A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source |
| Attackers exploit Fortinet flaws to deploy Qilin ransomware |
| Russia-linked threat actors targets Ukraine with PathWiper wiper |
| U.S. Offers $10M bounty for info on RedLine malware creator and state hackers |
| Play ransomware group hit 900 organizations since 2022 |
| U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog |
| New versions of Chaos RAT target Windows and Linux systems |
| Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure |
| Law enforcement seized the carding marketplace BidenCash |
| Ukraine’s military intelligence agency stole 4.4GB of highly classified internal data from Tupolev |
| HPE fixed multiple flaws in its StoreOnce software |
| Roundcube Webmail under fire: critical exploit found after a decade |
| U.S. CISA adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalog |
| Cartier disclosed a data breach following a cyber attack |
| U.S. CISA adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog |
| Android banking trojan Crocodilus rapidly evolves and goes global |
| Google fixed the second actively exploited Chrome zero-day since the start of the year |
| Cryptojacking campaign relies on DevOps tools |
| Hacking |
| Qualcomm fixed three zero-days exploited in limited, targeted attacks |
| Police took down several popular counter-antivirus (CAV) services, including AvCheck |
| A cyberattack hit hospitals operated by Covenant Health |
| Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188 |
| Two flaws in vBulletin forum software are under attack |
International Press – Newsletter
Cybercrime
Websites selling hacking tools to cybercriminals seized
Alleged Conti, TrickBot Gang Leader Unmasked
Key service for malware developers taken offline
Hospitals in Maine, New Hampshire limit services after cyberattack on Catholic health org
U.S. Government seizes approximately 145 criminal marketplace domains
Interlock ransomware claims Kettering Health breach, leaks stolen data
Cyber Criminals Defraud Hedera Hashgraph Network Non-Custodial Wallet Users Through Nonfungible Token Airdrops Disguised as Free Rewards
#StopRansomware: Play Ransomware
Maxim Alexandrovich Rudometov & RedLine
The SEC Pinned Its Hack on a Few Hapless Day Traders. The Full Story Is Far More Troubling
Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect
Ransomware gang claims responsibility for Kettering Health hack
Malware
Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One
Attacker exploits misconfigured AI tool to run AI-generated payload
Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
From open-source to open threat: Tracking Chaos RAT’s evolution
Home Internet Connected Devices Facilitate Criminal Activity
Hacking
vBulletin replaceAdTemplate Exploited in the Wild
Don’t Call That “Protected” Method: Dissecting an N-Day vBulletin RCE
Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
DevOps Tools Targeted for Cryptojacking
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Critical Fortinet flaws now exploited in Qilin ransomware attacks
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
Intelligence and Information Warfare
A Flyby on the CFO’s Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment
Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
Ukraine Hacks Tupolev, Exposes Russia’s Strategic Bomber Secrets
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
Justice Department accuses two Chinese researchers of smuggling ‘potential agroterrorism weapon’ into US
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two
Cybersecurity
Sustaining Digital Certificate Security – Upcoming Changes to the Chrome Root Store
Announcing a new strategic collaboration to bring clarity to threat actor naming
NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’
Victoria’s Secret says it will postpone earnings report after recent security breach
Largest ever data leak exposes over 4 billion user records
Australian ransomware victims now must tell the government if they pay up
Pivot to AI
EU takes a step further in cybersecurity crisis management
Cyber Attacks Are Up 47% in 2025 – AI is One Key Factor
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
