MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

 | 

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

 | 

FortiBleed Exposes Global Credential-Spraying Operation

 | 

CISA Warns of Active Exploitation Following FortiBleed Leak

 | 

14,971 WordPress Sites Cleaned in Global SocGholish Takedown

 | 

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday

 | 

Peter Thiel 's Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail

 | 

24 Billion Stolen Credentials Exposed in Massive Data Leak

 | 

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

 | 

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution

 | 

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development

 | 

FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

 | 

DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

 | 

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog

 | 

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

 | 

EdTech Faces a Cybersecurity Crisis: Data Breaches Surge

 | 

FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data

 | 

China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints

 | 

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

 | 

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 21, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Inside GentleKiller: The EDR-Killer Powering The Gentlemen
FortiBleed Exposes Global Credential-Spraying Operation
CISA Warns of Active Exploitation Following FortiBleed Leak
14,971 WordPress Sites Cleaned in Global SocGholish Takedown
U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday
Peter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail
24 Billion Stolen Credentials Exposed in Massive Data Leak
Tor-Based Clipper Malware Targets Wallet Seed Phrases
Cisco fixed a critical ISE vulnerability that lets attackers to gain root access
F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls
DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months
U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps
EdTech Faces a Cybersecurity Crisis: Data Breaches Surge
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
China-linked actor spent two years inside medical research networks
Australian Sugar Producer Mackay Sugar Reports Cyber Incident
Novo Nordisk Confirms Data Theft: What Attackers Took and What They Didn’t
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw
Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN
Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise
Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme

International Press – Newsletter

Cybercrime

The Gentlemen ransomware: 483 victims and a leaked playbook  

iRhythm Confirms Data Stolen in Hack

Who Runs the Ransomware Group ‘The Gentlemen?’

Novo Nordisk hit by FulcrumSec: the stealer logs saw it coming  

FTC Data Show People Reported Losing $3.5 Billion to Imposter Scams in 2025

‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm  

International law enforcement initiate hunt on malware group SocGholish  

Killing me gently: Inside Gentlemen’s EDR killer framework  

Malware

OptinMonster supply chain attack hits 1.2 million sites  

Rokarolla : Android Banker with Complete Device Takeover Capabilities  

WordPress PBN Plugin Drops Dual Webshells via Database Injection     

Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk  

Crypto Clipper uses Tor and worm-like propagation for persistence and control      

Sayonara, SocGholish: Operation Endgame Disrupts Major Cybercrime Operation  

Hacking

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale 

FortiBleed — 75k Fortinet firewalls have admin passwords cracked 

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

SocGholish Compromised WordPress Sites Special Report

1.16 billion attacks: how the FortiBleed crew broke FortiGate  

Intelligence and Information Warfare

Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research

Analysis of APT37 NarwhalRAT Leveraging MS-Themed Phishing and Dead-drop C2

Don’t Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency     

FishMonger’s arsenal upgraded: SprySOCKS for Windows  

White House’s export limits on Anthropic linked to concerns about Chinese access  

Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society

French president urges US to share cutting-edge AI and democracies to cooperate on regulation    

Cybersecurity

IT security incident at Novo Nordisk

Maine closes data breach portal to the public after fake reports

How we’re combatting AI scams with security, legislation and more     

UK to ban social media access for children under 16

We Audited the Same Codebase with Claude Opus 4.8 and MiniMax M3  

24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you? 

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure       

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

you might also like

Pierluigi Paganini June 20, 2026
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
Read more
Pierluigi Paganini June 18, 2026
Tor-Based Clipper Malware Targets Wallet Seed Phrases
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

Security / June 21, 2026

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

Uncategorized / June 21, 2026

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

Uncategorized / June 20, 2026

FortiBleed Exposes Global Credential-Spraying Operation

Hacking / June 20, 2026

CISA Warns of Active Exploitation Following FortiBleed Leak

Hacking / June 20, 2026