Security Affairs newsletter Round 529 by Pierluigi Paganini

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 22, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Iran confirmed it shut down internet to protect the country against cyberattacks

Godfather Android trojan uses virtualization to hijack banking and crypto apps

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

Linux flaws chain allows Root access across major distributions

A ransomware attack pushed the German napkin firm Fasana into insolvency

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

China-linked group Salt Typhoon breached satellite firm Viasat

Iran experienced a near-total national internet blackout

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Healthcare services company Episource data breach impacts 5.4 Million people

Watch out, Veeam fixed a new critical bug in Backup & Replication product

U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog

News Flodrix botnet targets vulnerable Langflow servers

U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog

Attackers target Zyxel RCE vulnerability CVE-2023-28771

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

State-sponsored hackers compromised the email accounts of several Washington Post journalists

Deep Web

Law enforcement operation shut down dark web drug marketplace Archetyp Market

New Anubis RaaS includes a wiper module

New Predator spyware infrastructure revealed activity in Mozambique for the first time

Canada’s second-largest airline WestJet is containing a cyberattack

International Press – Newsletter

Cybercrime

WestJet probes cybersecurity incident affecting app and internal systems

Europe-wide takedown hits longest-standing dark web drug market

Zoomcar Says Hackers Accessed Data of 8.4 Million Users

Understanding SCATTERED SPIDER: Tactics, Targets, and Defence Strategies by Daniel Collyer June 4, 2025

United States Files Civil Forfeiture Complaint Against $225M in Funds Involved in Cryptocurrency Investment Fraud Money Laundering

Krispy Kreme says November data breach impacts over 160,000 people

Cyberattack pushes German napkin company into insolvency

Infrastructure Laundering: Blending in with the Cloud

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

Malware

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain

Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data

Threat actor Banana Squad exploits GitHub repos in new campaign

AntiDot Malware

Your Mobile App, Their Playground: The Dark side of the Virtualization

Hacking

GreyNoise Observes Exploit Attempts Targeting Zyxel CVE-2023-28771

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

Critical Veeam Backup & Replication CVE-2025-23121

Iran’s Largest Crypto Exchange Targeted in $90m Hack

The 16-billion-record data breach that no one’s ever heard of

Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks

Intelligence and Information Warfare

Predator Still Active, with New Client and Corporate Links Identified

Washington Post investigating cyberattack on journalists’ email accounts, source says

Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict

Threat Group Targets Companies in Taiwan

Internet collapses across Iran, say web-monitoring firms

Viasat identified as victim in Chinese Salt Typhoon cyberespionage, Bloomberg News reports

Iran’s Cyber Army: Missing in Action

Countering AI Chip Smuggling Has Become a National Security Priority

Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion

Iran’s government says it shut down internet to protect against cyberattacks

Cybersecurity

The Impact of Artificial Intelligence on the Cybersecurity Workforce

The AI Arms Race: Deepfake Generation vs. Detection

Managing Serial-to-Ethernet Exposures in Modern OT Networks

No, the 16 billion credentials leak is not a new data breach

Defending the Internet: how Cloudflare blocked a monumental 7.3 Tbps DDoS attack

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini August 13, 2025

Critical FortiSIEM flaw under active exploitation, Fortinet warns

Pierluigi Paganini August 13, 2025