MUST READ

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

 | 

United Natural Foods Expects $400M revenue impact from June cyber attack

 | 

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

 | 

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

 | 

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

 | 

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

 | 

Former US Army member confesses to Telecom hack and extortion conspiracy

 | 

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

 | 

DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault

 | 

U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog

 | 

Android Malware Konfety evolves with ZIP manipulation and dynamic loading

 | 

Belk hit by May cyberattack: DragonForce stole 150GB of data

 | 

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

 | 

FBI seized multiple piracy sites distributing pirated video games

 | 

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 

Experts uncover critical flaws in Kigen eSIM technology affecting billions

 | 

Spain awarded €12.3 million in contracts to Huawei

 | 

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition

Pierluigi Paganini September 17, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

TikTok fined €345M by Irish DPC for violating children’s privacy
Iranian Peach Sandstorm group behind recent password spray attacks
Dariy Pankov, the NLBrute malware author, pleads guilty
Dangerous permissions detected in top Android health apps
Caesars Entertainment paid a ransom to avoid stolen data leaks
Free Download Manager backdoored to serve Linux malware for more than 3 years
Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York
UK Greater Manchester Police disclosed a data breach
The iPhone of a Russian journalist was infected with the Pegasus spyware
Kubernetes flaws could lead to remote code execution on Windows endpoints
Threat actor leaks sensitive data belonging to Airbus
A new ransomware family called 3AM appears in the threat landscape
Redfly group infiltrated an Asian national grid as long as six months
Mozilla fixed a critical zero-day in Firefox and Thunderbird
Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws
Save the Children confirms it was hit by cyber attack
Adobe fixed actively exploited zero-day in Acrobat and Reader
A new Repojacking attack exposed over 4,000 GitHub repositories to hack
MGM Resorts hit by a cyber attack
Anonymous Sudan launched a DDoS attack against Telegram
Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor
GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023
CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog
UK and US sanctioned 11 members of the Russia-based TrickBot gang
New HijackLoader malware is rapidly growing in popularity in the cybercrime community
Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable
Evil Telegram campaign: Trojanized Telegram apps found on Google Play
Rhysida Ransomware gang claims to have hacked three more US hospitals
Akamai prevented the largest DDoS attack on a US financial company

Cybercrime

Manchester Police officers’ data exposed in ransomware attack   

An Avoidable Breach — FBI Hacker Leaks Sensitive Airbus Data

Upstate New York nonprofit hospitals still facing issues after LockBit ransomware attack   

Caesars Entertainment, Inc. ransomware attack

Russian Malware Developer Pleads Guilty To Conspiracy To Commit Wire And Computer Fraud      

Site for Generating Non-Consensual AI Porn Restricts Content Following 404 Media Investigation 

Major trucking software provider confirms ransomware incident   

Malware

Spyware messengers on Google Play

Evil Telegram doppelganger attacks Chinese users      

Technical Analysis of HijackLoader   

United States and United Kingdom Sanction Additional Members of the Russia-Based Trickbot Cybercrime Gang

Ransomware, extortion and the cyber crime ecosystem   

3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack  

In a first, spyware is found on phone of prominent Russian journalist  

Free Download Manager backdoored – a possible supply chain attack on Linux machines  

The State of Ransomware in the US: Report and Statistics 2022  

Probe reveals previously secret Israeli spyware that infects targets via ads

Hacking

Akamai Prevents the Largest DDoS Attack on a U.S. Financial Company  

Geolocating a Traveler via OSINT techniques  

Telegram Hit by a DDoS Attack: What Is the Cause Behind It?  

‘Cybersecurity Issue’ Forces Systems Shutdown at MGM Hotels and Casinos  

Persistent Threat: New Exploit Puts Thousands of GitHub Repositories and Millions of Users at Risk   

WiKI-Eve Attack: Intercepting Smartphone Keystrokes Through Wi-Fi Vulnerability 

Can’t Be Contained: Finding a Command Injection Vulnerability in Kubernetes  

Bypassing UAC with SSPI Datagram Contexts  

Intelligence and Information Warfare

Suspected Chinese operatives using AI generated images to spread disinformation among US voters, Microsoft says  

Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor  

Redfly: Espionage Actors Continue to Target Critical Infrastructure

Pegasus Infection of Galina Timchenko, exiled Russian Journalist and Publisher 

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets  

More Russian journalists investigating possible spyware infections  

Cybersecurity

The September 2023 security update review  

Generative AI: A pragmatic blueprint for data security  

Hacking Meduza: Pegasus spyware used to target Putin’s critic   

ENISA Foresight 2030 Threats 

TikTok fined €345m by Ireland’s data regulator for violating children’s privacy  

NCSC Cyber Incident Response scheme now available to more organisations  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini July 17, 2025
Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen
Read more
Pierluigi Paganini July 17, 2025
United Natural Foods Expects $400M revenue impact from June cyber attack
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

Data Breach / July 17, 2025

United Natural Foods Expects $400M revenue impact from June cyber attack

Security / July 17, 2025

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Security / July 17, 2025

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Hacking / July 17, 2025

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Cyber Crime / July 16, 2025