Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION
December 07, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos
Europol and partners shut down ‘Cryptomixer’
Penn and Phoenix Universities Disclose Data Breach After Oracle Hack
ASUS confirms third-party breach as hackers release sample files
Twin Brothers Sentenced for Wire Fraud, Conspiring to Hack into U.S. Department of State and Private Company
Russia blocks FaceTime and Snapchat for alleged use by terrorists
Malware
RadzaRat: New Android Trojan Disguised as File Manager Emerges with Zero Detection Rate
Chinese APT targets Uzbekistan
Glassworm’s resurgence
Malicious Rust Crate evm-units Serves Cross-Platform Payloads for Silent Execution
Hacking
Anatomy of a Hacktivist Attack: Russian-Aligned Group Targets OT/ICS
The Mystery OAST Host Behind a Regionally Focused Exploit Operation
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
Uncovering a Calendly-themed phishing campaign targeting business ad manager accounts
Attackers Actively Exploiting Critical Vulnerability in King Addons for Elementor Plugin
Array Networks Array AG Series vulnerable to command injection
A Hidden Pattern Within Months of Credential-Based Attacks Against Palo Alto GlobalProtect
Intelligence and Information Warfare
MuddyWater: Snakes by the riverbank
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems
Intellexa Leaks: New Predator victims despite US sanctions
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
Cybersecurity
Korean e-commerce behemoth Coupang confirms leak of 33.7 million users’ data
Facial Recognition’s Trust Problem
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
Cloudflare’s 2025 Q3 DDoS threat report — including Aisuru, the apex of botnets
A New Anonymous Phone Carrier Lets You Sign Up With Nothing but a Zip Code
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Hundreds of Porsche Owners in Russia Unable to Start Cars After System Failure
NCSC Proactive Notifications Service
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, CISA)