MUST READ

Drupal is rolling out an emergency security update on May 20. You cannot miss it

 | 

Microsoft dismantled malware-signing network Fox Tempest

 | 

Poland shifts away from Signal following cyberattacks on officials’ accounts

 | 

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

 | 

Shai-Hulud worm copycats emerge after source code leak

 | 

Grafana confirms GitHub token breach cybercrime group claims the attack

 | 

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

 | 

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

 | 

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

 | 

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

 | 

Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores

 | 

Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total

 | 

U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

 | 

OpenAI hit by supply chain attack linked to malicious TanStack packages

 | 

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

 | 

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

 | 

Ghostwriter group resumes attacks on Ukrainian Government targets

 | 

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

 | 

Artificial Intelligence

Pierluigi Paganini May 11, 2026
Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

Google says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attackers already use AI to improve vulnerability exploitation and gain initial access to […]

Pierluigi Paganini May 08, 2026
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy

The Pentagon is integrating AI into military operations, transforming cybersecurity, targeting, and command systems into a unified warfare architecture. May 2026 marks a turning point in the evolution of modern warfare: the convergence of artificial intelligence, cybersecurity, and conventional military power is no longer theoretical. It is becoming an operational reality. The Pentagon has signed […]

Pierluigi Paganini May 03, 2026
Google Revamps Bug Bounty Programs: Android Rewards Rise, Chrome Payouts Drop in the Age of AI

Google revamps bug bounties: Android rewards rise to $1.5M, Chrome payouts drop, shifting focus to high-impact, AI-resistant vulnerabilities. Google has announced a major overhaul of its Vulnerability Reward Programs (VRP) for Android and Chrome, marking a strategic shift in how the company approaches cybersecurity. The update comes as artificial intelligence tools are reshaping the field […]

Pierluigi Paganini March 13, 2026
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns

The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor […]

Pierluigi Paganini March 01, 2026
Claude code abused to steal 150GB in cyberattack on Mexican agencies

Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The […]

Pierluigi Paganini February 27, 2026
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

AI accelerates incident response by correlating alerts and generating reports in minutes, helping teams scale beyond manual limits. Incident response has always been a race against the clock. It starts ticking the moment an alert is triggered, and each minute thereafter can lead to lost revenue, regulatory exposure, reputational damage, or customer churn. Traditionally, incident […]

Pierluigi Paganini February 24, 2026
Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign

Arkanix Stealer surfaced in late 2025 as a short-lived info-stealer, likely built as an AI-assisted experiment and quickly abandoned. Arkanix Stealer emerged in late 2025 as a short-lived information-stealing malware promoted on dark web forums. Researchers believe it was likely created as an AI-assisted experiment, suggesting the operators were testing automated development techniques rather than […]

Pierluigi Paganini February 23, 2026
AI-powered campaign compromises 600 FortiGate systems worldwide

A Russian-speaking cybercriminal used commercial generative AI tools to hack over 600 FortiGate devices across 55 countries. Amazon Threat Intelligence reports that a Russian-speaking, financially motivated threat actor used commercial generative AI services to compromise more than 600 FortiGate devices in 55 countries. The activity, observed between January 11 and February 18, 2026, highlights how […]

Pierluigi Paganini February 20, 2026
PromptSpy abuses Gemini AI to gain persistent access on Android

PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Android malware to exploit Google’s Gemini AI to maintain persistence. The malware can capture lockscreen data, block uninstallation attempts, collect device information, take screenshots, and record screen activity […]

Pierluigi Paganini February 19, 2026
Irish regulator probes X after Grok allegedly generated sexual images of children

Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched another investigation into X over Grok’s AI image generator. The probe focuses on reports that the tool created large volumes of non-consensual and sexualized images, including content involving children, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Drupal is rolling out an emergency security update on May 20. You cannot miss it

Security / May 19, 2026

Microsoft dismantled malware-signing network Fox Tempest

Cyber Crime / May 19, 2026

Poland shifts away from Signal following cyberattacks on officials’ accounts

Intelligence / May 19, 2026

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

Cyber Crime / May 19, 2026

Shai-Hulud worm copycats emerge after source code leak

Malware / May 19, 2026