MUST READ

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

 | 

Instructure settles with hackers following massive student data theft

 | 

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

 | 

Hackers accessed BWH Hotels reservation system for months

 | 

The world's most "Dangerous" AI, Anthropic’s Mythos, found only one flaw in curl

 | 

Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor

 | 

WannaCry, the ransomware attack that changed the history of cybersecurity

 | 

Android banking Trojan TrickMo evolves using TON network for C2

 | 

Identity security firm SailPoint discloses GitHub repository breach

 | 

Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

 | 

Crimenetwork returns after takedown, dismantled again by German authorities

 | 

U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog

 | 

Instagram removed end-to-end encryption for DMs. What should users do?

 | 

New cPanel vulnerabilities could allow file access and remote code execution

 | 

Official JDownloader site served malware to Windows and Linux users between May 6 and May 7

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96

 | 

Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence

 | 

Braintrust security incident raises concerns over AI supply chain risks

 | 

RansomHouse says it breached Trellix and exposes internal systems

 | 

Cyberattacks on Poland's Water Plants: A Blueprint for Hybrid Warfare

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 95

Pierluigi Paganini May 03, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet 

73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations  

An alarm clock you can’t ignore: How CapFix attacks Russian organizations

LofyStealer: Malware targeting Minecraft players  

Claude adds malware to crypto agent 

Deep#Door Stealer: Stealthy Python Backdoor and Credential Stealer Leveraging Tunneling, Multi-Layer Persistence, and In-Memory Surveillance Capabilities

Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw  

8.3M Downloads Compromised: Lightning & Intercom-Client Infected in Latest Shai-Hulud Attack

TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages    

Static Attribution of Android Residential Proxy Malware Using Graph Kernels

Towards Quantum Optimised Malware Containment

SeqShield: A Behavioral Analysis Approach to Uncover Rootkits

Evolving IoT Botnet Threats and Practical Honeypot Observation: A Summary Review and Experimental Study

Beyond Pattern Matching: A Cognitive-Driven Framework for DGA Detection via Dual-Perspective Anomaly Perception 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime Hacking hacking news information security news IT Information Security malware Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini May 13, 2026
Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations
Read more
Pierluigi Paganini May 13, 2026
Instructure settles with hackers following massive student data theft
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

Security / May 13, 2026

Instructure settles with hackers following massive student data theft

Cyber Crime / May 13, 2026

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

Security / May 13, 2026

Hackers accessed BWH Hotels reservation system for months

Data Breach / May 12, 2026

The world's most "Dangerous" AI, Anthropic’s Mythos, found only one flaw in curl

Hacking / May 12, 2026