Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION
August 10, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Warning: Phishing campaign detected
New WhatsApp Tools and Tips to Beat Messaging Scams
GenAI Used For Phishing Websites Impersonating Brazil’s Government
FraudOnTok
FinCEN Issues Notice on the Use of Convertible Virtual Currency Kiosks for Scam Payments and Other Illicit Activity
Nigerian Man Extradited To Face Hacking, Fraud, And Identity Theft Charges
Update: Akira ransomware group targets SonicWall VPN appliances
Columbia University data breach impacts nearly 870,000 individuals
Who Got Arrested in the Raid on the XSS Crime Forum?
Unmasking Embargo Ransomware: A Deep Dive Into the Group’s TTPs and BlackCat Links
Malware
Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN
ToxicPanda: The Android Banking Trojan Targeting Europe
“CAPTCHAgeddon” Unmasking the Viral Evolution of the ClickFix Browser-Based Threat
11 Malicious Go Packages Distribute Obfuscated Remote Payloads
New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer
Hacking
Lovense: The Company That Lies to Security Researchers
Breaking NVIDIA Triton: CVE-2025-23319 – A Vulnerability Chain Leading to AI Server Takeover
Huntress Threat Advisory: Active Exploitation of SonicWall VPNs
Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
ReVault! When your SoC turns against you…
Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise
Intelligence and Information Warfare
The Covert Operator’s Playbook: Infiltration of Global Telecom Networks
Hacked Crimean servers reveal information about abducted children, Ukraine says
Updated UAC-0099 toolkit: MATCHBOIL, MATCHWOK, DRAGSTARE
WinRAR zero-day exploited to plant malware on archive extraction
Germany’s top court holds that police can only use spyware to investigate serious crimes
‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians
Cybersecurity
Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
AI Rewrote Its Code When I Asked About Human Nature
Cisco Says User Data Stolen in CRM Hack
Most cybersecurity risk comes from just 10% of employees
Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment
Air France and KLM disclose data breaches impacting customers
Google Discloses Data Breach via Salesforce Hack
Preventing ZIP parser confusion attacks on Python package installers
Europe prioritising spend properly as H1 cybersecurity market hits double-digit growth
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
