More results...
The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that […]
Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the […]
RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to 15,000 daily exploitation attempts in a more focused and strategic campaign, Bitsight reported. “We gathered all these exploit attempts (identifiable by indicators like the User-Agent and […]
The FBI is asking gamers who installed malware-infected Steam games between May 2024 and January 2026 to come forward as part of an ongoing investigation. The FBI is seeking gamers who downloaded Steam games later found to contain malware. According to a notice from the FBI’s Seattle Division, investigators are trying to identify victims who […]
The FBI is asking gamers who installed malware-infected Steam games between May 2024 and January 2026 to come forward as part of an ongoing investigation. The FBI is seeking gamers who downloaded Steam games later found to contain malware. According to a notice from the FBI’s Seattle Division, investigators are trying to identify victims who […]
The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. The Payload Ransomware group claims to have hacked the Royal Bahrain Hospital (RBH) and stolen 110 GB of data. The ransomware gang added the healthcare facility to its Tor data leak site and published the images […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader New A0Backdoor Linked to […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate […]
Starbucks disclosed a breach after phishing attacks on its employee portal led to unauthorized access to Partner Central accounts, exposing staff data. Starbucks reported a data breach affecting hundreds of employees after phishing attacks targeted its Partner Central employee portal. The security breach was detected on February 6, the incident involved unauthorized access to staff […]
Attackers linked to Storm-2561 use SEO-poisoned search results to lure users to fake Ivanti, Cisco, and Fortinet VPN sites that steal corporate login credentials. In mid-January 2026, Microsoft Defender Experts uncovered a credential-theft campaign attributed to Storm-2561. Threat actor is spreading fake enterprise VPN clients impersonating Ivanti, Cisco, and Fortinet software. By poisoning search engine […]