Tag: Security Affairs

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach caused by the compromise of a third-party AI tool, Context.ai, used by one…

Read more →

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can…

Read more →

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and logistics companies, running coordinated remote access campaigns to steal cargo and divert payments. These…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack   Fake Claude site installs malware that gives attackers access to your…

Read more →

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden…

Read more →

Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By…

Read more →

A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link…

Read more →

Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend,…

Read more →

Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the…

Read more →

A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022…

Read more →

Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000…

Read more →

New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to…

Read more →

Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code…

Read more →

A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major…

Read more →

Attackers abuse AI automation platform n8n to run phishing campaigns, deliver malware, and evade security by using trusted infrastructure. Threat actors are exploiting the popular AI workflow automation platform n8n to launch advanced phishing campaigns, deliver malware, and collect device…

Read more →

CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and…

Read more →

Sweden says a pro-Russian group attacked a heating plant in 2025. The failed cyberattack highlights growing threats to Europe’s energy infrastructure. Sweden has blamed a pro-Russian group linked to Russian intelligence for a failed cyberattack on a heating plant in…

Read more →

An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and take full control of Nginx servers. A critical vulnerability in nginx-ui, tracked as CVE-2026-33032 (CVSS score of 9.8), is being actively exploited, allowing attackers to bypass authentication and…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known…

Read more →