SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

Related breach coverage

• Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION
  2026-05-17

  A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores Pwn2Own Berlin 2026, Day Three: DEVCORE […]

• CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
  2026-05-15

  Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange […]

• First Shai-Hulud Worm Clones Emerge
  2026-05-18

  At least one threat actor has adopted the recently released malware source code in attacks against NPM developers. The post First Shai-Hulud Worm Clones Emerge appeared first on SecurityWeek.

• U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
  2026-05-16

  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are […]