Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION
October 19, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Investigating targeted “payroll pirate” attacks affecting US universities
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Police are asking kids to stop pulling AI homeless man prank
SimonMed Imaging Data Breach Impacts 1.2 Million
When the monster bytes: tracking TA585 and its arsenal
Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack
Qantas confirms cybercriminals released stolen customer data
Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate
PowerSchool hacker sentenced to 4 years in prison
Extortion and ransomware drive over half of cyberattacks
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Cybercrime-as-a-service takedown: 7 arrested
Bitcoin worth $14bn seized in US-UK crackdown on alleged scammers
Malware
Astaroth: Banking Trojan Abusing GitHub for Resilience
New Rust Malware “ChaosBot” Uses Discord for Command and Control
New Group on the Block: UNC5142 Leverages EtherHiding to Distribute Malware
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
Hacking
Pro-Russian hackers caught bragging about attack on fake water utility
One Token to rule them all – obtaining Global Admin in every Entra ID tenant via Actor tokens
100,000+ IP Botnet Launches Coordinated RDP Attack Wave Against US Infrastructure
Eavesdropping on Internal Networks via Unencrypted Satellites
RMPocalypse
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices
Data Exfiltration via ChatGPT Agent Mode
Pixnapping Attack
yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242)
Intelligence and Information Warfare
SOE-phisticated Persistence: Inside Flax Typhoon’s ArcGIS Compromise
Taiwan reports surge in Chinese cyber activity and disinformation efforts
Ukraine takes steps to launch dedicated cyber force for offensive strikes
K000154696: F5 Security Incident
Weaponizing Perception: China and Russia’s Cognitive Warfare Against Democracies
Jewelbug: Chinese APT Group Widens Reach to Russia
Taiwan flags rise in Chinese cyberattacks, warns of ‘online troll army’
‘Categorically untrue’ that China hacked UK intelligence systems, say officials
Italian businessman’s phone reportedly targeted with Paragon spyware
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains
Operation MotorBeacon : Threat Actor targets Russian Automotive Sector using .NET Implant
BeaverTail and OtterCookie evolve with a new Javascript module
Operation Silk Lure: Scheduled Tasks Weaponized for DLL Side-Loading (drops ValleyRAT)
Tracking Malware and Attack Expansion: A Hacker Group’s Journey across Asia
Cybersecurity
Homeland Security reassigns ‘hundreds’ of CISA cyber staffers to support Trump’s deportation crackdown
Employees are unknowingly leaking company secrets through ChatGPT, new report warns
Space Force Building Tools to Detect Cyberattacks on Satellites
Securing the Future: Changes to Internet Explorer Mode in Microsoft Edge
Oracle releases emergency patch for new E-Business Suite flaw
RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score
Elevating Cybersecurity: Ensuring Strategic and Sustainable Impact for CISOs
UK experiencing four ‘nationally significant’ cyber attacks every week
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
Jeep software update bricks vehicles, leaves owners stranded
ChatGPT safety systems can be bypassed to get weapons instructions
Evaluation of DeepSeek AI Models
404 Accountability not found: Spyware accountability through software liability
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
