Pierluigi Paganini April 06, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Walmart’s Sam’s Club claimed by Cl0p ransomware gang  

Anubis Backdoor

New version of Triada steals cryptocurrency, messenger accounts and replaces phone numbers during calls

The beginning of the end: the story of Hunters International  

Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users    

Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems

Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe 

Malware

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure  

Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor 

Advancements in delivery: Scripting with Nietzsche  

Analyzing New HijackLoader Evasion Tactics  

Malicious Python packages target popular Bitcoin library 

Hacking

A Phishing Tale of DoH and DNS MX Abuse

Hackers are now using AI to break AI – and it’s working 

Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats

Someone is trying to recruit security researchers in bizarre hacking campaign 

Critical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and Analysis  

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack 

Hacking the Call Records of Millions of Americans  

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

Intelligence and Information Warfare

Gamaredon campaign abuses LNK files to distribute Remcos backdoor  

Russian spies as disinformation actors   

The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques     

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)  

Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs.

UAC-0219: Cyber ​​espionage using PowerShell stealer WRECKSTEEL 

White House fires National Security Agency chief      

Israel Enters ‘Stage 3’ of Cyber Wars With Iran Proxies 

Poland’s prime minister says cyberattack targeted his party as election nears 

Cybersecurity

Fake Passport Generated by ChatGPT Bypasses Security

Apple hit with $162 million French antitrust fine over privacy tool 

GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help  

TikTok faces €500 million fine for illegally shipping European user data to China – report 

Google announces Sec-Gemini v1, a new experimental cybersecurity model

Texas city warns thousands of utility payment site breach

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)