Security Affairs newsletter Round 527 by Pierluigi Paganini

Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini June 08, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source

Attackers exploit Fortinet flaws to deploy Qilin ransomware

Russia-linked threat actors targets Ukraine with PathWiper wiper

U.S. Offers $10M bounty for info on RedLine malware creator and state hackers

Play ransomware group hit 900 organizations since 2022

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

New versions of Chaos RAT target Windows and Linux systems

Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure

Law enforcement seized the carding marketplace BidenCash

Ukraine’s military intelligence agency stole 4.4GB of highly classified internal data from Tupolev

HPE fixed multiple flaws in its StoreOnce software

Roundcube Webmail under fire: critical exploit found after a decade

U.S. CISA adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalog

Cartier disclosed a data breach following a cyber attack

U.S. CISA adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

Android banking trojan Crocodilus rapidly evolves and goes global

Google fixed the second actively exploited Chrome zero-day since the start of the year

Cryptojacking campaign relies on DevOps tools

Hacking

Qualcomm fixed three zero-days exploited in limited, targeted attacks

Police took down several popular counter-antivirus (CAV) services, including AvCheck

A cyberattack hit hospitals operated by Covenant Health

Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188

Two flaws in vBulletin forum software are under attack

International Press – Newsletter

Cybercrime

Websites selling hacking tools to cybercriminals seized

Alleged Conti, TrickBot Gang Leader Unmasked

Key service for malware developers taken offline

Hospitals in Maine, New Hampshire limit services after cyberattack on Catholic health org

U.S. Government seizes approximately 145 criminal marketplace domains

Interlock ransomware claims Kettering Health breach, leaks stolen data

Cyber Criminals Defraud Hedera Hashgraph Network Non-Custodial Wallet Users Through Nonfungible Token Airdrops Disguised as Free Rewards

#StopRansomware: Play Ransomware

Maxim Alexandrovich Rudometov & RedLine

The SEC Pinned Its Hack on a Few Hapless Day Traders. The Full Story Is Far More Troubling

Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect

Ransomware gang claims responsibility for Kettering Health hack

Malware

Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One

Attacker exploits misconfigured AI tool to run AI-generated payload

Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban

From open-source to open threat: Tracking Chaos RAT’s evolution

Home Internet Connected Devices Facilitate Criminal Activity

Hacking

vBulletin replaceAdTemplate Exploited in the Wild

Don’t Call That “Protected” Method: Dissecting an N-Day vBulletin RCE

Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN

DevOps Tools Targeted for Cryptojacking

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Critical Fortinet flaws now exploited in Qilin ransomware attacks

Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection

Intelligence and Information Warfare

A Flyby on the CFO’s Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment

Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit

Ukraine Hacks Tupolev, Exposes Russia’s Strategic Bomber Secrets

Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine

Justice Department accuses two Chinese researchers of smuggling ‘potential agroterrorism weapon’ into US

Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring

The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two

Cybersecurity

Sustaining Digital Certificate Security – Upcoming Changes to the Chrome Root Store

Announcing a new strategic collaboration to bring clarity to threat actor naming

NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’

Victoria’s Secret says it will postpone earnings report after recent security breach

Largest ever data leak exposes over 4 billion user records

Australian ransomware victims now must tell the government if they pay up

Pivot to AI

EU takes a step further in cybersecurity crisis management

Cyber Attacks Are Up 47% in 2025 – AI is One Key Factor

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Pierluigi Paganini July 20, 2025

Singapore warns China-linked group UNC3886 targets its critical infrastructure

Pierluigi Paganini July 03, 2025

Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

you might also like

Singapore warns China-linked group UNC3886 targets its critical infrastructure

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CISA released Thorium platform to support malware and forensic analysis

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

Dahua Camera flaws allow remote hacking. Update firmware now

Researchers released a decryptor for the FunkSec ransomware

Apple fixed a zero-day exploited in attacks against Google Chrome users

QUICK LINKS

Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

you might also like

Singapore warns China-linked group UNC3886 targets its critical infrastructure

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

CISA released Thorium platform to support malware and forensic analysis

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

Dahua Camera flaws allow remote hacking. Update firmware now

Researchers released a decryptor for the FunkSec ransomware

Apple fixed a zero-day exploited in attacks against Google Chrome users

Subscribe to my email list and stay
up-to-date!