

Recent Navia data breach impacts HackerOne employee data

FCC targets foreign router imports amid rising cybersecurity concerns

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

Malicious LiteLLM versions linked to TeamPCP supply chain attack

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

QualDerm Partners December 2025 data breach impacts over 3 Million people

Citrix NetScaler critical flaw could leak data, update now

81-month sentence for Russian hacker behind major ransomware campaigns

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

Pro-Iranian Nasir Security is targeting energy companies in the Gulf

44 Aqua Security repositories defaced after Trivy supply chain breach

Iran-linked actors use Telegram as C2 in malware attacks on dissidents

International police Operation Alice take down 373,000 dark web sites exploiting children

Russia-linked actors target WhatsApp and Signal in phishing campaign

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog

International Press – Newsletter

Cybercrime

Global cybercrime crackdown: over 373 000 dark web sites shut down

TeamPCP Defaces Aqua Security’s Internal GitHub Org — 44 Repos Exposed

Google, Meta and Amazon Join Global Pact to Fight Rising Online Scams

Russian Citizen Sentenced to Prison for Hacking into U.S. Companies and Enabling Major Cybercrime Groups to Extort Tens of Millions of Dollars

AstraZeneca Data Breach: What You Need to Know

TeamPCP Isn’t Done: Threat Actor Behind Trivy and KICS Compromises Now Hits LiteLLM’s 95 Million Monthly Downloads on PyPI

Russian cybercriminal sentenced to prison for using a “botnet” to steal millions from American businesses

Irina Volk: Russian Ministry of Internal Affairs officers detained the administrator of a popular hacker forum used to trade in stolen personal data

BreachForums Data Leaks: Technical Analysis and Timeline Attribution (2022–2026)

Cloud Phones: The Invisible Threat

Malware

New Malware Targets Users of Cobra DocGuard Software

Trivy Supply Chain Attack Expands to Compromised Docker Images

VoidStealer: Debugging Chrome to Steal Its Secrets

Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto miners and Infostealers Targeting Enterprise Environments

GlassWorm Hides a RAT Inside a Malicious Chrome Extension

Hacking

CVE-2025-32975: Arctic Wolf Observes Exploitation of Quest KACE Systems Management Appliance

CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read

TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions

Coruna: the framework used in Operation Triangulation

Attackers are now targeting business TikTok accounts using session-stealing phishing kits

Open Sesame: How a Fail-Open Bug in Open VSX’s New Scanner Let Malware Walk Right In

Intelligence and Information Warfare

Russian Intelligence Services Target Commercial Messaging Application Accounts

Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets

Pro-Iranian Nasir Security is Targeting The Energy Sector in the Middle East

StoatWaffle, malware used by WaterPlum

Dutch Finance Ministry probing cyber breach affecting internal systems

Iran built a vast camera network to control dissent. Israel turned it into a targeting tool

Former NSA Chiefs: We’ve All Become ‘Numb’ To Cybersecurity Threats

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

China spies in Belgium against NATO and the EU via fake LinkedIn profiles

Cybersecurity

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Microsoft Exchange Online service change causes email access issues

Countries most at risk from AI-led cyberattacks revealed

Omniscience, Omnipresence, and Omnipotence: Meet the Gods of AI Warfare

FACT SHEET: FCC Updates Covered List to Include Foreign-Made Consumer Routers, Prohibiting Approval of New Models

Kaspersky flags talent gap in UAE supply chain security

National Policy Framework Artificial Intelligence

Commission responds to cyber-attack on its Europa web platform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini March 28, 2026

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini March 23, 2026

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

you might also like

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

International police Operation Alice take down 373,000 dark web sites exploiting children

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

Apple issues urgent lock screen warnings for unpatched iPhones and iPads

ShinyHunters claims the hack of the European Commission

Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account

QUICK LINKS

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

you might also like

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

International police Operation Alice take down 373,000 dark web sites exploiting children

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

Apple issues urgent lock screen warnings for unpatched iPhones and iPads

ShinyHunters claims the hack of the European Commission

Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account

Subscribe to my email list and stay
up-to-date!