Hackers Turn AWS Buckets into LastPass Phishing Lures to Steal Vault Credentials
Executive Summary An ongoing phishing campaign is impersonating LastPass and abusing Amazon S3–hosted URLs as the first redirect hop to…
Security
Cisco Unified CM and Webex Security Alert: Active Zero-Day CVE-2026-20045 Fixed
Cisco has recently issued security updates to fix a critical vulnerability impacting several Unified Communications Manager (CM) products and Webex…
Internet Voting is Too Insecure for Use in Elections
No matter how many times we say it, the idea comes back again and again. Hopefully, this letter will hold…
Could ChatGPT Convince You to Buy Something?
Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s…
AI-Powered Surveillance in Schools
It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against…
Unmasking UAT-8837: The Zero-Day Exploit That Could Ruin Your Year
Executive Summary A sophisticated China-linked threat actor, identified as UAT-8837, has been observed exploiting a critical zero-day vulnerability in the…
Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme…
GootLoader uses malformed ZIP files to bypass security controls
GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware…
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs…
Weekly Update 487
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…