A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates |
| Critical Sudo bugs expose major Linux distros to local Root exploits |
| Google fined $314M for misusing idle Android users’ data |
| A flaw in Catwatchful spyware exposed logins of +62,000 users |
| China-linked group Houken hit French organizations using zero-days |
| Data Breach |
| Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach |
| Europol shuts down Archetyp Market, longest-running dark web drug marketplace |
| Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses |
| Cisco removed the backdoor account from its Unified Communications Manager |
| U.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hosting |
| Qantas confirms customer data breach amid Scattered Spider attacks |
| CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025 |
| U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog |
| A sophisticated cyberattack hit the International Criminal Court |
| Esse Health data breach impacted 263,000 individuals |
| GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI |
| Europol dismantles €460M crypto scam targeting 5,000 victims worldwide |
| CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure |
| U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog |
| Canada bans Hikvision over national security concerns |
| Denmark moves to protect personal identity from deepfakes with new copyright law |
| Facebook wants access to your camera roll for AI photo edits |
International Press – Newsletter
Cybercrime
Crypto investment fraud ring dismantled in Spain after defrauding 5 000 victims worldwide
New INTERPOL report warns of sharp rise in cybercrime in Africa
QANTAS CYBER INCIDENT
Treasury Sanctions Global Bulletproof Hosting Service Enabling Cybercriminals and Technology Theft
PDFs: Portable documents, or perfect deliveries for phish?
Hunters International Ransomware Shuts Down, Offers Free Decryptors to Victims
Malware
10 Things I Hate About Attribution: RomCom vs. TransferLoader
FoxyWallet: 40+ Malicious Firefox Extensions Exposed
Addressing malware family concept drift with triplet autoencoder
RawMal-TF: Raw Malware Dataset Labeled by Type and Family
Hacking
ICC detects and contains new sophisticated cyber security incident
CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway
Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update
FileFix (Part 2) attack
Cisco warns that Unified CM has hardcoded root SSH credentials
Taking over 60k spyware user accounts with SQL injection
China breaks RSA encryption with a quantum computer, threatening global data security
Exposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open
Intelligence and Information Warfare
Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest
macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware
Analysis of the threat case of kimsuky group using ‘ClickFix’ tactic
Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)
Dissecting Kimsuky’s Attacks on South Korea: In-Depth Analysis of GitHub-Based Malicious Infrastructure
Houken seeking a path by living on the edge with zero-days
Israel strikes Iran’s nuclear sites and kills top generals. Iran retaliates with missile barrages
How Geopolitical Tensions Are Shaping Cyber Warfare
Cybersecurity
Facebook is asking to use Meta AI on photos in your camera roll you haven’t yet shared
Ahold Delhaize Data Breach Impacts 2.2 Million People
Denmark to tackle deepfakes by giving people copyright to their own features
Berlin data protection commissioner reports AI app DeepSeek in Germany to Apple and Google as illegal content
263,000 Impacted by Esse Health Data Breach
China breaks RSA encryption with a quantum computer, threatening global data security
Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission
Vulnerability Advisory: Sudo Host Option Elevation of Privilege
Top AI models will lie, cheat and steal to reach goals, Anthropic finds
Only One in 10 Organizations Globally Are Ready to Protect Against AI-Augmented Cyber Threats
More than 25% of UK businesses hit by cyber-attack in last year, report finds
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)