A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found 4 billion user records online, the largest known leak of Chinese personal data from […] A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single sourceAttackers exploit Fortinet flaws to deploy Qilin ransomwareRussia-linked threat actors targets Ukraine with PathWiper wiperU.S. Offers $10M bounty for info on RedLine malware creator and state hackersPlay ransomware group hit 900 organizations since 2022U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalogNew versions of Chaos RAT target Windows and Linux systemsCritical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud InfrastructureLaw enforcement seized the carding marketplace BidenCashUkraine’s military intelligence agency stole 4.4GB of highly classified internal data from TupolevHPE fixed multiple flaws in its StoreOnce softwareRoundcube Webmail under fire: critical exploit found after a decadeU.S. CISA adds Multiple Qualcomm chipsets flaws to its Known Exploited Vulnerabilities catalogCartier disclosed a data breach following a cyber attackU.S. CISA adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalogAndroid banking trojan Crocodilus rapidly evolves and goes globalGoogle fixed the second actively exploited Chrome zero-day since the start of the yearCryptojacking campaign relies on DevOps toolsHackingQualcomm fixed three zero-days exploited in limited, targeted attacksPolice took down several popular counter-antivirus (CAV) services, including AvCheckA cyberattack hit hospitals operated by Covenant HealthExperts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188Two flaws in vBulletin forum software are under attack International Press Newsletter Cybercrime Websites selling hacking tools to cybercriminals seized Alleged Conti, TrickBot Gang Leader Unmasked Key service for malware developers taken offline Hospitals in Maine, New Hampshire limit services after cyberattack on Catholic health org U.S. Government seizes approximately 145 criminal marketplace domains Interlock ransomware claims Kettering Health breach, leaks stolen data Cyber Criminals Defraud Hedera Hashgraph Network Non-Custodial Wallet Users Through Nonfungible Token Airdrops Disguised as Free Rewards #StopRansomware: Play Ransomware Maxim Alexandrovich Rudometov & RedLine The SEC Pinned Its Hack on a Few Hapless Day Traders. The Full Story Is Far More Troubling Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect Ransomware gang claims responsibility for Kettering Health hack Malware Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban From open-source to open threat: Tracking Chaos RAT’s evolution Home Internet Connected Devices Facilitate Criminal Activity Hacking vBulletin replaceAdTemplate Exploited in the Wild Don’t Call That “Protected” Method: Dissecting an N-Day vBulletin RCE Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU Preinstalled Apps on Ulefone, Kr ger&Matz Phones Let Any App Reset Device, Steal PIN DevOps Tools Targeted for Cryptojacking Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code Critical Fortinet flaws now exploited in Qilin ransomware attacks Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection Intelligence and Information Warfare A Flyby on the CFO’s Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit Ukraine Hacks Tupolev, Exposes Russia’s Strategic Bomber Secrets Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine Justice Department accuses two Chinese researchers of smuggling ‘potential agroterrorism weapon’ into US Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring The Bitter End: Unraveling Eight Years of Espionage Antics Part Two Cybersecurity Sustaining Digital Certificate Security – Upcoming Changes to the Chrome Root Store Announcing a new strategic collaboration to bring clarity to threat actor naming NSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’ Victoria’s Secret says it will postpone earnings report after recent security breach Largest ever data leak exposes over 4 billion user records Australian ransomware victims now must tell the government if they pay up Pivot to AI EU takes a step further in cybersecurity crisis management Cyber Attacks Are Up 47% in 2025 AI is One Key Factor Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2025-06-08T11:20:49