A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| PlayStation Network outage has been going on for over 24 hours |
| Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer |
| Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps |
| U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog |
| Hospital Sisters Health System impacted 882,782 individuals |
| Attackers used a public ASP.NET machine to conduct ViewState code injection attacks |
| U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog |
| Cisco addressed two critical flaws in its Identity Services Engine (ISE) |
| Notorious hacker behind 40+ cyberattacks on strategic organizations arrested |
| Lazarus APT targets crypto wallets using cross-platform JavaScript stealer |
| U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog |
| U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog |
| SparkCat campaign target crypto wallets using OCR to steal recovery phrases |
| International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists |
| Online food ordering and delivery platform GrubHub discloses a data breach |
| Netgear urges users to upgrade two flaws impacting WiFi router models |
| AMD fixed a flaw that allowed to load malicious microcode |
| Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites |
| Google fixed actively exploited kernel zero-day flaw |
| Web Skimmer found on at least 17 websites, including Casio UK |
| Crazy Evil gang runs over 10 highly specialized social media scams |
| Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks? |
| Texas is the first state to ban DeepSeek on government devices |
| Law enforcement seized the domains of HeartSender cybercrime marketplaces |
| WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware |
| Ransomware attack hit Indian multinational Tata Technologies |
International Press – Newsletter
Cybercrime
FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang
“Crazy Evil” Cryptoscam Gang: Unmasking a Global Threat in 2024
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
US Justice Department says cybercrime forum allegedly affected 17 million Americans
Cybercrime is increasingly complex. Here’s how data awareness can help
HTTP Client Tools Exploitation for Account Takeover Attacks
Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
Malware
Malicious packages deepseeek and deepseekai published in Python Package Index
Coyote Banking Trojan: A Stealthy Attack via LNK Files
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques
Semantic Entanglement-Based Ransomware Detection via Probabilistic Latent Encryption Mapping
Hacking
DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI
Google fixes Android kernel zero-day exploited in attacks
2024 Trends in Vulnerability Exploitation
Hacker Conversations: David Kennedy – an Atypical Typical Hacker
Code injection attacks using publicly disclosed ASP.NET machine keys
Intelligence and Information Warfare
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations
Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
Spyware maker Paragon confirms US government is a customer
Google deletes policy against using AI for weapons or surveillance
Russia uses messaging apps to recruit terrorists, Ukraine’s police says
Persistent Threats from the Kimsuky Group Using RDP Wrapper
Cybersecurity
Texas governor orders ban on DeepSeek, RedNote for government devices
Article 5: Prohibited AI Practices
Elon Musk’s Doge team granted ‘full access’ to federal payment system
Cyber Security 2025: Practical Trends Beyond the Hype
Cyber agencies unveil new guidelines to secure edge devices from increasing threat
Journalist targeted on WhatsApp by Paragon spyware: ‘I feel violated’
How Agentic AI will be Weaponized for Social Engineering Attacks
Israeli Spyware Firm Paragon Cuts Italy’s Access After Journalists Targeted
Student group sues Education Department over reported DOGE access to financial aid databases
PSN down: PlayStation Network not working for almost a day as players left in dark
Apple’s ‘Dangerous’ iPhone Update Is Much Worse Than You Think
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)