A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Silent Ransom Group targeting law firms, the FBI warns |
Leader of Qakbot cybercrime network indicted in U.S. crackdown |
Operation RapTor led to the arrest of 270 dark web vendors and buyers |
Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks |
U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog |
New Signal update stops Windows from capturing user chats |
Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS |
Russia-linked APT28 targets western logistics entities and technology firms |
A cyberattack was responsible for the week-long outage affecting Cellcom wireless network |
Coinbase data breach impacted 69,461 individuals |
U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog |
A critical flaw in OpenPGP.js lets attackers spoof message signatures |
SK Telecom revealed that malware breach began in 2022 |
4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call |
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks |
UK’s Legal Aid Agency discloses a data breach following April cyber attack |
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang |
Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025 |
Japan passed a law allowing preemptive offensive cyber actions |
James Comey is under investigation by Secret Service for a seashell photo showing “8647” |
Pwn2Own Berlin 2025: total prize money reached $1,078,750 |
Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide |
International Press – Newsletter
Cybercrime
M&S hackers believed to have gained access through third party
Domestic abuse victim data stolen in Legal Aid hack
An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado
“SKT All Subscribers’ SIM Card Information Leaked”… Malicious Codes Increase to 25 Types
Worcester College Student to Plead Guilty to Cyber Extortions
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist
Cellcom Service Disruption Caused by Cyberattack
Justice Department Seizes Domains Behind Major Information-Stealing Malware Operation
270 arrested in global dark web crackdown targeting online drug and criminal networks
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead
Leader of Qakbot Malware Conspiracy Indicted for Involvement in Global Ransomware Scheme
Silent Ransom Group Targeting Law Firms
Operation ENDGAME strikes again: the ransomware kill chain broken at its source
Malware
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector
RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale
Hidden Threats of Dual-Function Malware Found in Chrome Extensions
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
A Brief History of DanaBot, Longtime Ecrime Juggernaut Disrupted by Operation Endgame
Hacking
Pwn2Own Berlin 2025: Day Three Results
Firefox Security Response to pwn2own 2025
The Legacy Loophole: How Attackers Are Exploiting Entra ID and What to Do About It
O2 VoLTE: locating any customer with a phone call
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse
Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)
Intelligence and Information Warfare
Rogue communication devices found in Chinese solar power inverters
New Japan law allows preemptive defense of infrastructure cyberattack
ESET APT Activity Report Q4 2024–Q1 2025
From banks to battalions: SideWinder’s attacks on South Asia’s public sector
Russian GRU Targeting Western Logistics Entities and Technology Companies
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Cybersecurity
Ex-FBI boss James Comey investigated for seashell photo seen as threat to Trump
“We would be less confidential than Google” – Proton threatens to quit Switzerland over new surveillance law
Japan passed a law allowing preemptive offensive cyber actions
We Made Luigi Mangione’s 3D-Printed Gun—and Fired It
Cyber attack threat keeps me awake at night, bank boss says
By Default, Signal Doesn’t Recall
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)