**Security Affairs Newsletter Round 562 - International Edition**
Welcome to the latest edition of our weekly newsletter, where we bring you the most important security articles from around the world. This week's roundup includes a mix of high-profile hacks, government investigations, and emerging threats.
ClawdBot Skills Just Ganked Your Crypto
A new threat has emerged in the cryptocurrency space, with ClawdBot Skills claiming to steal sensitive information from users' computers. The botnet is believed to have compromised thousands of machines, potentially putting millions of dollars' worth of crypto assets at risk.
DOJ Reveals Jeffrey Epstein Employed An Elite Hacker With Global Cyber Connections
The US Department of Justice has announced that it has uncovered evidence of a sophisticated cyberattack on the late financier Jeffrey Epstein's computers. The investigation revealed that Epstein had employed an elite hacker with connections to international cybercrime groups.
French headquarters of Elon Musk’s X raided by Paris cybercrime unit
In a major operation, the Paris cybercrime unit raided the French headquarters of Elon Musk's X social media platform. The raid is believed to be linked to an ongoing investigation into alleged data breaches and cybersecurity incidents.
Infostealers without borders: macOS, Python stealers, and platform abuse
Cybersecurity researchers have discovered a range of infostealer malware variants targeting various platforms, including macOS and Python. The threat actors are using increasingly sophisticated tactics to evade detection and exploit vulnerabilities in popular software.
X offices raided in France as UK opens fresh investigation into Grok “Incognito Market” Owner Sentenced To 30 Years For Operating One Of The World’s Largest Online Narcotics Marketplaces
A major operation has seen the French headquarters of X social media platform raided by authorities, while a new investigation is underway in the UK. Meanwhile, a notorious dark web market owner has been sentenced to 30 years for operating one of the world's largest online narcotics marketplaces.
Joint security advisory from BSI and BfV on phishing via messenger services
A joint security alert has been issued by Germany's Federal Office for Information Security (BSI) and the Cybersecurity Authority (BfV) warning of a significant increase in phishing attacks using popular messaging apps.
Illinois Man Pleads Guilty to Identity Theft and Wire Fraud
An Illinois resident has pleaded guilty to charges of identity theft and wire fraud, marking another high-profile case of individuals exploiting online platforms for illicit gain.
ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting
Cybersecurity researchers have discovered a sophisticated botnet that has compromised over 340 malicious skills, highlighting the growing threat of AI-powered cyber attacks.
Analyzing Dead#Vax: Analyzing Multi-Stage VHD Delivery and Self-Parsing Batch Scripts to Deploy In-Memory Shellcode
Security researchers have delved into the inner workings of a complex malware variant known as Dead#Vax, uncovering its multi-stage delivery mechanism and self-parsing batch scripts.
Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise
A critical vulnerability has been discovered in popular package repositories npm and PyPI, with malicious packages published by a compromised maintainer posing significant risks to developers and users alike.
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit Metro4Shell: Exploitation of React Native’s Metro Server in the Wild
Cybersecurity researchers have analyzed a sophisticated backdoor tool known as The Chrysalis, used by threat actors to gain unauthorized access to compromised systems.
An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account
A concerning case has emerged involving an AI-powered toy that inadvertently exposed sensitive logs of conversations with children to anyone with a Gmail account, raising serious concerns about data protection and security.
Dual-Mode Citrix Gateway Reconnaissance: When Residential Proxies Meet Version Hunting
Security researchers have shed light on a sophisticated reconnaissance technique used by threat actors to compromise Citrix gateways, highlighting the importance of multi-factor authentication and regular software updates.
Russian-led cyberattacks on embassies and hotels in Cortina foiled says Tajani (3)
A major operation has seen Russian-led cyber attacks on embassies and hotels in Italy's Cortina region foiled, according to reports. The incident marks another example of nation-state sponsored hacking.