A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| China-linked hackers target U.S. non-profit in long-term espionage campaign |
| A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem |
| LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks |
| Cisco fixes critical UCCX flaw allowing Root command execution |
| Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems |
| Clop Ransomware group claims the breach of The Washington Post |
| Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices |
| Google sounds alarm on self-modifying AI malware |
| Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs |
| SonicWall blames state-sponsored hackers for September security breach |
| U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program |
| Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks |
| U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog |
| Nine arrested in €600M crypto laundering bust across Europe |
| Google fixed a critical remote code execution in Android |
| SesameOp: New backdoor exploits OpenAI API for covert C2 |
| Google Big Sleep found five vulnerabilities in Safari |
| Crooks exploit RMM software to hijack trucking firms and steal cargo |
| Jabber Zeus developer ‘MrICQ’ extradited to US from Italy |
| Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid |
| Android Apps misusing NFC and HCE to steal payment data on the rise |
| Conduent January 2025 breach impacts 10M+ people |
International Press – Newsletter
Remote access, real cargo: cybercriminals targeting trucking and logistics
Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody
Decisive actions against cryptocurrency scammers earning over EUR 600 million
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers
Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says
INSIDE LOCKBIT 5.0: AN EXCLUSIVE INTERVIEW WITH THE NEW INSTANCE OF THE WORLD’S MOST INFAMOUS RANSOMWARE BRAND
How a ransomware gang encrypted Nevada government’s systems
Malware
SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector
Gootloader Returns: What Goodies Did They Bring?
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Hacking
Exploiting Trust in Collaboration: Microsoft Teams Vulnerabilities Uncovered
HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage
Cisco Event Response: Continued Attacks Against Cisco Firewalls
LLM-goat
The most advanced ClickFix yet?
Intelligence and Information Warfare
DPRK’s Playbook: Kimsuky’s HttpTroy and Lazarus’s New BLINDINGCAN Variant
Disrupting Illicit DPRK Bankers and Institutions Laundering Cybercrime and IT Worker Funds
Preparing for Threats to Come: Cybersecurity Forecast 2026
Sonicwall: Cloud Backup Security Incident Investigation Complete and Strengthened Cyber Resilience
Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines
ESET APT Activity Report Q2 2025–Q3 2025
Italian communications executive reveals he was targeted with Paragon spyware
China-linked Actors Maintain Focus on Organizations Influencing U.S. Policy
Russian Cybercrime & State Militarization
Cybersecurity
Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities
Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)