Security Affairs Newsletter Round 520 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
Threat actors have recently started to misuse Node.js to deliver malware and other malicious payloads via SVG (Scalable Vector Graphics) files. This new trend in phishing attacks is a clear indication that threat actors are becoming increasingly sophisticated and creative in their attempts to deceive unsuspecting victims.
Byte Bandits: How Fake PDF Converters Are Stealing More Than Just Your Documents
Recently, security researchers have discovered fake PDF converters that appear to be legitimate but are actually designed to steal sensitive information from users. These malicious PDF converters can compromise the security of even the most cautious individuals, making it essential for users to exercise extreme caution when using such software.
Man Helped Chinese Nationals Get Jobs Involving Sensitive US Government Projects
A recent investigation has revealed that a man in the United States was hired by Chinese nationals to obtain sensitive information about US government projects. This case highlights the ongoing threat of espionage and the need for increased vigilance when dealing with individuals or entities with questionable loyalties.
Unmasking the new XorDDoS controller and infrastructure
Security researchers have recently uncovered a new XorDDoS controller and infrastructure, which appears to be designed to facilitate large-scale distributed denial-of-service (DDoS) attacks. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Malicious NPM Packages Targeting PayPal Users
Security researchers have discovered malicious NPM packages that appear to be designed to steal sensitive information from PayPal users. These malicious packages can compromise the security of even the most cautious individuals, making it essential for developers to exercise extreme caution when using such software.
New Malware Variant Identified: ResolverRAT
Security researchers have recently identified a new malware variant known as ResolverRAT, which appears to be designed to steal sensitive information from compromised systems. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?
Recently, security researchers have discovered a surprising connection between cheap Android smartphones, WhatsApp, and cryptocurrency theft. This discovery highlights the ongoing threat of cybercrime and the need for increased vigilance when dealing with sensitive information.
BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets
Security researchers have recently uncovered a hidden controller used by BPFDoor to target individuals in Asia and the Middle East. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Gorilla, a newly discovered Android malware
Security researchers have recently discovered a new Android malware known as Gorilla, which appears to be designed to steal sensitive information from compromised systems. This discovery highlights the ongoing threat of cyberattacks and the need for increased vigilance when dealing with emerging threats.
Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis
Security researchers have recently discovered a new attack chain approach known as Cascading Shadows, which appears to be designed to evade detection and complicate analysis. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Tycoon2FA New Evasion Technique for 2025 CVE-2025-30406 – Critical
Security researchers have recently discovered a new evasion technique known as Tycoon2FA, which appears to be designed to exploit a critical vulnerability in 2025 CVE-2025-30406. This discovery highlights the ongoing threat of cyberattacks and the need for increased vigilance when dealing with emerging threats.
Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild
Security researchers have recently discovered that a vulnerability in Gladinet CentreStack & Triofox has been exploited in the wild. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Aiding reverse engineering with Rust and a local LLM
Security researchers have recently discovered a new tool that aids in reverse engineering using Rust and a local LLM (Large Language Model). This discovery highlights the ongoing threat of cyberattacks and the need for increased vigilance when dealing with emerging threats.
Apple fixes two zero-days exploited in targeted iPhone attacks
Apple has recently released patches to fix two previously undiscovered zero-day exploits that were used in targeted iPhone attacks. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Task Scheduler– New Vulnerabilities for schtasks.exe
Security researchers have recently discovered new vulnerabilities in Task Scheduler related to schtasks.exe. These vulnerabilities can be exploited by attackers to gain unauthorized access to systems, making it essential for users to exercise extreme caution when dealing with such software.
Over 16,000 Fortinet devices compromised with symlink backdoor
Security researchers have recently discovered that over 16,000 Fortinet devices have been compromised with a symlink backdoor. This discovery highlights the ongoing threat of cyberattacks and the need for increased vigilance when dealing with emerging threats.
Notorious image board 4chan hacked and internal data leaked
Security researchers have recently discovered that the notorious image board 4chan has been hacked, resulting in the leakage of sensitive internal data. This discovery underscores the ongoing threat of cyberattacks and the importance of staying vigilant in the face of emerging threats.
Around the World in 90 Days: State-Sponsored Actors Try ClickFix CVE-2025-24054, NTLM Exploit in the Wild
Security researchers have recently discovered that state-sponsored actors are attempting to exploit a vulnerability in ClickFix (CVE-2025-24054) and an NTLM exploit. This discovery highlights the ongoing threat of cyberattacks and the need for increased vigilance when dealing with emerging threats.