MUST READ

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 22, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Iran confirmed it shut down internet to protect the country against cyberattacks
Godfather Android trojan uses virtualization to hijack banking and crypto apps
Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider
Linux flaws chain allows Root access across major distributions
A ransomware attack pushed the German napkin firm Fasana into insolvency
Researchers discovered the largest data breach ever, exposing 16 billion login credentials
China-linked group Salt Typhoon breached satellite firm Viasat
Iran experienced a near-total national internet blackout
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers
Healthcare services company Episource data breach impacts 5.4 Million people
Watch out, Veeam fixed a new critical bug in Backup & Replication product
U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog
News Flodrix botnet targets vulnerable Langflow servers
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog
Attackers target Zyxel RCE vulnerability CVE-2023-28771
India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users
State-sponsored hackers compromised the email accounts of several Washington Post journalists
Deep Web
Law enforcement operation shut down dark web drug marketplace Archetyp Market
New Anubis RaaS includes a wiper module
New Predator spyware infrastructure revealed activity in Mozambique for the first time
Canada’s second-largest airline WestJet is containing a cyberattack

International Press – Newsletter

Cybercrime

WestJet probes cybersecurity incident affecting app and internal systems  

Europe-wide takedown hits longest-standing dark web drug market

Zoomcar Says Hackers Accessed Data of 8.4 Million Users 

Understanding SCATTERED SPIDER: Tactics, Targets, and Defence Strategies by Daniel Collyer June 4, 2025 

United States Files Civil Forfeiture Complaint Against $225M in Funds Involved in Cryptocurrency Investment Fraud Money Laundering

Krispy Kreme says November data breach impacts over 160,000 people

Cyberattack pushes German napkin company into insolvency 

Infrastructure Laundering: Blending in with the Cloud 

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

Malware

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet  

2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain 

Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data 

Threat actor Banana Squad exploits GitHub repos in new campaign

AntiDot Malware

Your Mobile App, Their Playground: The Dark side of the Virtualization  

Hacking

GreyNoise Observes Exploit Attempts Targeting Zyxel CVE-2023-28771 

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

 Critical Veeam Backup & Replication CVE-2025-23121  

Iran’s Largest Crypto Exchange Targeted in $90m Hack

The 16-billion-record data breach that no one’s ever heard of 

Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks  

Intelligence and Information Warfare          

Predator Still Active, with New Client and Corporate Links Identified 

Washington Post investigating cyberattack on journalists’ email accounts, source says 

Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict

Threat Group Targets Companies in Taiwan

Internet collapses across Iran, say web-monitoring firms  

Viasat identified as victim in Chinese Salt Typhoon cyberespionage, Bloomberg News reports

Iran’s Cyber Army: Missing in Action     

Countering AI Chip Smuggling Has Become a National Security Priority 

Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion

Iran’s government says it shut down internet to protect against cyberattacks 

Cybersecurity

The Impact of Artificial Intelligence on the Cybersecurity Workforce  

The AI Arms Race: Deepfake Generation vs. Detection

Managing Serial-to-Ethernet Exposures in Modern OT Networks

No, the 16 billion credentials leak is not a new data breach

Defending the Internet: how Cloudflare blocked a monumental 7.3 Tbps DDoS attack  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini July 11, 2025
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini July 10, 2025
UK NCA arrested four people over M&S, Co-op cyberattacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

Hacking / July 11, 2025

UK NCA arrested four people over M&S, Co-op cyberattacks

Cyber Crime / July 10, 2025

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Hacking / July 10, 2025

Qantas data breach impacted 5.7 million individuals

Data Breach / July 10, 2025

DoNot APT is expanding scope targeting European foreign ministries

APT / July 10, 2025