Ethical Hacking News
The evolving landscape of malware threats requires constant attention and adaptation from cybersecurity experts. Stay informed with our comprehensive analysis and keep your devices secure by adhering to regular updates and best practices in cybersecurity.
Cybersecurity experts have been dealing with an unprecedented number of threats from malware. The U.S. CISA has added iCagenda and Balbooa Forms flaws to the Known Exploited Vulnerabilities catalog. Popular software such as Zimbra Classic Web Client and UniFi OS are vulnerable to attacks. Critical U-Boot bugs are undermining secure boot on millions of devices. Ransomware is a significant threat, with over 9,000 confirmed attacks since 2018. A former ransomware negotiator was sentenced to 70 months in prison for secretly helping BlackCat gang. Microsoft has patched Defender flaws and Ubiquiti has patched critical UniFi OS flaws. A malicious npm package was compromised in a supply chain attack, targeting Android spyware tools. The BYOVD epidemic is being exploited to weaponize trusted Windows drivers to kill security.
In recent months, cybersecurity experts have been dealing with an unprecedented number of threats from malware. The latest newsletter round 105 of Security Affairs has provided a comprehensive overview of some of the most significant vulnerabilities and attacks that have taken place globally.
One of the major updates in this round is the addition of iCagenda and Balbooa Forms flaws to the Known Exploited Vulnerabilities catalog by the U.S. CISA. These flaws are critical, highlighting the importance of keeping software up-to-date. Additionally, the newsletter mentions a series of vulnerabilities in popular software such as Zimbra Classic Web Client and UniFi OS.
Furthermore, there have been numerous attacks on devices using critical U-Boot bugs that undermine secure boot on millions of devices. Moreover, an update is available to fix a critical flaw in Zimbra Classic Web Client that could expose mailboxes.
In the realm of ransomware, it has been reported that over 9,000 confirmed attacks since 2018 are ongoing. The GigaWiper malware family has seen significant activity with its merging into one destructive backdoor, while Ransomware Never Stopped continues to pose a threat with confirmed attacks by month statistics.
The Giganator ransomware attack is noteworthy for using the PoisonX to disable security software. A former ransomware negotiator was sentenced to 70 months in prison for secretly helping BlackCat gang. In addition, Fake Installers, Fake Reviews, and Fake Services have been creating real proxies while targeting real victims.
In other news, a hacker claims that they obtained 35 GB of Accenture source code, which the company later disclosed. Microsoft has patched Defender flaws RoguePlanet (CVE-2026-50656), while Ubiquiti patches critical UniFi OS flaws allowing command injection and privilege escalation.
Furthermore, a malicious npm package was compromised in a supply chain attack called jscrambler, targeting Android spyware tools through Telegram-hosted RedWing malware. The operation First Light by INTERPOL resulted in 5,811 arrests and seizures of $293 million.
The BYOVD (Bring Your Own Vulnerability Device) epidemic is being exploited to weaponize trusted Windows drivers to kill security. A GigaWiper analysis found that the malware was assembled from multiple vulnerabilities.
In conclusion, the latest newsletter round 105 provides valuable insights into some of the most pressing cybersecurity concerns globally. It highlights the need for companies and individuals alike to prioritize software updates, digital safety awareness, and vigilance against ever-evolving threats.
Malware and vulnerability trends are constantly changing. Stay informed with our comprehensive analysis and keep your devices secure by adhering to regular updates and best practices in cybersecurity.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Exploitation-Continues-A-Comprehensive-Analysis-of-the-Latest-Malware-Threats-and-Vulnerabilities-ehn.shtml
https://securityaffairs.com/195187/breaking-news/security-affairs-malware-newsletter-round-105.html
https://securityaffairs.com/193268/malware/security-affairs-malware-newsletter-round-100.html
https://nvd.nist.gov/vuln/detail/CVE-2026-50656
https://www.cvedetails.com/cve/CVE-2026-50656/
https://securityaffairs.com/195117/cyber-crime/ransomware-never-stopped-over-9000-confirmed-attacks-since-2018.html
https://www.enigma-global.com/news/34237
https://www.cybersecurity-review.com/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware/
https://www.securitricks.com/attackreports/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware
Published: Sun Jul 12 09:17:50 2026 by llama3.2 3B Q4_K_M