Internet Security

Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION

October 5, 2025 add comment

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals
U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog
ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims
ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE
Google warns of Cl0p extortion campaign against Oracle E-Business users
CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor
Allianz Life data breach impacted 1.5 Million people
Cybercrime group claims to have breached Red Hat ‘s private GitHub repositories
China-linked APT Phantom Taurus uses Net-Star malware in espionage campaigns against key sectors
OpenSSL patches 3 vulnerabilities, urging immediate updates
Apple urges users to update iPhone and Mac to patch font bug
WestJet confirms cyberattack exposed IDs, passports in June incident
Broadcom patches VMware Zero-Day actively exploited by UNC5174
UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure
U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog
Asahi halts ordering, shipping, and customer service after cyberattack
Scattered Spider, ShinyHunters Restructure – New Attacks Underway 
UK grants £1.5B loan to Jaguar Land Rover after cyberattack
Harrods alerts customers to new data breach linked to third-party provider
Akira Ransomware bypasses MFA on SonicWall VPNs
Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks
Dutch teens arrested for spying on behalf of pro-Russian hackers
Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

International Press – Newsletter

Cybercrime

Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less

Woman convicted following world’s largest crypto seizure 

The Kids Aren’t Alright

Trinity of Chaos: The LAPSUS$, ShinyHunters, and Scattered Spider Alliance Embarks on Global Cybercrime Spree  

‘You’ll never need to work again’: Criminals offer reporter money to hack BBC  

Red Hat confirms security incident after hackers claim GitHub breach 

Researchers Say They Flagged Cyber Flaws at Jaguar Ahead of Crippling Breach  

Oracle Apps Exploited by Hackers in New Extortion Campaign 

Silent Smishing : The Hidden Abuse of Cellular Router APIs  

Malware

First Malicious MCP in the Wild: The Postmark Backdoor That’s Stealing Your Emails  

Klopatra: exposing a new Android banking trojan operation with roots in Turkey  

Check Your Socks – A Deep Dive into soopsocks PyPI Package  

New spyware campaigns target privacy-conscious Android users in the UAE  

Rhadamanthys 0.9.x – walk through the updates

Hacking

AppSuite, OneStart & ManualFinder: The Nexus of Deception 

Apple fixes critical font processing bug. Update now! 

Why hackers are targeting the world’s shipping  

HackerOne Report Finds 210% Spike in AI Vulnerability Reports Amid Rise of AI Autonomy  

Palo Alto Scanning Surges ~500% in 48 Hours, Marking 90-Day High  

WireTap: Breaking Server SGX via DRAM Bus Interposition

Battering RAM Low-Cost Interposer Attacks on Confidential Computing

OneLogin, Many Secrets: Clutch Uncovers Critical API Vulnerability Exposing Client Credentials        

Intelligence and Information Warfare

Two Dutch teens arrested in rare Russian espionage case  

Pro-EU party in Moldova set to win vote mired in claims of Russian interference 

You name it, VMware elevates it (CVE-2025-41244)  

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

SVG Phishing hits Ukraine with Amatera Stealer, PureMiner

CABINETRAT backdoor used by UAC-0245 for targeted cyberattacks against SOU (CERT-UA#17479)  

Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks

Confucius Espionage: From Stealer to Backdoor  

Cybersecurity

Harrods warns customers their data may have been stolen in IT breach  

Government backs Jaguar Land Rover with £1.5 billion loan guarantee  

WestJet confirms recent breach exposed customers’ passports

AI Agents Are Eroding the Foundations of Cybersecurity    

Feds cut funding to program that shared cyber threat info with local governments  

California enacts AI safety law targeting tech giants  

Package Maintainers Call for Improvements to GitHub’s New npm Security Plan 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter