Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini
July 05, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Blackfield ransomware asks Nidec Corporation for $2 million ransom

XSS forum: from DaMaGeLaB to the 2025 takedown   

No (Bad) CAP: Inside an Ongoing LSHIY Password Spray Attack 

Alleged Member of Criminal Cyber Hacking Group “Scattered Spider” Arrested in Finland and Extradited to the United States 

SOCRadar Links FortiBleed Campaign to INC and Lynx Ransomware Operations

FBI Seizes NetNut Proxy Platform, Popa Botnet 

From CitrixBleed 2 to Cloudflared: The Tools and Techniques Behind Anubis Ransomware Attacks       

Cyber Criminal Group TeamPCP  

Malware

Hijacked npm Packages Use Novel VSCode Autorun and Blockchain Dead Drops to Deploy a Credential/Crypto Stealer  

Inside StegoAd: How a Threat Actor Evolved to Fuel Silent Ad Fraud and Credential Theft at Scale 

A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain  

Chromium extension uses AI‑related branding to redirect browser search  

Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique      

Hacking

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

CVE-2026-48558: SimpleHelp Authentication Bypass Indicators of Compromise   

GuardFall: a universal shell injection vulnerability in open-source AI agents  

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector

Hidden LLM Backdoors Could Detonate At Massive Scale 

Intelligence and Information Warfare  

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

UNC5792 – Reward

Mustang Panda targets India’s government and energy sectors with ZOHOMURK and MINIRECON

PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems

Espionage Against the European Parliament         

Lazarus-Linked npm Malware Masquerades as Rollup Polyfills

Cybersecurity

It’s time to reserve your WhatsApp username

Massive breach spills credentials for thousands of sensitive networks  

Over 900 Oracle E-Business instances exposed to ongoing attacks 

Google Android: the Court of Justice upholds Google’s fine of around €4.1 billion 

Which industry & country has the worst email security? An analysis of 5,800+ domains for SPF, DMARC, DKIM & MTA-STS protocols

China Has Matched Anthropic in Cybersecurity, Resetting AI Race      

Google’s Continued Disruption of Malicious Residential Proxy Networks 

Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)



Leave a Reply