Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 527 by Pierluigi Paganini – INTERNATIONAL EDITION
June 08, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Websites selling hacking tools to cybercriminals seized
Alleged Conti, TrickBot Gang Leader Unmasked
Key service for malware developers taken offline
Hospitals in Maine, New Hampshire limit services after cyberattack on Catholic health org
U.S. Government seizes approximately 145 criminal marketplace domains
Interlock ransomware claims Kettering Health breach, leaks stolen data
Cyber Criminals Defraud Hedera Hashgraph Network Non-Custodial Wallet Users Through Nonfungible Token Airdrops Disguised as Free Rewards
#StopRansomware: Play Ransomware
Maxim Alexandrovich Rudometov & RedLine
The SEC Pinned Its Hack on a Few Hapless Day Traders. The Full Story Is Far More Troubling
Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect
Ransomware gang claims responsibility for Kettering Health hack
Malware
Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One
Attacker exploits misconfigured AI tool to run AI-generated payload
Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
From open-source to open threat: Tracking Chaos RAT’s evolution
Home Internet Connected Devices Facilitate Criminal Activity
Hacking
vBulletin replaceAdTemplate Exploited in the Wild
Don’t Call That “Protected” Method: Dissecting an N-Day vBulletin RCE
Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
DevOps Tools Targeted for Cryptojacking
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Critical Fortinet flaws now exploited in Qilin ransomware attacks
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
Intelligence and Information Warfare
A Flyby on the CFO’s Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment
Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
Ukraine Hacks Tupolev, Exposes Russia’s Strategic Bomber Secrets
Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
Justice Department accuses two Chinese researchers of smuggling ‘potential agroterrorism weapon’ into US
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two
Cybersecurity
Sustaining Digital Certificate Security – Upcoming Changes to the Chrome Root Store
Announcing a new strategic collaboration to bring clarity to threat actor naming
NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’
Victoria’s Secret says it will postpone earnings report after recent security breach
Largest ever data leak exposes over 4 billion user records
Australian ransomware victims now must tell the government if they pay up
Pivot to AI
EU takes a step further in cybersecurity crisis management
Cyber Attacks Are Up 47% in 2025 – AI is One Key Factor
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
