Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION
March 15, 2026 
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Criminals Impersonating City and County Officials in Phishing Emails for Planning and Zoning Permits
Inside Tycoon 2FA: Disrupting a Global Phishing Operation
Global Scam Machines: Inside a Meta-Powered Investment Fraud Ecosystem Spanning 25 Countries
Authorities Dismantle Global Malicious Proxy Service that Deployed Malware and Defrauded Thousands of U.S. Persons, Businesses, and Financial Institutions of Millions of Dollars in Losses
Europol and international partners disrupt ‘SocksEscort’ proxy service
45,000 malicious IP addresses taken down in international cyber operation
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
The FBI is investigating malware hidden inside games hosted on Steam
Malware
New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages
Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript
VOID#GEIST: Stealthy MultiStage Python Loader with Embedded Runtime Deployment, Startup Persistence, and Fileless Early Bird APC Injection into explorer.exe
A Slopoly start to AI-enhanced ransomware attacks
VENON: The First Brazilian Banker RAT in Rust
Hacking
FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise
Unauthenticated Backup Download with Encryption Key Disclosure
Partnering with Mozilla to improve Firefox’s security
Protecting Your Data: Essential Actions to Secure Experience Cloud Guest User Access
Abusing .arpa: The TLD That Isn’t Supposed to Host Anything
400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin
Intelligence and Information Warfare
APT36: A Nightmare of Vibeware
Russia targets Signal and WhatsApp accounts in cyber campaign
Sednit reloaded: Back in the trenches
Salt Typhoon is hacking the world’s phone and internet giants — here’s everywhere that’s been hit
Stryker cyber attack: Thousands of Irish unable to work as hackers cripple global systems
Poland says foiled cyberattack on nuclear centre may have come from Iran
The contest of will between Trump and Iran
Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia
Cybersecurity
Hardening Firefox with Anthropic’s Red Team
Cloud Threat Horizons Report
The March 2026 Security Update Review
ENISA Technical Advisory for Secure Use of Package Managers
Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
