Security Affairs newsletter Round 524 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Shields up US retailers. Scattered Spider threat actors can target them

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

New botnet HTTPBot targets gaming and tech industries with surgical attacks

Meta plans to train AI on EU user data from May 27 without consent

AI in the Cloud: The Rising Tide of Security and Privacy Risks

Google fixed a Chrome vulnerability that could lead to full account takeover

Nova Scotia Power discloses data breach after March security incident

Coinbase disclosed a data breach after an extortion attempt

U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

U.S. CISA adds Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

Ivanti fixed two EPMM flaws exploited in limited attacks

Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days

Fortinet fixed actively exploited FortiVoice zero-day

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Marks and Spencer confirms data breach after April cyber attack

Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

Apple released security updates to fix multiple flaws in iOS and macOS

U.S. CISA adds TeleMessage TM SGNL to its Known Exploited Vulnerabilities catalog

Researchers found one-click RCE in ASUS’s pre-installed software DriverHub

Threat actors use fake AI tools to deliver the information stealer Noodlophile

German police seized eXch crypto exchange

Google will pay Texas $1.4 billion over its location tracking practices

International Press – Newsletter

Cybercrime

Crypto swapping service “eXch” shut down  

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain 

Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States

Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data

Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines  

Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins

Senior US Officials Impersonated in Malicious Messaging Campaign 

Malware

PupkinStealer : A .NET-Based Info-Stealer 

Interlock ransomware evolving under the radar 

High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding

Printer maker Procolored offered malware-laced drivers for months 

Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT

Hacking

One-Click RCE in ASUS’s Preinstalled Driver Software

Revealed — The Hackers Behind The World’s Most Prolific Cyberattacks

SAP Zero – Frostbite: How Russian RaaS Actor Qilin Exploited CVE-2025-31324 Weeks Before its Public Disclosure    

Intelligence and Information Warfare

Marbled Dust leverages zero-day in Output Messenger for regional espionage 

China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures 

TA406 Pivots to the Front

ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver 

Robot Soldiers, Neural Networks: How Machine Vision Is Changing Warfare

Chinese ‘kill switches’ found hidden in US solar farms 

Operation RoundPress 

Cybersecurity

Google to pay Texas $1.4 billion in data privacy settlement 

The May 2025 Security Update Review

Protecting Our Customers – Standing Up to Extortionists  

Nova Scotia Power confirms hackers stole customer data in cyberattack

‘They yanked their own plug’: How Co-op averted an even worse cyber attack

noyb sends Meta ‘cease and desist’ letter over AI training. European Class Action as potential next step   

Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds

Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)