Internet Security

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

July 13, 2025 add comment

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

McDonald’s job app exposes data of 64 Million applicants
Athlete or Hacker? Russian basketball player accused in U.S. ransomware case
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
UK NCA arrested four people over M&S, Co-op cyberattacks
PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda
Qantas data breach impacted 5.7 million individuals
DoNot APT is expanding scope targeting European foreign ministries
Nippon Steel Solutions suffered a data breach following a zero-day attack
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
Hackers weaponize Shellter red teaming tool to spread infostealers
Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
Intelligence
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
IT Worker arrested for selling access in $100M PIX cyber heist
New Batavia spyware targets Russian industrial enterprises
Taiwan flags security risks in popular Chinese apps after official probe
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
Hunters International ransomware gang shuts down and offers free decryption keys to all victims

International Press – Newsletter

Cybercrime

From electrician to pivot of a million-dollar scam in the financial system: find out who is the IT operator who sold passwords to hackers    

Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack 

Qantas confirms data breach impacts 5.7 million customers

Retail cyber attacks: NCA arrest four for attacks on M&S, Co-op and Harrods

French police arrest Russian basketball player accused of ransomware: Report 

Russian basketball player arrested in France over alleged ransomware ties 

Malware

Datacarry Ransomware

Batavia spyware steals data from Russian organizations  

Crypto Wallets Continue to be Drained in Elaborate Social Media Scam 

CoinMiner Attacks Exploiting GeoServer Vulnerability 

Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach 

Hacking

CrowdStrike Researchers Investigate the Threat of Patchless AMSI Bypass Attacks

Reverse Engineering of Security Products: Developing an Advanced Microsoft Defender Tamper Tradecraft – BlackHat MEA 2024 talk  

CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?

Taking SHELLTER: a commercial evasion framework abused in- the- wild 

Malicious pull request infects VS Code extension 

CitrixBleed 2 exploitation started mid-June — how to spot it 

PerfektBlue. 1-click RCE attack 

Activision took down Call of Duty game after PC players hacked, says source 

Would you like an IDOR with that? Leaking 64 million McDonald’s job applications 

Intelligence and Information Warfare

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

NSB Alerts the Significant Cybersecurity Risks in China-Made Mobile Applications

Chinese ‘spy’ arrested in Italy on US warrant 

Sanctions Imposed on DPRK IT Workers Generating Revenue for the Kim Regime

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates 

From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities 

Cybersecurity

Why the Revision of the Cybersecurity Act is the Most Consequential Regulatory Development of 2025 (and Beyond)  

The July 2025 Security Update Review 

Samsung Announces Security Improvements for Galaxy Smartphones

Jack Dorsey launches a WhatsApp messaging rival built on Bluetooth 

Russia, hotbed of cybercrime, says nyet to ethical hacking bill

Mitigating CitrixBleed 2 (CVE‑2025‑5777) NetScaler Memory Disclosure with App & API Protector 

Design Patterns for Securing LLM Agents against Prompt Injections 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter