Security Affairs newsletter Round 514 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Akira ransomware gang used an unsecured webcam to bypass EDR

Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

International law enforcement operation seized the domain of the Russian crypto exchange Garantex

Medusa Ransomware targeted over 40 organizations in 2025

Qilin Ransomware gang claims the hack of the Ministry of Foreign Affairs of Ukraine

Elastic patches critical Kibana flaw allowing code execution

The U.S. DoJ charges 12 Chinese nationals for state-linked cyber operations

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

China-linked APT Silk Typhoon targets IT Supply Chain

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

New Eleven11bot botnet infected +86K IoT devices

Polish Space Agency POLSA disconnected its network following a cyberattack

U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog

VMware fixed three actively exploited zero-days in ESX products

Digital nomads and risk associated with the threat of infiltred employees

Google fixed two actively exploited Android flaws

Mass exploitation campaign hit 4,000+ ISP networks to deploy info stealers and crypto miners

CISA maintains stance on Russian cyber threats despite policy shift

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

U.S. Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Meta fired 20 employees for leaking information, more firings expected

International Press – Newsletter

Cybercrime

U.S. Authorities Seize $31 Million Related to Uranium Finance Hack  

10 Ways Cybercrime Impacts Business  

Infostealer Campaign against ISPs

Nigerian Man Extradited to the United States to Face Computer Intrusion and Theft Charges  

Russian crypto exchange Garantex seized by law enforcement operation  

Employee at Multinational DVD Company Charged with Stealing, Selling Pre-Release Commercial DVDs for Blockbuster Films  

Data breach at Japanese telecom giant NTT hits 18,000 companies

New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran

Malware

Cellebrite zero-day exploit used to target phone of Serbian student activist  

Uncovering .NET Malware Obfuscated by Encryption and Virtualization  

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal

Fingerprint Heists: How your browser fingerprint can be stolen and used by fraudsters

Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom

Hacking

Havoc: SharePoint with Microsoft Graph API turns into FUD C2 

Jailbreaking to Jailbreak  

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

Camera off: Akira deploys ransomware via webcam  

Flights to D.C. airport received false collision alerts while landing

AI’s Role in Turning Massive Data Leaks into Hacker Paydays: A Look at the Orange Breach    

Intelligence and Information Warfare

CISA: No Change on Defending Against Russian Cyber Threats  

Call It What You Want: Threat Actor Delivers Highly Targeted Multistage Polyglot Malware  

Polish space agency confirms cyberattack

Silk Typhoon targeting IT supply chain

The evolution of Dark Caracal tools: analysis of a campaign featuring Poco RAT  

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools 

10 Chinese Nationals Charged With Large-Scale Hacking Of U.S. And International Victims On Behalf Of The Chinese Government    

New DOGE Staffer Has Ties to a Sanctioned Russian Oligarch     

CIA director says US has paused sharing intelligence with Ukraine  

Cybersecurity

The biggest data breaches of 2025 — so far  

Investigations announced into how social media and video sharing platforms use UK children’s personal information  

“Bad Romance”: How Kaspersky Lab Failed to Conquer the Western Cybersecurity Market

Google Patches Pair of Exploited Vulnerabilities in Android  

Organizations Still Not Patching OT Due to Disruption Concerns: Survey

New AI-Powered Scam Detection Features to Help Protect You on Android

Who is the DOGE and X Technician Branden Spikes?  

Quantum computers threaten to break online security in minutes, expert warns    

ENISA NIS360 2024 

Catalan court says NSO Group executives can be charged in spyware investigation  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)