A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| A cyberattack on Collins Aerospace disrupted operations at major European airports |
| CISA warns of malware deployed through Ivanti EPMM flaws |
| Fortra addressed a maximum severity flaw in GoAnywhere MFT software |
| UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London |
| ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT |
| SonicWall warns customers to reset credentials after MySonicWall backups were exposed |
| CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025 |
| Jaguar Land Rover will extend its production halt into a third week following a cyberattack |
| China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy |
| Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service |
| DoJ resentenced former BreachForums admin to three years in prison |
| Apple backports fix for actively exploited CVE-2025-43300 |
| New supply chain attack hits npm registry, compromising 40+ packages |
| Cybercrime group accessed Google Law Enforcement Request System (LERS) |
| China-linked Mustang Panda deploys advanced SnakeDisk USB worm |
| Insider breach at FinWise Bank exposes data of 689,000 AFF customers |
| Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records |
| Fairmont Federal Credit Union 2023 data breach impacted 187K people |
| UK ICO finds students behind majority of school data breaches |
| INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance |
| ShinyHunters Attack National Credit Information Center of Vietnam |
International Press – Newsletter
Cybercrime
Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers
Hackers claim access to law enforcement portals, but do they really have access?
Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison
RaccoonO365: An Active Campaign and New Features
FileFix in the wild! New FileFix campaign goes beyond POC and leverages steganography
Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service
United Kingdom National Charged in Connection with Multiple Cyber Attacks, Including on Critical Infrastructure
Two charged for TfL cyber attack
Inside the Lighthouse and Lucid PhaaS Campaigns Targeting 316 Global Brands
SystemBC – Bringing the Noise
Evolution Cybercrime—Key Trends, Cybersecurity Threats, and Mitigation Strategies from Historical Data
Malware
SmokeLoader Rises From the Ashes
Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages
Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation
Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware
Hacking
A learning approach on exploiting CVE-2020-9273
Rowhammer Attack Demonstrated Against DDR5
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations
ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent
CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems
Intelligence and Information Warfare
APT Down – The North Korea Files
Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm
Israel announces seizure of $1.5M from crypto wallets tied to Iran
Ukraine claims cyberattacks on Russian election systems; Moscow confirms disruptions
THREE IRANIAN CYBER ACTORS
SEC targets US firms tied to suspected Chinese ‘pump and dump’ scams
Minding the drone gap: Drone warfare and the EU
Gamaredon X Turla collab
Modus Operandi of Subtle Snail
Cybersecurity
AI Agents are Eroding the Foundations of Cybersecurity
Kids in the UK are hacking their own schools for dares and notoriety
Cloudflare participates in global operation to disrupt RaccoonO365
JLR could face disruption until November after hack
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Palo Alto Networks Unit 42 Recognised by UK’s NCSC as an Enhanced Level Cyber Incident Response Assured Service Provider
Germany approves new rules to protect critical infrastructure
Passengers stranded at Heathrow, other European airports after cyberattack
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)