Pierluigi Paganini
October 26, 2025
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Myanmar military shuts down a major cybercrime center and detains over 2,000 people
Email Bombs Exploit Lax Authentication in Zendesk
Cybercriminals Abuse AI Website Creation App For Phishing
Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign
Cyber incidents in Texas, Tennessee and Indiana impacting critical government services
The Smishing Deluge: China-Based Campaign Flooding Global Text Messages
Malware
TikTok videos continue to push infostealers in ClickFix attacks
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
Dissecting YouTube’s Malware Distribution Network October 23, 2025
Hacking
Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks
TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware
SessionReaper attacks have started, 3 in 5 stores still vulnerable Sansec by Sansec Forensics Team
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236)
Pwn2Own Ireland 2025: Day Three and Master of Pwn
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Microsoft 365 Copilot – Arbitrary Data Exfiltration Via Mermaid Diagrams
Intelligence and Information Warfare
China Says It Found Evidence of US Cyber Attack on State Agency
‘Catastrophic’ attack as Russians hack files on EIGHT MoD bases and post them on the dark web
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
Unmasking MuddyWater’s New Malware Toolkit Driving International Espionage
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
UK facing ‘most contested and complex’ threat in decades, warns GCHQ director
Gotta fly: Lazarus targets the UAV sector
ToolShell Used to Compromise Telecoms Company in Middle East
StealthServer: A Dual-Platform Backdoor from a South Asian APT Group
Cybersecurity
AI-enabled ransomware attacks: CISO’s top security concern — with good reason
NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million
Microsoft Digital Defense Report 2025
Cyber Monitoring Centre Statement on the Jaguar Land Rover Cyber Incident – October 2025
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
Microsoft Digital Defense Report 2025
Apple alerts exploit developer that his iPhone was targeted with government spyware
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
