Security Affairs newsletter Round 547 by Pierluigi Paganini – INTERNATIONAL EDITION
October 26, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Myanmar military shuts down a major cybercrime center and detains over 2,000 people
Email Bombs Exploit Lax Authentication in Zendesk
Cybercriminals Abuse AI Website Creation App For Phishing
Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign
Cyber incidents in Texas, Tennessee and Indiana impacting critical government services
The Smishing Deluge: China-Based Campaign Flooding Global Text Messages
Malware
TikTok videos continue to push infostealers in ClickFix attacks
To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
Dissecting YouTube’s Malware Distribution Network October 23, 2025
Hacking
Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks
TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware
SessionReaper attacks have started, 3 in 5 stores still vulnerable Sansec by Sansec Forensics Team
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236)
Pwn2Own Ireland 2025: Day Three and Master of Pwn
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Realtime AI-Supported Voice Conversion (Deepfake) and its applications on Vishing and Social Engineering exercises
Microsoft 365 Copilot – Arbitrary Data Exfiltration Via Mermaid Diagrams
Intelligence and Information Warfare
China Says It Found Evidence of US Cyber Attack on State Agency
‘Catastrophic’ attack as Russians hack files on EIGHT MoD bases and post them on the dark web
Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion
Unmasking MuddyWater’s New Malware Toolkit Driving International Espionage
PhantomCaptcha | Multi-Stage WebSocket RAT Targets Ukraine in Single-Day Spearphishing Operation
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
UK facing ‘most contested and complex’ threat in decades, warns GCHQ director
Gotta fly: Lazarus targets the UAV sector
ToolShell Used to Compromise Telecoms Company in Middle East
StealthServer: A Dual-Platform Backdoor from a South Asian APT Group
Cybersecurity
AI-enabled ransomware attacks: CISO’s top security concern — with good reason
NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million
Microsoft Digital Defense Report 2025
Cyber Monitoring Centre Statement on the Jaguar Land Rover Cyber Incident – October 2025
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
Microsoft Digital Defense Report 2025
Apple alerts exploit developer that his iPhone was targeted with government spyware
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
