Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION
July 20, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment
Louis Vuitton Data Breach Hits Customers in Several Countries
Romania arrests 13 in phishing scam targeting British tax office
CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
BaitTrap – The rise of baiting news sites behind online investment fraud
FBI Atlanta Seizes Major Video Game Piracy Websites
GLOBAL GROUP: Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies
Global operation targets NoName057(16) pro-Russian cybercrime network
Ransomware Group Claims to Have Stolen Data of 600,000 North Country HealthCare Patients
Hackers are trying to steal passwords and sensitive data from users of Signal clone
Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in China
Malware
KongTuke FileFix Leads to New Interlock RAT Variant
Code highlighting with Cursor AI for $500,000
The Linuxsys Cryptominer
From a Teams Call to a Ransomware Threat: Matanbuchus 3.0 MaaS Levels Up
Unmasking AsyncRAT: Navigating the labyrinth of forks
New Phobos and 8base ransomware decryptor recover files for free
Hacking
eSIM security
Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild
Pre-Auth SQL Injection to RCE – Fortinet FortiWeb Fabric Connector (CVE-2025-25257)
FileFix (Part 2)
End-of-Train and Head-of-Train Remote Linking Protocol
CVE-2025-47943: Stored XSS in Gogs via PDF
Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
Chinese authorities are using a new tool to hack seized phones and extract data
Zero-Day Threat Mitigation via Deep Learning in Cloud Environments
July 16 Advisory: Pre-Auth SQL Injection Leads to RCE in Fortinet FortiWeb [CVE-2025-25257]
Flaw in Signal App Clone Could Leak Passwords — GreyNoise Identifies Active Reconnaissance and Exploit Attempts
CitrixBleed 2 situation update — everybody already got owned
Intelligence and Information Warfare
How terrorist groups are leveraging AI to recruit and finance their operations
The government pays 12 million to China’s Huawei to protect police wiretaps
Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
China’s Salt Typhoon Hacked US National Guard
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
UAC-0001 cyberattacks on the security and defense sector using the LAMEHUG software tool, which uses LLM (large language model) (CERT-UA#16039)
Trump administration to spend $1 billion on ‘offensive’ hacking operations
Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure
UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies
Cybersecurity
CVE-2025-47812: Wing FTP Server Remote Code Execution Vulnerability Exploited in the Wild
Engaging the Vulnerability Research community through the Vulnerability Research Initiative
Hyper-volumetric DDoS attacks skyrocket: Cloudflare’s 2025 Q2 DDoS threat report
TRACKING RANSOMWARE : JUNE 2025
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
United Natural Foods Projects Up to $400M Sales Hit From June Cyberattack
DOGE Denizen Marko Elez Leaked API Key for xAI
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
