A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials Shields up US […] A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officialsShields up US retailers. Scattered Spider threat actors can target themU.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalogPwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXiNew botnet HTTPBot targets gaming and tech industries with surgical attacksMeta plans to train AI on EU user data from May 27 without consentAI in the Cloud: The Rising Tide of Security and Privacy RisksGoogle fixed a Chrome vulnerability that could lead to full account takeoverNova Scotia Power discloses data breach after March security incidentCoinbase disclosed a data breach after an extortion attemptU.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalogKosovo authorities extradited admin of the cybercrime marketplace BlackDB.ccU.S. CISA adds Microsoft Windows flaws to its Known Exploited Vulnerabilities catalogIvanti fixed two EPMM flaws exploited in limited attacksMicrosoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-daysFortinet fixed actively exploited FortiVoice zero-dayHow Interlock Ransomware Affects the Defense Industrial Base Supply ChainMarks and Spencer confirms data breach after April cyber attackMoldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companiesAPT group exploited Output Messenger Zero-Day to target Kurdish military operating in IraqApple released security updates to fix multiple flaws in iOS and macOSU.S. CISA adds TeleMessage TM SGNL to its Known Exploited Vulnerabilities catalogResearchers found one-click RCE in ASUS’s pre-installed software DriverHubThreat actors use fake AI tools to deliver the information stealer NoodlophileGerman police seized eXch crypto exchangeGoogle will pay Texas $1.4 billion over its location tracking practices International Press Newsletter Cybercrime Crypto swapping service “eXch” shut down Moldovan Police Arrest Suspect in 4.5M Ransomware Attack on Dutch Research Agency How Interlock Ransomware Affects the Defense Industrial Base Supply Chain Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins Senior US Officials Impersonated in Malicious Messaging Campaign Malware PupkinStealer : A .NET-Based Info-Stealer Interlock ransomware evolving under the radar High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding Printer maker Procolored offered malware-laced drivers for months Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT Hacking One-Click RCE in ASUS’s Preinstalled Driver Software Revealed The Hackers Behind The World’s Most Prolific Cyberattacks SAP Zero Frostbite: How Russian RaaS Actor Qilin Exploited CVE-2025-31324 Weeks Before its Public Disclosure Intelligence and Information Warfare Marbled Dust leverages zero-day in Output Messenger for regional espionage China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures TA406 Pivots to the Front ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver Robot Soldiers, Neural Networks: How Machine Vision Is Changing Warfare Chinese ‘kill switches’ found hidden in US solar farms Operation RoundPress Cybersecurity Google to pay Texas $1.4 billion in data privacy settlement The May 2025 Security Update Review Protecting Our Customers – Standing Up to Extortionists Nova Scotia Power confirms hackers stole customer data in cyberattack ‘They yanked their own plug’: How Co-op averted an even worse cyber attack noyb sends Meta ‘cease and desist’ letter over AI training. European Class Action as potential next step Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2025-05-18T11:36:45