Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Embargo Ransomware nets $34.2M in crypto since April 2024
Germany limits police spyware use to serious crimes
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom
French firm Bouygues Telecom suffered a data breach impacting 6.4M customers
Columbia University data breach impacted 868,969 people
SonicWall dismisses zero-day fears after Ransomware probe
Air France and KLM disclosed data breaches following the hack of a third-party platform
CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786
Microsoft unveils Project Ire: AI that autonomously detects malware
CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector
Over 100 Dell models exposed to critical ControlVault3 firmware bugs
How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments
WhatsApp cracks down on 6.8M scam accounts in global takedown
Trend Micro fixes two actively exploited Apex One RCE flaws
U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog
Google fixed two Qualcomm bugs that were actively exploited in the wild
Zero Day Quest returns: Microsoft ups the stakes with $5M bug bounty
Cisco disclosed a CRM data breach via vishing attack
Exposed Without a Breach: The Cost of Data Blindness
SonicWall investigates possible zero-day amid Akira ransomware surge
Chaining NVIDIA’s Triton Server flaws exposes AI systems to remote takeover
Hacking group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer
Northwest Radiologists data breach hits 350,000 in Washington
PlayPraetor Android RAT expands rapidly across Spanish and French-speaking regions
Lovense flaws expose emails and allow account takeover
Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024
Akira Ransomware targets SonicWall VPNs in likely zero-day attacks

International Press – Newsletter

Cybercrime

Warning: Phishing campaign detected  

New WhatsApp Tools and Tips to Beat Messaging Scams 

GenAI Used For Phishing Websites Impersonating Brazil’s Government 

FraudOnTok 

FinCEN Issues Notice on the Use of Convertible Virtual Currency Kiosks for Scam Payments and Other Illicit Activity  

Nigerian Man Extradited To Face Hacking, Fraud, And Identity Theft Charges 

Update: Akira ransomware group targets SonicWall VPN appliances 

Columbia University data breach impacts nearly 870,000 individuals

Who Got Arrested in the Raid on the XSS Crime Forum?  

Unmasking Embargo Ransomware: A Deep Dive Into the Group’s TTPs and BlackCat Links 

Malware

Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN 

ToxicPanda: The Android Banking Trojan Targeting Europe   

“CAPTCHAgeddon” Unmasking the Viral Evolution of the ClickFix Browser-Based Threat 

11 Malicious Go Packages Distribute Obfuscated Remote Payloads 

New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer

Hacking

Lovense: The Company That Lies to Security Researchers  

Breaking NVIDIA Triton: CVE-2025-23319 – A Vulnerability Chain Leading to AI Server Takeover 

Huntress Threat Advisory: Active Exploitation of SonicWall VPNs  

Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

ReVault! When your SoC turns against you…   

Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise  

Intelligence and Information Warfare

The Covert Operator’s Playbook: Infiltration of Global Telecom Networks 

Hacked Crimean servers reveal information about abducted children, Ukraine says

Updated UAC-0099 toolkit: MATCHBOIL, MATCHWOK, DRAGSTARE  

WinRAR zero-day exploited to plant malware on archive extraction

Germany’s top court holds that police can only use spyware to investigate serious crimes 

‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians 

Cybersecurity

Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites 

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

AI Rewrote Its Code When I Asked About Human Nature 

Cisco Says User Data Stolen in CRM Hack  

Most cybersecurity risk comes from just 10% of employees  

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment 

Air France and KLM disclose data breaches impacting customers

Google Discloses Data Breach via Salesforce Hack 

Preventing ZIP parser confusion attacks on Python package installers 

Europe prioritising spend properly as H1 cybersecurity market hits double-digit growth

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)