Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION
Pierluigi Paganini
November 30, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Iberia discloses customer data leak after vendor security breach
Account Takeover Fraud via Impersonation of Financial Institution Support
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide
Investigation Results and Future Measures on Cyberattack Data Exposure
French Soccer Federation Hit by Cyberattack, Member Data Stolen
Malware
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287)
Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix
Shai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman Compromised
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
Hacking
Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
OpenAI User Data Exposed in Mixpanel Hack
B2B Guest Access Creates an Unprotected Attack Vector
ToddyCat – Your Hidden Email Assistant. Part 1
Critical Vulnerabilities in FluentBit Expose Cloud Environments to Remote Takeover
Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft
Intelligence and Information Warfare
CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications
Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine
Hackers knock out systems at Moscow-run postal operator in occupied Ukraine
Artificial Intelligence And The Future Of War
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
Bloody Wolf: A Blunt Crowbar Threat To Justice
Cybersecurity
Root causes of security breaches remain elusive — jeopardizing resilience
What organisations can learn from the record breaking fine over Capita’s ransomware incident
Harvard University discloses data breach affecting alumni, donors
London councils hit by ‘cyber attack’ with data potentially compromised
Google Starts Sharing All Your Text Messages With Your Employer
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)