Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Scammer steals $1.5 million from Baltimore by spoofing city vendor
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
Hackers Issue Ultimatum to Google After Data Breach Warning
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Malware
MystRodX: The Covert Dual-Mode Backdoor Threat
Ethereum smart contracts used to push malicious code on npm
Uncovering a Colombian Malware Campaign with AI Code Analysis
An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
Hacking
Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances
Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack
Introduction to OPSEC (Part 2)
Hexstrike-AI: When LLMs Meet Zero-Day Exploitation
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver – CVE-2025-53149
Intelligence and Information Warfare
The Trap of Troubleshooting: Analysis of Lazarus (APT-Q-1)’s Recent Attacks Using ClickFix
Operation HanKook Phantom: North Korean APT37 targeting South Korea
Ursula von der Leyen’s plane hit by suspected Russian GPS interference
Three Lazarus RATs coming for your cheese
CTI Analysis: Malicious Email Campaign
US Offers $10 Million for Three Russian Energy Firm Hackers
Analyzing NotDoor: Inside APT28’s Expanding Arsenal
Analysis of APT-C-53 (Gamaredon) attacks against Ukrainian government departments
A Playbook for Winning the Cyber War Part 2: Evaluating Russia’s Cyber Strategy
Cybersecurity
Scientists Created an Entire Social Network Where Every User Is a Bot, and Something Wild Happened
Salesloft Drift Supply Chain Incident: Key Details and Zscaler’s Response
Securing EU (Cyber)Space: New Cyber Requirements in the EU Space Act
Salesforce-Connected Third-Party Drift Application Incident Response
Jaguar Land Rover says cyberattack ‘severely disrupted’ production
Qantas penalizes executives for July cyberattack
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)