MUST READ

ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63

 | 

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

A cyberattack on Collins Aerospace disrupted operations at major European airports

 | 

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

 | 

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

 | 

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

 | 

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

 | 

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

 | 

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

 | 

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

 | 

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

 | 

DoJ resentenced former BreachForums admin to three years in prison

 | 

Apple backports fix for actively exploited CVE-2025-43300

 | 

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini September 21, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A cyberattack on Collins Aerospace disrupted operations at major European airports
CISA warns of malware deployed through Ivanti EPMM flaws
Fortra addressed a maximum severity flaw in GoAnywhere MFT software
UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London
ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT
SonicWall warns customers to reset credentials after MySonicWall backups were exposed
CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025
Jaguar Land Rover will extend its production halt into a third week following a cyberattack
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service
DoJ resentenced former BreachForums admin to three years in prison
Apple backports fix for actively exploited CVE-2025-43300
New supply chain attack hits npm registry, compromising 40+ packages
Cybercrime group accessed Google Law Enforcement Request System (LERS)
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
Insider breach at FinWise Bank exposes data of 689,000 AFF customers
Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records
Fairmont Federal Credit Union 2023 data breach impacted 187K people
UK ICO finds students behind majority of school data breaches
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance
ShinyHunters Attack National Credit Information Center of Vietnam

International Press – Newsletter

Cybercrime

Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers 

Hackers claim access to law enforcement portals, but do they really have access?

Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison

RaccoonO365: An Active Campaign and New Features  

FileFix in the wild! New FileFix campaign goes beyond POC and leverages steganography

Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service

United Kingdom National Charged in Connection with Multiple Cyber Attacks, Including on Critical Infrastructure

Two charged for TfL cyber attack     

Inside the Lighthouse and Lucid PhaaS Campaigns Targeting 316 Global Brands

SystemBC – Bringing the Noise     

Evolution Cybercrime—Key Trends, Cybersecurity Threats, and Mitigation Strategies from Historical Data

Malware

SmokeLoader Rises From the Ashes 

Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages 

Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation  

Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware

Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware      

Hacking

A learning approach on exploiting CVE-2020-9273

Rowhammer Attack Demonstrated Against DDR5 

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations 

ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent 

CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems

Intelligence and Information Warfare

APT Down – The North Korea Files

Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm  

Israel announces seizure of $1.5M from crypto wallets tied to Iran 

Ukraine claims cyberattacks on Russian election systems; Moscow confirms disruptions 

THREE IRANIAN CYBER ACTORS 

SEC targets US firms tied to suspected Chinese ‘pump and dump’ scams   

Minding the drone gap: Drone warfare and the EU  

Gamaredon X Turla collab 

Modus Operandi of Subtle Snail  

Cybersecurity

AI Agents are Eroding the Foundations of Cybersecurity

Kids in the UK are hacking their own schools for dares and notoriety    

Cloudflare participates in global operation to disrupt RaccoonO365   

JLR could face disruption until November after hack 

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Palo Alto Networks Unit 42 Recognised by UK’s NCSC as an Enhanced Level Cyber Incident Response Assured Service Provider 

Germany approves new rules to protect critical infrastructure

Passengers stranded at Heathrow, other European airports after cyberattack  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 21, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63
Read more
Pierluigi Paganini September 20, 2025
CISA warns of malware deployed through Ivanti EPMM flaws
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks

APT / September 21, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63

Malware / September 21, 2025

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 21, 2025

A cyberattack on Collins Aerospace disrupted operations at major European airports

Hacking / September 20, 2025

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

Security / September 19, 2025