A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
| BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks |
| U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog |
| CrowdStrike denies breach after insider sent internal screenshots to hackers |
| SolarWinds addressed three critical flaws in Serv-U |
| Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack |
| Salesforce alerts users to potential data exposure via Gainsight OAuth apps |
| Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles |
| Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal |
| Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops |
| Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks |
| U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog |
| 7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild |
| Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet |
| U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog |
| Eurofiber confirms November 13 hack, data theft, and extortion attempt |
| New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet |
| Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack |
| DoorDash data breach exposes personal info after social engineering attack |
| Google fixed the seventh Chrome zero-day in 2025 |
| Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases |
| Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps |
| Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack |
| North Korean threat actors use JSON sites to deliver malware via trojanized code |
| RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025 |
| Five admit helping North Korea evade sanctions through IT worker schemes |
| Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack |
International Press – Newsletter
Pennsylvania AG confirms data breach after INC Ransom attack
Thousands of servers seized in major cybercrime investigation
DoorDash confirms data breach impacting users’ phone numbers and physical addresses
Eurofiber Breach Exposes Critical Infrastructure Data Across Europe – What You Need to Know
Analyzing the latest Sneaky2FA Browser-in-the-Browser phishing page
United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware
Teenagers plead not guilty to London transport cyber attack
Malware
npm Malware Campaign Uses Adspect Cloaking to Deliver Malicious Redirects
GPT Trade: Fake Google Play Store drops BTMob Spyware and UASecurity Miner on Android Devices
Cooking up trouble: How TamperedChef uses signed apps to deliver stealthy payloads
Sturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal Encryption
Hacking
XWiki Under Increased Attack
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Fortinet warns of new FortiWeb zero-day exploited in attacks
Celebrating 15 years of Meta’s Bug Bounty Program
Diffing 7-Zip for CVE-2025-11001
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757)
Hey there! You are using WhatsApp: Enumerating Three Billion Accounts for Security and Privacy
W3 Total Cache < 2.8.13 – Unauthenticated Command Injection
HackOnChat Unmasking the WhatsApp Hacking Scam
ShadowRay 2.0: Attackers Turn AI Against Itself in Global Campaign that Hijacks AI Into Self-Propagating Botnet
Intelligence and Information Warfare
Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
The U.S. is losing a cyberwar
Beyond the Watering Hole: APT24’s Pivot to Multi-Vector Attacks
Attacks of the Striking Panda: APT31 Today
Cybersecurity
Cloudflare says outage that hit X, ChatGPT and other sites is resolved
Europe’s evolving cybersecurity threat landscape — revealed
Cyberattack leaves Jaguar Land Rover short of £680 million
Defending the cloud: Azure neutralized a record-breaking 15 Tbps DDoS attack
Elevating Cybersecurity: Ensuring Strategic and Sustainable Impact for CISOs
Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack
Cloudflare says outage that hit X, ChatGPT and other sites is resolved
The Cloudflare Outage May Be a Security Roadmap
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)