Security Affairs newsletter Round 538 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Kidney dialysis firm DaVita confirms ransomware attack compromised data of 2.7M people

China-linked Silk Typhoon APT targets North America

Over 300 entities hit by a variant of Atomic macOS Stealer in recent campaign

Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M

After SharePoint attacks, Microsoft stops sharing PoC exploit code with China

Former developer jailed after deploying kill-switch malware at Ohio firm

Colt Discloses Breach After Warlock Ransomware Group Puts Files Up for Sale

U.S. CISA adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog

Orange Belgium July data breach impacted 850,000 customers

Apple addressed the seventh actively exploited zero-day

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

A Scattered Spider member gets 10 years in prison

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

Britain targets Kyrgyz financial institutions, crypto networks aiding Kremlin

DOJ takes action against 22-year-old running RapperBot Botnet

Google fixed Chrome flaw found by Big Sleep AI

Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack

A hacker tied to Yemen Cyber Army gets 20 months in prison

Exploit weaponizes SAP NetWeaver bugs for full system compromise

Noodlophile Stealer evolution

Allianz Life security breach impacted 1.1 million customers

Analyzing evolution of the PipeMagic malware

U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

AI for Cybersecurity: Building Trust in Your Workflows

Human resources firm Workday disclosed a data breach

DoJ seizes $2.8M linked to Zeppelin Ransomware

Xerox fixed path traversal and XXE bugs in FreeFlow Core

Colt Technology faces multi-day outage after WarLock ransomware attack

International Press – Newsletter

Cybercrime

Justice Department Announces Seizure of Over $2.8 Million in Cryptocurrency, Cash, and other Assets     

Colt Telecom attack claimed by WarLock ransomware, data up for sale  

Serial hacker who defaced official websites is sentenced

Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet  

Fraud-as-a-Service: The Rising Threat to Africa’s Digital Future 

SIM-Swapper, Scattered Spider Hacker Gets 10 Years 

Colt confirms customer data stolen as Warlock ransomware auctions files

Chinese National Who Deployed “Kill Switch” Code on Employer’s Network Sentenced to Four Years in Prison  

African authorities dismantle massive cybercrime and fraud networks, recover millions

Europol confirms $50,000 Qilin ransomware reward is fake

Malware

Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak  

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints  

GodRAT – New RAT targeting financial institutions 

Preventing Domain Resurrection Attacks  

Hacking

From Support Ticket to Zero Day  

New Exploit for Critical SAP Vulnerability CVE-2025-31324 Released in the Wild  

Hijacked Satellites and Orbiting Space Weapons: In the 21st Century, Space Is the New Battlefield

Google says its AI-based bug hunter found 20 security vulnerabilities      

“Scamlexity” We Put Agentic AI Browsers to the Test – They Clicked, They Paid, They Failed 

Brazil: 121,981 files were exposed without security on a server containing health documents  

DOM-based Extension Clickjacking: Your Password Manager Data at Risk  

Scattered Spider: A Threat Profile  

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

Intelligence and Information Warfare

Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure     

Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code  

MURKY PANDA: A Trusted-Relationship Threat in the Cloud  

APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files 

Cybersecurity

HR giant Workday discloses data breach amid Salesforce attacks 

Allianz Life data breach affects 1.1 million customers 

U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback

Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data  

Orange Belgium informs its customers about a cyberattack 

Hackers who exposed North Korean government hacker explain why they did it 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)