A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| ATM Jackpotting ring busted: 54 indicted by DoJ |
| U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog |
| Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says |
| CLOP targets Gladinet CentreStack servers in large-scale extortion campaign |
| ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks |
| China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager |
| Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw |
| DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists |
| U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog |
| GhostPairing campaign abuses WhatsApp device linking to hijack accounts |
| SonicWall warns of actively exploited flaw in SMA 100 AMC |
| GNV ferry Fantastic under cyberattack probe amid remote hijack fears |
| Askul data breach exposed over 700,000 records after ransomware attack |
| Russian state hackers targeted Western critical infrastructure for years, Amazon says |
| U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog |
| A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations |
| Hackers are exploiting critical Fortinet flaws days after patch release |
| Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity |
| French Interior Minister says hackers breached its email servers |
| U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog |
| Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika |
| U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people |
| CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use |
| Experts found an unsecured 16TB database containing 4.3B professional records |
International Press – Newsletter
Data breach at credit check giant 700Credit affects at least 5.6 million
Beware: PayPal subscriptions abused to send fake purchase emails
PornHub extorted after hackers steal Premium member activity data
Man jailed for teaching criminals how to use malware
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
700,000 Records Compromised in Askul Ransomware Attack
Fraudulent call centres in Ukraine rolled up
Most Parked Domains Now Serving Malicious Content
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists
Clop ransomware targets Gladinet CentreStack in data theft attacks
Tren De Aragua Members and Leaders Indicted in Multi-Million Dollar ATM Jackpotting Scheme
Nigeria arrests suspected RaccoonO365 phishing kit developer on tip from Microsoft, FBI
Malware
CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks
About ZnDoor, a malware executed by React2Shell
Malicious NuGet Package Typosquats Popular .NET Tracing Library to Steal Wallet Passwords
Meet Cellik – A New Android RAT With Play Store Integration
Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices
Hacking
Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719
Exploitation of Critical Vulnerability in React Server Components (Updated December 12)
GhostPairing Attacks: from phone number to full access in WhatsApp
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
Vulnerability in UEFI firmware modules prevents IOMMU initialization on some UEFI-based motherboards
Intelligence and Information Warfare
“An attacker was able to access a number of files”: on RTL, Laurent Nuñez confirmed “a cyberattack” at the Ministry of the Interior
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure
Italian ship stopped in France: had malware on board. Latvian sailor accused of espionage
Cisco says Chinese hackers are exploiting its customers with a new zero-day
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Denmark says Russia was behind two ‘destructive and disruptive’ cyber-attacks
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
Cybersecurity
MOBILE PHONES THREAT LANDSCAPE SINCE 2015
‘Completely Deactivate Wi-Fi’—Cyber Agency Warns iPhone And Android Users
Venezuela’s PDVSA suffers cyberattack, tankers make u-turns amid tensions with US
Learn about updates to dark web report
Texas sues TV makers for taking screenshots of what people watch
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Dismantling Defenses: Trump 2.0 Cyber Year in Review
Hacks, thefts, and disruption: The worst data breaches of 2025
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)