MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Pierluigi Paganini September 28, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Brewing Trouble — Dissecting a macOS Malware Campaign  

Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware

Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware

The Chameleon’s Trap: Inside the Top 3 Exploit Thriving on 60% of Unpatched MS Office Systems         

YiBackdoor: A New Malware Family With Links to IcedID and Latrodectus  

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys 

How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking

Mapping the Infrastructure and Malware Ecosystem of MuddyWater

Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign    

ShadowV2: An emerging DDoS for hire botnet 

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors 

RedNovember Targets Government, Defense, and Technology Organizations

Malware Analysis Report RayInitiator & LINE VIPER  

XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory 

Bearlyfy: The Evolution of a New Ransomware Group and Its Connection to PhantomCore

Updated BO Team Grouping Tools

Deniability by Design: DNS-Driven Insights into a Malicious Ad Network     

Defending against Stegomalware in Deep Neural Networks with Permutation Symmetry

CyberSOCEval: Benchmarking LLMs Capabilities for Malware Analysis and Threat Intelligence Reasoning

DCmal-2025: A Novel Routing-Based DisConnectivity Malware—Development, Impact, and Countermeasures

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 28, 2025
Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more
Pierluigi Paganini September 27, 2025
ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Malware / September 28, 2025

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 28, 2025

Ohio’s Union County suffers ransomware attack impacting 45,000 people

Uncategorized / September 27, 2025

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Hacking / September 27, 2025

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025