A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs |
| Maximum-severity XXE vulnerability discovered in Apache Tika |
| JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability |
| BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions |
| U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog |
| Marquis data breach impacted more than 780,000 individuals |
| ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm |
| Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet |
| King Addons flaw lets anyone become WordPress admin |
| University of Pennsylvania and University of Phoenix disclose data breaches |
| Researchers spotted Lazarus’s remote IT workers in action |
| India mandates SIM-linked messaging apps to fight rising fraud |
| U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog |
| MuddyWater strikes Israel with advanced MuddyViper malware |
| ‘Korea’s Amazon’ Coupang discloses a data breach impacting 34M customers |
| Google’s latest Android security update fixes two actively exploited flaws |
| Law enforcement shuts down Cryptomixer in major crypto crime takedown |
| Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks |
| Malware |
| Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud |
| U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog |
| Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware |
International Press – Newsletter
Cybercrime
Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos
Europol and partners shut down ‘Cryptomixer’
Penn and Phoenix Universities Disclose Data Breach After Oracle Hack
ASUS confirms third-party breach as hackers release sample files
Twin Brothers Sentenced for Wire Fraud, Conspiring to Hack into U.S. Department of State and Private Company
Russia blocks FaceTime and Snapchat for alleged use by terrorists
Malware
RadzaRat: New Android Trojan Disguised as File Manager Emerges with Zero Detection Rate
Chinese APT targets Uzbekistan
Glassworm’s resurgence
Malicious Rust Crate evm-units Serves Cross-Platform Payloads for Silent Execution
Hacking
Anatomy of a Hacktivist Attack: Russian-Aligned Group Targets OT/ICS
The Mystery OAST Host Behind a Regionally Focused Exploit Operation
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
Uncovering a Calendly-themed phishing campaign targeting business ad manager accounts
Attackers Actively Exploiting Critical Vulnerability in King Addons for Elementor Plugin
Array Networks Array AG Series vulnerable to command injection
A Hidden Pattern Within Months of Credential-Based Attacks Against Palo Alto GlobalProtect
Intelligence and Information Warfare
MuddyWater: Snakes by the riverbank
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems
Intellexa Leaks: New Predator victims despite US sanctions
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
Cybersecurity
Korean e-commerce behemoth Coupang confirms leak of 33.7 million users’ data
Facial Recognition’s Trust Problem
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
Cloudflare’s 2025 Q3 DDoS threat report — including Aisuru, the apex of botnets
A New Anonymous Phone Carrier Lets You Sign Up With Nothing but a Zip Code
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Hundreds of Porsche Owners in Russia Unable to Start Cars After System Failure
NCSC Proactive Notifications Service
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, CISA)