Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION
June 28, 2026 
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
The Broker Behind FortiBleed: Anatomy of a Russian-Speaking Access Operation
Security News This Week: Hackers Claim to Leak Stolen Madison Square Garden Data
Scaling cybercrime disruption through innovation and AI
Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks
Third Defendant Sentenced To Prison For Hacking Fantasy Sports And Betting Website
ACE, UEFA, UC3 and Mexican Authorities Disrupt Major PirloTV-Linked Sports Piracy Ring Serving Latin America
India’s Tata Electronics hit by cyber breach claiming to expose Apple, Tesla trade secrets
Polymarket to Refund Users After Hackers Steal $3M in Frontend Attack
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Malware
More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers
A VBScript campaign distributed through WhatsApp deploying RMM software
Prinz Eugen ransomware: a deep dive into a new Go-based encryptor
Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker
Miasma Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem
Hacking
Introducing usbliter8
Squidbleed (CVE-2026-47729) Heartbleed’s ancient cousin, hiding in Squid since 1997
PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channels
DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps
When Defenses Become Attack Surface: CVE-2026-20971, a Samsung Kernel UAF
Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager
AISLE Discovers 6 New CVEs in curl, Including the Oldest Issue Ever Reported
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak
Elite network says it was hacked after members’ personal data was left exposed
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503)
Intelligence and Information Warfare
Claude Fable 5 Resurfaces in Android App as NSA Breach Testimony Reshapes Ban
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
Five Eyes cyber security agencies statement The AI shift in cyber risk: why leaders must act now
Weaponized AI: Inside The Criminal Ecosystem Fueling The Fifth Wave of Cybercrime
macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
Russia Breaks Into Human Rights Activist’s Phone With Cellebrite
CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
Russian Intelligence Services Continue to Target Commercial Messaging Applications
Cybersecurity
Deutsche Bahn halts trains nationwide amid IT meltdown
How to Disappear From the Internet in 7 Days
The quantum threat: Navigating cryptographic risks in a new computing era
Dozens of America’s largest companies have no simple way to report security flaws
Xsolis Data Breach Affects 1.4 Million Individuals
‘Wake-up call’: Europe reacts to Anthropic halting access to its Fable 5 and Mythos 5 AI models
Meta Pauses Employee-Tracking Program Following Internal Data Leak
State of SDLC Security 2026
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
