A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ascension reveals personal data of 437,329 patients exposed in cyberattack Operation Moonlander dismantled the botnet behind Anyproxy and […] A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ascension reveals personal data of 437,329 patients exposed in cyberattackOperation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals servicesA cyber attack briefly disrupted South African Airways operationsCybercriminal services target end-of-life routers, FBI warnsRussia-linked ColdRiver used LostKeys malware in recent attacksSonicWall fixed SMA 100 flaws that could be chained to execute arbitrary codeThe LockBit ransomware site was breached, database dump was leaked onlineCisco fixed a critical flaw in its IOS XE Wireless ControllerU.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalogPolish authorities arrested 4 people behind DDoS-for-hire platformsPlay ransomware affiliate leveraged zero-day to deploy malwareCanary Exploit tool allows to find servers affected by Apache Parquet flawUnsophisticated cyber actors are targeting the U.S. Energy sectorNSO Group must pay WhatsApp over $167M in damages for attacks on its usersU.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalogSamsung MagicINFO flaw exploited days after PoC exploit publicationExperts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalogGoogle fixed actively exploited Android flaw CVE-2025-27363New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDRSmishing on a Massive Scale: ‘Panda Shop’ Chinese Carding SyndicateKelly Benefits December data breach impacted over 400,000 individualsA hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. govExperts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacksSansec uncovered a supply chain attack via 21 backdoored Magento extensionsUS authorities have indicted Black Kingdom ransomware adminMalicious Go Modules designed to wipe Linux systems International Press Newsletter Cybercrime Yemeni Man Charged in Federal Indictment Alleging He Sent ‘Black Kingdom’ Malware to Extort Businesses, Schools, and Medical Clinics Big Game Ransomware: the myths experts tell board members DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door From Callback Phishing to Extortion: Luna Moth Abuse Reamaze Helpdesk and RMM Tools Against U.S. Legal and Financial Sectors Uncovering Actor TTP Patterns and the Role of DNS in Investment Scams Ransomware Attackers Leveraged Privilege Escalation Zero-day DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains LockBit ransomware gang hacked, victim negotiations exposed Pakistani Firm Shipped Fentanyl Analogs, Scams to US PowerSchool hacker now extorting individual school districts Cyber criminal services target EoL Routers to Launch attack and hide their activities Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted LOCKBIT RANSOMWARE LEAKED One Small Click for an Admin, One Giant Breach for the Organization Malware iClicker site hack targeted students with malware via fake CAPTCHA Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH Malicious PyPI Package Targets Discord Developers with Remote Access Trojan Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS Hacking The Signal Clone the Trump Admin Uses Was Hacked Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI Bring Your Own Installer: Bypassing SentinelOne Through Agent Version Change Interruption When Space Goes Dark: Inside the Cyberattack on Poland’s Space Agency My Zero Day Quest & BlueHat Podcast SAP NetWeaver Flaw Lets Hackers Take Full Control: CVE-2025-31324 Explained Arctic Wolf Observes Exploitation of Path Traversal Vulnerability in Samsung MagicINFO 9 Server (CVE-2024-7399) Canary Exploit tool for CVE-2025-30065 Apache Parquet Avro Vulnerability Multiple vulnerabilities in SonicWall SMA 100 series (FIXED) Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation Intelligence and Information Warfare Russian hackers target Romanian state websites on election day COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years “US on High Alert”: Pentagon Confirms Mysterious Signal Traced to Russian Space Anomaly Now Feared as Major Threat MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware Cybersecurity Trump Crypto Corruption Intensifies as Abu Dhabi Firm Invests $2 Billion Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers NSO Group must pay more than $167 million in damages to WhatsApp for spyware campaign Unsophisticated Cyber Actor(s) Targeting Operational Technology Winning the Fight Against Spyware Merchant NSO Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why we’re followed online Google to pay Texas $1.4 billion in data privacy settlement Negotiations with the Akira ransomware group: an ill-advised approach Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2025-05-11T18:02:14