Internet Security

Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION

April 6, 2025 add comment

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A flaw in Verizon’s iOS Call Filter app exposed call records of millions
Port of Seattle ‘s August data breach impacted 90,000 people
President Trump fired the head of U.S. Cyber Command and NSA
CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware
39M secrets exposed: GitHub rolls out new security tools
China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
New Triada Trojan comes preinstalled on Android devices
New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows
U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog
Apple backported fixes for three actively exploited flaws to older devices
Spike in Palo Alto Networks scanner activity suggests imminent cyber threats
Microsoft warns of critical flaw in Canon printer drivers
CrushFTP CVE-2025-2825 flaw actively exploited in the wild
France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency
Hiding WordPress malware in the mu-plugins directory to avoid detection
U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog
Russia-linked Gamaredon targets Ukraine with Remcos RAT
CoffeeLoader uses a GPU-based packer to evade detection
Morphing Meerkat phishing kits exploit DNS MX records
CISA warns of RESURGE malware exploiting Ivanti flaw
Sam’s Club Investigates Alleged Cl0p Ransomware Breach

International Press – Newsletter

Cybercrime

Walmart’s Sam’s Club claimed by Cl0p ransomware gang  

Anubis Backdoor

New version of Triada steals cryptocurrency, messenger accounts and replaces phone numbers during calls

The beginning of the end: the story of Hunters International  

Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users    

Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems

Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe 

Malware

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure  

Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor 

Advancements in delivery: Scripting with Nietzsche  

Analyzing New HijackLoader Evasion Tactics  

Malicious Python packages target popular Bitcoin library 

Hacking

A Phishing Tale of DoH and DNS MX Abuse

Hackers are now using AI to break AI – and it’s working 

Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats

Someone is trying to recruit security researchers in bizarre hacking campaign 

Critical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and Analysis  

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack 

Hacking the Call Records of Millions of Americans  

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

Intelligence and Information Warfare

Gamaredon campaign abuses LNK files to distribute Remcos backdoor  

Russian spies as disinformation actors   

The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques     

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)  

Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs.

UAC-0219: Cyber ​​espionage using PowerShell stealer WRECKSTEEL 

White House fires National Security Agency chief      

Israel Enters ‘Stage 3’ of Cyber Wars With Iran Proxies 

Poland’s prime minister says cyberattack targeted his party as election nears 

Cybersecurity

Fake Passport Generated by ChatGPT Bypasses Security

Apple hit with $162 million French antitrust fine over privacy tool 

GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help  

TikTok faces €500 million fine for illegally shipping European user data to China – report 

Google announces Sec-Gemini v1, a new experimental cybersecurity model

Texas city warns thousands of utility payment site breach

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter