SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new...
Government
20 articles
Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook
November 20, 2025: Date this information was first published. We’re pleased to announce the availability of the latest sample security baseline from Landing ...
CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers
A bug in a popular line of video conferencing software is being exploited by hackers, prompting the U.S.
A core infrastructure engineer pleads guilty to federal charges in insider attack
When Daniel Rhyne pleaded guilty on April 1 to having launched an insider extortion attack against his then-employer, authorities enumerated the techniques h...
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal ta...
Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’
The Senate Democrat said that the SSA following Trump’s executive order would indicate “willing participation” in the administration’s midterm elections sche...
TrueConf Zero-Day Exploited in Asian Government Attacks
A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional payloads. The post Tr...
Infrastructure Engineer Pleads Guilty to Locking 254 Windows Servers at Former Employer
Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to lo...
French Senate passes bill that would ban children under 15 from social media
If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf C...
TrueConf zero-day vulnerability turns its own update process into malware delivery channel
Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within gover...
FBI Warns Chinese Mobile Apps Could Expose User Data to Cyberattacks
The Federal Bureau of Investigation (FBI) has issued a public warning about potential data security risks associated with foreign-developed mobile applicatio...
Report: Americans concerned about government management of personal data
StateScoop reports that the majority of Americans seek more control over data sharing across the U.S.
Attacks with TrueConf zero-day hit Southeast Asian governments
Suspected China-linked threat actors have weaponized a high-severity zero-day flaw in the TrueConf client video conferencing software, tracked as CVE-2026-35...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Google Daw...
FBI warns against using Chinese mobile apps due to privacy risks
The U.S.
Alleged RedLine malware developer extradited to United States
A man has appeared in federal court in Austin, Texas, after being extradited to the United States to face charges related to his alleged role as a key develo...
Closing the Gap by Enhancing Visibility and Mitigating Risks
Secure your UK public sector digital estate. Cortex Xpanse delivers active External Attack Surface Management (EASM) with continuous monitoring, NCSC alignme...
TrueConf Vulnerability Under Active Exploitation in Southeast Asia Government Attacks
Check Point Research has discovered a critical zero-day vulnerability in the TrueConf video conferencing client. Tracked as CVE-2026-3502 with a CVSS score o...
White House executive order purports to limit mail-in voting, mandate federal voter lists
The order is expected to be quickly challenged in court, where the Trump administration’s previous efforts have been struck down as unconstitutional. The pos...