Pierluigi Paganini April 27, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Hackers pounce on Pope’s death with scams 

Damage caused by unauthorized access to and transactions on internet trading services is increasing sharply  

Southeast Asian cyber fraud industry at ‘inflection point’ as it expands globally  

British retailer M&S confirms being hit by ‘cyber incident’ amid store delays  

Blue Shield of California Data Breach Impacts 4.7 Million People  

NFC Fraud Wave: Evolution of Ghost Tap on the Dark Web 

FBI says online scams raked in $16.6 billion last year  

Interlock ransomware claims DaVita attack, leaks stolen data

Cyber Firm CEO Accused of Placing Malware on Hospital Device  

Ransomware Groups Evolve Affiliate Models

Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs  

AI-Enabled Darcula-Suite Makes Phishing Kits More Accessible, Easier to Deploy  

Malware

XRP supply chain attack: Official NPM package infected with crypto stealing backdoor 

SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation 

New Rust Botnet “RustoBot” is Routed via Routers  

DslogdRAT Malware Installed in Ivanti Connect Secure  

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign

Hacking

Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet

Obfuscation Overdrive: Next-Gen Cryptojacking with Layers      

ConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP Composer 

ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver  

Novel Universal Bypass for All Major LLMs  

Fake Security Vulnerability Phishing Campaign Targets WooCommerce Users 

Craft CMS RCE exploit chain used in zero-day attacks to steal data

Intelligence and Information Warfare

APT Group Profiles – Larva-24005  

Whistleblower: DOGE Siphoned NLRB Case Data  

Android spyware trojan targets Russian military personnel who use Alpine Quest mapping software

Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows  

Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack

Operation SyncHole: Lazarus APT goes back to the well  

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

Cybersecurity

SK Telecom warns customer USIM data exposed in malware attack

Adversarial machine learning is cybersecurity’s new frontier   

Introducing Advanced Chat Privacy: Enhanced Protection for Your Most Sensitive Conversations

Microsoft Defender XDR False Positive Leads to Massive Data Leak of 1,700+ Sensitive Documents  

What Are We Really Securing?  

Understanding the threat landscape for Kubernetes and containerized assets

Employee monitoring app leaks 21 million screenshots in real time

Mobile provider MTN says cyberattack compromised customer data     

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)