A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| A massive breach exposed data of 17.5M Instagram users |
| North Korea–linked APT Kimsuky behind quishing attacks, FBI warns |
| Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals |
| Trend Micro fixed a remote code execution in Apex Central |
| Iran cuts Internet nationwide amid deadly protest crackdown |
| China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware |
| Chinese-speaking hackers exploited ESXi zero-days long before disclosure |
| Astaroth banking Trojan spreads in Brazil via WhatsApp worm |
| Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability |
| U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog |
| China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns |
| Ni8mare flaw gives unauthenticated control of n8n instances |
| Misconfigured email routing enables internal-spoofed phishing |
| Veeam resolves CVSS 9.0 RCE flaw and other security issues |
| Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers |
| Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector |
| CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200 |
| Google fixes critical Dolby Decoder bug in Android January update |
| Resecurity Went on the Cyber Offensive – When ‘Shiny Objects’ trick ‘Shiny Hunters’ |
| Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025 |
| Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices |
| The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act |
| VVS Stealer, a new python malware steals Discord credentials |
| Sedgwick discloses data breach after TridentLocker ransomware attack |
| Resecurity Caught ShinyHunters in Honeypot |
| What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities? |
| President Trump blocks $2.9M Emcore chip sale over security concerns |
International Press – Newsletter
Cybercrime
Synthetic Data: A New Frontier for Cyber Deception and Honeypots
Ilya Lichtenstein, Bitcoin hacker behind massive crypto theft, credits Trump for early prison release
Analyzing PHALT#BLYX: How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection
Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software
CNCERT: Risk Warning Regarding the “Black Cat” Gang’s Use of Search Engines to Spread Counterfeit Notepad++ Download Remote Control Backdoors
Who Benefited from the Aisuru and Kimwolf Botnets?
17.5 Million Instagram Accounts Exposed in Massive Data Breach
Malware
VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion
Malicious NPM Packages Deliver NodeCordRAT
Boto-Cor-de-Rosa campaign reveals Astaroth WhatsApp-based worm activity in Brazil
The Mac Malware of 2025
Hacking
AI in Cybersecurity: How Xfenser Enables Offensive and Defensive Intelligence in the Era of Autonomous Agents
HandPwning: security pitfalls of hand-geometry recognition-based access control systems
PlayStation 5 ROM keys leaked — jailbreaking could be made easier with BootROM codes
Hacktivist deletes white supremacist websites live onstage during hacker conference
TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service
Hacker Conversations: Katie Paxton-Fear Talks Autism, Morality and Hacking
Safetensors Forensics: It’s “Safe”… Right?
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
The Great VM Escape: ESXi Exploitation in the Wild
Trend Micro Apex Central Multiple Vulnerabilities
Phishing actors exploit complex routing and misconfigurations to spoof domains
Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release
Intelligence and Information Warfare
Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes
Artificial Intelligence in the Military Domain and Its Implications for International Peace and Security: An Evidence-Based Road Map for Future Policy Action
UAC-0184 | “The Dark Side of the Fallen Files” Pitching Operation
Analysis on China’s Cyber Threats to Taiwan’s Critical Infrastructure in 2025
UAT-7290 targets high value telecommunications infrastructure in South Asia
Iran shuts down internet as regime struggles to contain escalating unrest
North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities
Cybersecurity
California residents can use new tool to demand brokers delete their personal data
Ten found guilty of cyber-bullying Brigitte Macron
New cyber action plan to tackle threats and strengthen public services
OpenAI Launches ChatGPT Health with Isolated, Encrypted Health Data Controls
Tim Kosiba Named NSA Deputy Director
AI-Driven Cybersecurity Threats: A Survey of Emerging Risks and Defensive Strategies
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)