Sunday, May 10, 2026

Daily News

Random posts

Daily News

Random posts

Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION

loknath160574@gmail.com03 mins


Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini
May 10, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Coordinated Takedown of Scam Centers Leads to at Least 276 Arrests; Alleged Managers and Recruiters Charged in San Diego  

Vimeo data breach exposes personal information of 119,000 people

Member of Prolific Russian Ransomware Group Sentenced to Prison  

Romanian National Appears in Federal Court Following Extradition from Romania on Bank Fraud Charges Stemming From “Vishing” Scheme  

AI Firm Braintrust Prompts API Key Rotation After Data Breach

Malware

CloudZ RAT potentially steals OTP messages using Pheno plugin  

xlabs_v1 DDoS-for-Hire IoT Botnet Exposed:  One Operator Error. An Entire Operation Revealed   

Darktrace Malware Analysis: Jenkins Honeypot Reveals Emerging Botnet Targeting Online Games  

TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook  

Fake call logs, real payments: How CallPhantom tricks Android users

Hacking

The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)  

Meet Bluekit: The AI-Powered All-in-One Phishing Kit  

South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940)

Information about the Copy Fail vulnerability, which allows attackers to gain root access on virtually any modern Linux distribution    

The TSIG That Wasn’t: Finding an Authentication Bypass Across CoreDNS Transports  

Student Arrested in Taiwan for using SDR and Handheld Radios to Halt Four High Speed Trains with TETRA Hack  

TrustFall: coding agent security flaw enables one-click RCE in Claude, Cursor, Gemini CLI and GitHub Copilot  

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Dirty Frag: Universal Linux LPE 

ClaudeBleed: A Flaw In Claude’s Browser Extension Allows Any Extension to Hijack It 

Load-Bearing Assumptions — the rxrpc case (CVE-2026-43500) and the constraint that was never there  

Intelligence and Information Warfare

Army turns to ‘hackathons’ to better connect dozens of weapons, systems 

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack  

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution  

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants  

Welcome to the GRU University, Where Moscow Turns Students into Spies and Hackers  

Cybersecurity

Preparing for a ‘vulnerability patch wave’      

Email threat landscape: Q1 2026 trends and insights  

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise  

India orders infosec red alert in case Mythos sparks crime spree

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware

Google Chrome ‘silently’ downloads 4GB AI model to your device without permission, report claims — researcher says practice may violate EU law, waste thousands of kilowatts of energy  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News