Pierluigi Paganini
November 16, 2025
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Phishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and Customers
Roman Novak, a crypto fraudster, and his wife were killed in the UAE
Yanluowang initial access broker pleaded guilty to ransomware attacks
Man and woman jailed for their roles in multibillion-pound fraudulent Bitcoin scheme
Google sues cybercriminal group behind E-ZPass, USPS text phishing scams
The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign
End of the game for cybercrime infrastructure: 1025 servers taken down
Thousands of Domains Target Hotel Guests in Massive Phishing Campaign
New Scam Center Strike Force Battles Southeast Asian Crypto Investment Fraud Targeting Americans
Malware
9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Fantasy Hub: Another Russian Based RAT as M-a-a-S
Unleashing the Kraken ransomware group
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
Hacking
Whisper Leak: A novel side-channel attack on remote language models
No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480
Dangerous runC flaws could allow hackers to escape Docker containers
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
Suspected Fortinet zero-day exploited in the wild
Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
Critical: Remote Code Execution via Malicious Obfuscated Malware in Imunify360 AV (AI-bolit)
Multiple Vulnerabilities in GoSign Desktop leads to Remote Code Execution
Intelligence and Information Warfare
Samsung Spyware Attack — Critical Landfall 0-Day Exploited
Australia Sanctions Hackers Supporting North Korea’s Weapons Program
Top US Army General Says He’s Letting ChatGPT Make Military Decisions
State-Sponsored Remote Wipe Tactics Targeting Android Devices
Why a lot of people are getting hacked with government spyware
It’s time to reckon with the geopolitics of artificial intelligence
Amazon discovers APT exploiting Cisco and Citrix zero-days
Disrupting the first reported AI-orchestrated cyber espionage campaign
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery
Justice Department Announces Nationwide Actions to Combat Illicit North Korean Government Revenue Generation
Cybersecurity
Fearing vulnerability to China, Europe has a new worry: Electric buses
ENISA Sectorial Threat Landscape – Public Administration
Meta is earning a fortune on a deluge of fraudulent ads, documents show
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
The November 2025 Security Update Review
Firefox expands fingerprint protections: advancing towards a more private web
Evasion Attacks on LLMs – Countermeasures in Practice
Elon Musk’s X botched its security key switchover, locking users out
CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
Security / November 14, 2025
