MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

 | 

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Anthropic's Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

 | 

U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

 | 

CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

 | 

Why pure extortion is replacing traditional ransomware

 | 

Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

 | 

Authorities arrest 23-year-old accused of running the Kimwolf botnet

 | 

One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

 | 

U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

 | 

Global law enforcement operation takes First VPN offline

 | 

Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

 | 

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

 | 

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

 | 

Discord adds end-to-end encryption to voice and video calls by default

 | 

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

 | 

Microsoft issues YellowKey mitigation, no patch yet

 | 

Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free 

 | 

A malicious VS code extension just breached GitHub 's internal repositories

 | 

DirtyDecrypt: PoC Released for yet another Linux flaw

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Pierluigi Paganini May 24, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Popular node-ipc npm Package Infected with Credential Stealer 

New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here

Active Supply Chain Attack Compromises @antv Packages on npm

actions-cool/issues-helper GitHub Action Compromised: All Tags Point to Imposter Commit That Exfiltrates CI/CD Credentials 

Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware         

Void Botnet uses Ethereum smart contracts for seizure-resistant C2 

Kash Patel’s clothing brand website shut down after reports it was hacked 

Megalodon: Mass GitHub Repo Backdooring via CI Workflows  

Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES  

Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects  

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox

Detecting Ransomware Through Dynamic API Call Monitoring and Machine Learning

MalwarePT: A Binary-Level Foundation Model for Malware Analysis

Feature-Engineered Trojan Malware Detection on Windows-Based IoT Gateways Using a Custom Deep Neural Network and Automated Monitoring Pipeline

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini May 24, 2026
Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more
Pierluigi Paganini May 24, 2026
Anthropic's Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Malware / May 24, 2026

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

Hacking / May 24, 2026

Anthropic's Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

Artificial Intelligence / May 24, 2026

U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

Uncategorized / May 24, 2026

CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

Security / May 23, 2026