A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching. |
| U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog |
| Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That. |
| Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign |
| OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft |
| Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research |
| Fortinet patched a new critical FortiSandbox flaw |
| JDY Botnet Evolves After KV Takedown, Targets Military Networks |
| 21,786 Home Cameras, No Password, No Warning |
| CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release |
| Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088 |
| U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog |
| Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows |
| “AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device |
| France’s Government Messaging App Tchap Got Breached |
| Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs |
| Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers |
| Miasma Worm Compromises 73 Microsoft GitHub Repositories |
| Google fixes the fifth actively exploited Chrome zero-day of 2026 |
| U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog |
| CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits |
| Meta Accuses NSO of Violating WhatsApp Court Injunction |
| Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access |
| UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms |
| Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts |
| IoT Botnet C0XMO Adds Competitor-Killing Capability |
| DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People |
International Press – Newsletter
Facebook Phishing Email Campaign: How Attackers Are Weaponizing Meta Business Manager Partner Requests
Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms
Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)
A data leak has reportedly affected the government messaging service Tchap, exposing over 643,000 messages
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Ukrainian National Pleads Guilty to Wire Fraud Conspiracy in Connection with Conti Ransomware
Malware
IronWorm: Shai-Hulud’s rustier cousin
Using AI Agents to Analyze Malware on REMnux
The Miasma worm’s path of destruction
Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave
Inside-Onyxc2-The-New-Stealer-Targeting-210-Apps
Hacking
Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin
How a USB-connected speaker can infect a PC without ever being touched
Reproducing CVE-2026-23111: How one character can change everything
Off By !: Exploiting a Use-after-Free in the Linux Kernel
The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds
Google patches new Chrome zero-day flaw exploited in the wild
Will AI Kill the Bug Bounty Industry?
Nightmare Eclipse – RoguePlanet
GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan
Max severity Ivanti Sentry vulnerability now exploited in attacks
Intelligence and Information Warfare
VerdantBamboo: Just Another BRICKSTORM in the Firewall
Hackers pose as women seeking romance to spy on Russian soldiers
Russia upgrades rules for its digital spy system to better track citizens online
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
Expanded JDY IoT and SOHO botnet enables rapid vulnerability exploitation
Hackers pose as women seeking romance to spy on Russian soldiers
OceanLotus: From external espionage to domestic targeting
Cyber Intel Brief: Handala Claims Breach of California Water Service
Cybersecurity
ESET APT Activity Report Q4 2025–Q1 2026
AI tools becoming hot commodities on ransomware marketplaces
Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report
Fighting Spyware: An Update From WhatsApp
The June 2026 Security Update Review
Nearly 22,000 Live Cameras With No Login Required: A Mysterium VPN Research
He Blew the Whistle on DOGE. Then His Brakes Were Cut
Anthropic to disable its most advanced AI models after US order limiting foreign access
Statement on the US government directive to suspend access to Fable 5 and Mythos 5
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
