MUST READ

Ransomware Operators Keep Business Hours. The Data Proves It

 | 

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

 | 

CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

 | 

U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

 | 

The Pentagon Finally Admits That Location Data Is a Battlefield Problem

 | 

CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

 | 

Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

 | 

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

 | 

Botnet of 17 Million Devices Dismantled in the Netherlands

 | 

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

 | 

DIL Observatory: when the World Escalates, the Underground Responds

 | 

Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.

 | 

BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone

 | 

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

 | 

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

 | 

Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

 | 

U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog

 | 

A Fake UK Visa Site Left 100,000 Passports Wide Open

 | 

Artificial Intelligence

Pierluigi Paganini May 31, 2026
Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers Signal Phishing Campaign Targets Journalists and […]

Pierluigi Paganini May 29, 2026
Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian, […]

Pierluigi Paganini May 26, 2026
Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers

Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have […]

Pierluigi Paganini May 24, 2026
Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

Anthropic said its AI Project Glasswing found over 10,000 serious vulnerabilities in one month, exposing a growing patching gap. Anthropic announced on Friday that Project Glasswing, its defensive cybersecurity initiative built around Claude Mythos Preview, has uncovered more than 10,000 high- or critical-severity vulnerabilities in the month since the program went live. The number is […]

Pierluigi Paganini May 11, 2026
Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

Google says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attackers already use AI to improve vulnerability exploitation and gain initial access to […]

Pierluigi Paganini May 09, 2026
Braintrust security incident raises concerns over AI supply chain risks

Braintrust warned customers to rotate API keys after hackers breached an AWS account, exposing secrets tied to cloud-based AI models. AI observability startup Braintrust warned customers to rotate API keys after attackers gained unauthorized access to one of the company’s AWS accounts, potentially exposing secrets used to connect to cloud-based AI models. The company said […]

Pierluigi Paganini May 08, 2026
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy

The Pentagon is integrating AI into military operations, transforming cybersecurity, targeting, and command systems into a unified warfare architecture. May 2026 marks a turning point in the evolution of modern warfare: the convergence of artificial intelligence, cybersecurity, and conventional military power is no longer theoretical. It is becoming an operational reality. The Pentagon has signed […]

Pierluigi Paganini May 06, 2026
Malicious PyTorch Lightning update hits AI supply chain security

A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library exposed developers to credential theft and remote compromise. Attackers uploaded version 2.6.3 to the Python Package Index (PyPI), where it spread among developers before maintainers removed […]

Pierluigi Paganini May 04, 2026
AI speeds flaw discovery, forcing rapid updates, UK NCSC warns

The UK cyber agency NCSC warns AI is speeding up vulnerability discovery, likely causing a “patch wave” of urgent software updates to fix exposed flaws. The UK’s National Cyber Security Centre (NCSC) warns that AI is rapidly accelerating the discovery of software vulnerabilities, increasing the risk of large-scale exploitation. CTO Ollie Whitehouse says skilled attackers […]

Pierluigi Paganini May 04, 2026
Bluekit phishing kit enables automated phishing with 40+ templates and AI tools

Bluekit is a new phishing kit with AI features, automated domain setup, and tools like spoofing, voice cloning, and 40+ attack templates. Bluekit is a newly discovered phishing kit still in development that includes advanced features such as an AI assistant and automated domain registration. According to Varonis, it offers over 40 website templates along […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ransomware Operators Keep Business Hours. The Data Proves It

Cyber Crime / June 01, 2026

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

Hacking / June 01, 2026

CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

Security / June 01, 2026

U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

Security / June 01, 2026

The Pentagon Finally Admits That Location Data Is a Battlefield Problem

Cyber warfare / June 01, 2026