A round of Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION brings together a slate of security stories, including Fintech firm Figure disclosing a data breach after an employee phishing attack. According to U.S. CISA, a flaw in BeyondTrust RS and PRA has been added to its Known Exploited Vulnerabilities catalog, while suspected Russian hackers are reported to deploy CANFAIL malware against Ukraine.
The issue also notes a new threat actor, UAT-9921, deploying VoidLink against enterprise sectors and attackers exploiting BeyondTrust CVE-2026-1731 within hours of PoC release. Other highlights include Google reporting state-backed hackers exploiting Gemini AI for cyber reconnaissance and attacks, Odido confirming a massive breach affecting 6.2 million customers, and ApolloMD data breach impacts of 626,540 people.
The digest covers ongoing security updates such as Apple fixing an actively exploited zero-day in 2026, Volvo Group being hit in a massive Conduent data breach, Reynolds ransomware using BYOVD to disable security before encryption, Ivanti patching multiple Endpoint Manager bugs, and SSHStalker botnet targeting Linux servers with legacy exploits and SSH scanning.