Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini
February 02, 2026

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

DOJ releases details alleged talented hacker working for Jeffrey Epstein

Cyberattacks Disrupt Communications at Wind, Solar, and Heat Facilities in Poland

SmarterTools patches critical SmarterMail flaw allowing code execution

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

Empire Market co-founder faces 10 years to life after guilty plea

SolarWinds addressed four critical Web Help Desk flaws

Google targets IPIDEA in crackdown on global residential proxy networks

Nation-state and criminal actors leverage WinRAR flaw in attacks

OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)

PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun

WhatsApp rolls out Strict Account settings to strengthen protection for high-risk users

Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

Amnesia RAT deployed in multi-stage phishing attacks against Russian users

Dormakaba flaws allow to access major organizations’ doors

Emergency Microsoft update fixes in-the-wild Office zero-day

ShinyHunters claims 2 Million Crunchbase records; company confirms breach

Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint

North Korea–linked KONNI uses AI to build stealthy malware tooling

Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

Nike is investigating a possible data breach, after WorldLeaks claims

International Press – Newsletter

Cybercrime

Nike Probes Potential Breach After Threat From Hacking Group

Crunchbase Confirms Data Breach After Hacking Claims

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

Who Operates the Badbox 2.0 Botnet?

Retro Phishing: Basic Auth URLs Make a Comeback in Japan

Chinese Language Money Laundering Networks Emerge as Major Facilitators of the Illicit Crypto Economy, Now Driving 20% of Laundering Activity

Investigation into International “ATM Jackpotting” Scheme and Tren de Aragua results in Additional Indictment and 87 Total Charged Defendants

Notorious Russia-based RAMP cybercrime forum apparently seized by FBI

Co-Creator of Dark Web Marketplace Pleads Guilty in Chicago to Drug Conspiracy

Former Google Engineer Found Guilty Of Economic Espionage And Theft Of Confidential AI Technology

Malware

Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload Delivery

Malicious Chrome Extension Performs Hidden Affiliate Hijacking

CAFE-GB: Scalable and Stable Feature Selection for Malware Detection via Chunk-wise Aggregated Gradient Boosting

Re-Evaluating Android Malware Detection: Tabular Features, Vision Models, and Ensembles

Hacking

Hands-Free Lockpicking: Critical Vulnerabilities in dormakaba’s Physical Access Control System

Microsoft patches actively exploited Office zero-day vulnerability

Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint

Over 6,000 SmarterMail servers exposed to automated hijacking attacks

PackageGate: 6 Zero-Days in JS Package Managers But NPM Won’t Act

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue

Intelligence and Information Warfare

KONNI Adopts AI to Generate PowerShell Backdoors

Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign

Inside a Multi-Stage Windows Malware Campaign

Operation DupeHike : UNG0902 targets Russian employees with DUPERUNNER and AdaptixC2

WhatsApp’s Latest Privacy Protection: Strict Account Settings

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups

Space Capabilities to Support Military Operations in the European Theatre

Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

Why a gradual move away from US tech is a good idea

ELECTRUM: Cyber Attack on Poland’s Electric System 2025

Energy Sector Incident Report – 29 December 2025

Dissecting UAT-8099: New persistence mechanisms and regional focus

Cybersecurity

Defending the 2026 Milano Cortina Winter Games

AI-Powered Disinformation Swarms Are Coming for Democracy

Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858

No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network

Informant told FBI that Jeffrey Epstein had a ‘personal hacker’

US Has Investigated Claims WhatsApp Chats Aren’t Private

Thousands more Oregon residents learn their health data was stolen in TriZetto breach

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: Affairs, Breaking News, Cybercrime, data breach, edition, hacking, hacking news, information security news, International, IT Information Security, Malware, Newsletter, Paganini, Pierluigi, Pierluigi Paganini, round, Security, Security Affairs, Security News

Post navigation

Previous: Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Next: Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates