Security Affairs newsletter Round 510 by Pierluigi Paganini

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini February 09, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

PlayStation Network outage has been going on for over 24 hours

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps

U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog

Hospital Sisters Health System impacted 882,782 individuals

Attackers used a public ASP.NET machine to conduct ViewState code injection attacks

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Cisco addressed two critical flaws in its Identity Services Engine (ISE)

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Lazarus APT targets crypto wallets using cross-platform JavaScript stealer

U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

SparkCat campaign target crypto wallets using OCR to steal recovery phrases

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Online food ordering and delivery platform GrubHub discloses a data breach

Netgear urges users to upgrade two flaws impacting WiFi router models

AMD fixed a flaw that allowed to load malicious microcode

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Google fixed actively exploited kernel zero-day flaw

Web Skimmer found on at least 17 websites, including Casio UK

Crazy Evil gang runs over 10 highly specialized social media scams

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

Texas is the first state to ban DeepSeek on government devices

Law enforcement seized the domains of HeartSender cybercrime marketplaces

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Ransomware attack hit Indian multinational Tata Technologies

International Press – Newsletter

Cybercrime

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

“Crazy Evil” Cryptoscam Gang: Unmasking a Global Threat in 2024

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

US Justice Department says cybercrime forum allegedly affected 17 million Americans

Cybercrime is increasingly complex. Here’s how data awareness can help

HTTP Client Tools Exploitation for Account Takeover Attacks

Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Malware

Malicious packages deepseeek and deepseekai published in Python Package Index

Coyote Banking Trojan: A Stealthy Attack via LNK Files

Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence

Rat Race: ValleyRAT Malware Targets Organizations with New Delivery Techniques

Semantic Entanglement-Based Ransomware Detection via Probabilistic Latent Encryption Mapping

Hacking

DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI

Google fixes Android kernel zero-day exploited in attacks

2024 Trends in Vulnerability Exploitation

Hacker Conversations: David Kennedy – an Atypical Typical Hacker

Code injection attacks using publicly disclosed ASP.NET machine keys

Intelligence and Information Warfare

macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed

Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations

Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam

Spyware maker Paragon confirms US government is a customer

Google deletes policy against using AI for weapons or surveillance

Russia uses messaging apps to recruit terrorists, Ukraine’s police says

Persistent Threats from the Kimsuky Group Using RDP Wrapper

Cybersecurity

Texas governor orders ban on DeepSeek, RedNote for government devices

Article 5: Prohibited AI Practices

Elon Musk’s Doge team granted ‘full access’ to federal payment system

Cyber Security 2025: Practical Trends Beyond the Hype

Cyber agencies unveil new guidelines to secure edge devices from increasing threat

Journalist targeted on WhatsApp by Paragon spyware: ‘I feel violated’

How Agentic AI will be Weaponized for Social Engineering Attacks

Israeli Spyware Firm Paragon Cuts Italy’s Access After Journalists Targeted

Student group sues Education Department over reported DOGE access to financial aid databases

PSN down: PlayStation Network not working for almost a day as players left in dark

Apple’s ‘Dangerous’ iPhone Update Is Much Worse Than You Think

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini July 17, 2025

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

Pierluigi Paganini July 17, 2025

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

QUICK LINKS

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

you might also like

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Subscribe to my email list and stay
up-to-date!