A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate […] A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employeesStorm-2561 lures victims to spoofed VPN sites to harvest corporate loginsInterpol – Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwideU.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalogHackers targeted Poland’s National Centre for Nuclear ResearchUS and European authorities disrupt socksEscort proxy service tied to AVrecon botnetAI-assisted Slopoly malware powers Hive0163’s ransomware campaignsGoogle fixed two new actively exploited flaws in the Chrome browserBeyond File Servers: Securing Unstructured Data in the Era of AIApple issues emergency fixes for Coruna flaws in older iOS versionsCritical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sitesENISA Technical Advisory on Secure Package Managers: Essential DevSecOps GuidanceU.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalogBell Ambulance data breach impacted over 238,000 peoplePro-Palestinian hacktivist group Handala targets Stryker in global disruptionBeatBanker malware targets Android users with banking Trojan and crypto minerHewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CXKadNap bot compromises 14,000+ devices to route malicious trafficMicrosoft Patch Tuesday security updates for March 2026 fixed 84 bugsAttackers exploit FortiGate devices to access sensitive network informationAPT28 conducts long-term espionage on Ukrainian forces using custom malwareThreat actors use custom AuraInspector to harvest data from Salesforce systemsU.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalogEricsson US confirms breach after third-party provider attackLaw enforcement disrupted Tycoon 2FA phishing-as-a-service platformFBI alert: scammers target zoning permit applicantsRussia-linked hackers target Signal, WhatsApp of officials globallyCognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patientsAnthropic Claude Opus AI model discovers 22 Firefox bugsCritical Nginx UI flaw CVE-2026-27944 exposes server backupsMassive GitHub malware operation spreads BoryptGrab stealer International Press Newsletter Cybercrime Criminals Impersonating City and County Officials in Phishing Emails for Planning and Zoning Permits Inside Tycoon 2FA: Disrupting a Global Phishing Operation Global Scam Machines: Inside a Meta-Powered Investment Fraud Ecosystem Spanning 25 Countries Authorities Dismantle Global Malicious Proxy Service that Deployed Malware and Defrauded Thousands of U.S. Persons, Businesses, and Financial Institutions of Millions of Dollars in Losses Europol and international partners disrupt ‘SocksEscort’ proxy service 45,000 malicious IP addresses taken down in international cyber operation Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft The FBI is investigating malware hidden inside games hosted on Steam Malware New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript VOID#GEIST: Stealthy MultiStage Python Loader with Embedded Runtime Deployment, Startup Persistence, and Fileless Early Bird APC Injection into explorer.exe A Slopoly start to AI-enhanced ransomware attacks VENON: The First Brazilian Banker RAT in Rust Hacking FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise Unauthenticated Backup Download with Encryption Key Disclosure Partnering with Mozilla to improve Firefox’s security Protecting Your Data: Essential Actions to Secure Experience Cloud Guest User Access Abusing .arpa: The TLD That Isn’t Supposed to Host Anything 400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin Intelligence and Information Warfare APT36: A Nightmare of Vibeware Russia targets Signal and WhatsApp accounts in cyber campaign Sednit reloaded: Back in the trenches Salt Typhoon is hacking the world’s phone and internet giants here’s everywhere that’s been hit Stryker cyber attack: Thousands of Irish unable to work as hackers cripple global systems Poland says foiled cyberattack on nuclear centre may have come from Iran The contest of will between Trump and Iran Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia Cybersecurity Hardening Firefox with Anthropic’s Red Team Cloud Threat Horizons Report The March 2026 Security Update Review ENISA Technical Advisory for Secure Use of Package Managers Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2026-03-15T13:27:33