Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| McDonald’s job app exposes data of 64 Million applicants |
| Athlete or Hacker? Russian basketball player accused in U.S. ransomware case |
| U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog |
| UK NCA arrested four people over M&S, Co-op cyberattacks |
| PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda |
| Qantas data breach impacted 5.7 million individuals |
| DoNot APT is expanding scope targeting European foreign ministries |
| Nippon Steel Solutions suffered a data breach following a zero-day attack |
| Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates |
| Hackers weaponize Shellter red teaming tool to spread infostealers |
| Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day |
| Intelligence |
| Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant |
| U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog |
| IT Worker arrested for selling access in $100M PIX cyber heist |
| New Batavia spyware targets Russian industrial enterprises |
| Taiwan flags security risks in popular Chinese apps after official probe |
| U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog |
| Hunters International ransomware gang shuts down and offers free decryption keys to all victims |
International Press – Newsletter
From electrician to pivot of a million-dollar scam in the financial system: find out who is the IT operator who sold passwords to hackers
Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack
Qantas confirms data breach impacts 5.7 million customers
Retail cyber attacks: NCA arrest four for attacks on M&S, Co-op and Harrods
French police arrest Russian basketball player accused of ransomware: Report
Russian basketball player arrested in France over alleged ransomware ties
Malware
Datacarry Ransomware
Batavia spyware steals data from Russian organizations
Crypto Wallets Continue to be Drained in Elaborate Social Media Scam
CoinMiner Attacks Exploiting GeoServer Vulnerability
Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach
Hacking
CrowdStrike Researchers Investigate the Threat of Patchless AMSI Bypass Attacks
Reverse Engineering of Security Products: Developing an Advanced Microsoft Defender Tamper Tradecraft – BlackHat MEA 2024 talk
CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?
Taking SHELLTER: a commercial evasion framework abused in- the- wild
Malicious pull request infects VS Code extension
CitrixBleed 2 exploitation started mid-June — how to spot it
PerfektBlue. 1-click RCE attack
Activision took down Call of Duty game after PC players hacked, says source
Would you like an IDOR with that? Leaking 64 million McDonald’s job applications
Intelligence and Information Warfare
DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal
NSB Alerts the Significant Cybersecurity Risks in China-Made Mobile Applications
Chinese ‘spy’ arrested in Italy on US warrant
Sanctions Imposed on DPRK IT Workers Generating Revenue for the Kim Regime
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
Cybersecurity
Why the Revision of the Cybersecurity Act is the Most Consequential Regulatory Development of 2025 (and Beyond)
The July 2025 Security Update Review
Samsung Announces Security Improvements for Galaxy Smartphones
Jack Dorsey launches a WhatsApp messaging rival built on Bluetooth
Russia, hotbed of cybercrime, says nyet to ethical hacking bill
Mitigating CitrixBleed 2 (CVE‑2025‑5777) NetScaler Memory Disclosure with App & API Protector
Design Patterns for Securing LLM Agents against Prompt Injections
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
