Pierluigi Paganini May 25, 2025

A new round of the weekly Security Affairs newsletter arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

M&S hackers believed to have gained access through third party 

Domestic abuse victim data stolen in Legal Aid hack  

An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado  

“SKT All Subscribers’ SIM Card Information Leaked”… Malicious Codes Increase to 25 Types 

Worcester College Student to Plead Guilty to Cyber Extortions  

A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist

Cellcom Service Disruption Caused by Cyberattack

Justice Department Seizes Domains Behind Major Information-Stealing Malware Operation

270 arrested in global dark web crackdown targeting online drug and criminal networks  

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead

Leader of Qakbot Malware Conspiracy Indicted for Involvement in Global Ransomware Scheme

Silent Ransom Group Targeting Law Firms 

Operation ENDGAME strikes again: the ransomware kill chain broken at its source 

Malware

Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector  

RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale 

Hidden Threats of Dual-Function Malware Found in Chrome Extensions       

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

A Brief History of DanaBot, Longtime Ecrime Juggernaut Disrupted by Operation Endgame    

Hacking

Pwn2Own Berlin 2025: Day Three Results  

Firefox Security Response to pwn2own 2025 

The Legacy Loophole: How Attackers Are Exploiting Entra ID and What to Do About It  

O2 VoLTE: locating any customer with a phone call  

ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse

Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)      

Intelligence and Information Warfare

Rogue communication devices found in Chinese solar power inverters

New Japan law allows preemptive defense of infrastructure cyberattack

ESET APT Activity Report Q4 2024–Q1 2025

From banks to battalions: SideWinder’s attacks on South Asia’s public sector  

Russian GRU Targeting Western Logistics Entities and Technology Companies

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Cybersecurity

Ex-FBI boss James Comey investigated for seashell photo seen as threat to Trump 

“We would be less confidential than Google” – Proton threatens to quit Switzerland over new surveillance law 

Japan passed a law allowing preemptive offensive cyber actions

We Made Luigi Mangione’s 3D-Printed Gun—and Fired It 

Cyber attack threat keeps me awake at night, bank boss says  

By Default, Signal Doesn’t Recall  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)