A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover A ransomware attack disrupted operations at South Korean conglomerate Kyowon Central Maine Healthcare data breach impacted over 145,000…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover A ransomware attack disrupted operations at South Korean conglomerate Kyowon Central Maine Healthcare data breach impacted over 145,000 patients Palo Alto Networks addressed a GlobalProtect flaw, PoC exists Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers China bans U.S. and Israeli cybersecurity software over security concerns CERT-UA reports PLUGGYAPE cyberattacks on defense forces Fortinet fixed two critical flaws in FortiFone and FortiSIEM U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day AZ Monica hospital in Belgium shuts down servers after cyberattack Threat actor claims the theft of full customer data from Spanish energy firm Endesa Dutch court convicts hacker who exploited port networks for drug trafficking U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog Meta fixes Instagram password reset flaw, denies data breach Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations The ideals of Aaron Swartz in an age of control International Press – Newsletter Cybercrime 34 arrests in Spain during action against the ‘Black Axe’ criminal organisation Scaling the Fraud Economy: Pig Butchering as a Service Spanish Energy Company Endesa Hacked Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years Belgian hospital AZ Monica shuts down servers after cyberattack Cyberattack at Kyowon exposes over 9 million user accounts to possible breach: Sources Microsoft disrupts global cybercrime subscription service responsible for millions in fraud losses How your entire identity could be sold for £30 on the dark web Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader Malware SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide Keeping the Kimwolf at bay: putting a leash on a massive DDoS Botnet Planned failure: Gootloader’s malformed ZIP actually works perfectly Hacking Gogs 0-Day Exploited in the Wild n8mare on auth street: supply chain attack targets n8n ecosystem Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware A single click mounted a covert, multistage attack against Copilot Intelligence and Information Warfare GRU-Linked BlueDelta Evolves Credential Harvesting What’s Happening in Iran? “Untrustworthy Fund”: targeted UAC-0190 cyberattacks against SOU using PLUGGYAPE (CERT-UA#19092) Exclusive: Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say LOTUSLITE: Targeted espionage leveraging geopolitical themes Cybersecurity Cloudflare defies Italy’s Piracy Shield, won’t block websites on 1.1.1.1 DNS Grok AI still being used to digitally undress women and children despite suspension pledge The January 2026 Security Update Review OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans Germany turns to Israel for a ‘cyber dome’ amid rising threats Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)