# Security Affairs Newsletter Round 522 - INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
## Grinex Emerges as Likely Garantex Rebrand: Marks & Spencer Breach Linked to Scattered Spider Ransomware Attack
In a significant cyber threat development, it has been revealed that a breach at UK retailer Marks & Spencer was linked to a ransomware attack attributed to Scattered Spider. The incident highlights the risks of supply chain attacks and the importance of robust cybersecurity measures in protecting against such threats.
## Alleged Nemesis Market Founder Charged by Federal Grand Jury with Money Laundering, Drug Distribution
The alleged founder of dark web marketplace Nemesis Market has been charged by a federal grand jury with money laundering and drug distribution. The charges mark another significant development in the ongoing crackdown on illicit online marketplaces.
## DarkWatchman Cybercrime Malware Returns on Russian Networks
DarkWatchman, a malware known for its sophisticated features and evasion techniques, has returned to Russian networks. The malware's resurgence highlights the ongoing threat posed by sophisticated cybercrime tools.
## Emera and Nova Scotia Power Responding to Cybersecurity Incident
Emera Inc., a utility company serving northeastern Canada and the northeastern United States, has confirmed that it was hit by a cyberattack. Nova Scotia Power, which serves the province of Nova Scotia, has also reported being affected by the incident.
## Phishing Domains Associated with LabHost PhaaS Platform Users
Phishing domains linked to LabHost, a PhaaS (Platform as a Service) platform, have been identified. The incident highlights the risks associated with using compromised PhaaS platforms and emphasizes the need for robust security measures.
## Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee’s Computer, Downloading Confidential Data
A man from Santa Clarita has agreed to plead guilty to hacking into a Disney employee's computer and downloading confidential data. The incident highlights the risks of insider threats and the importance of robust cybersecurity measures.
## Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge
A Ukrainian national has been extradited from Spain to face charges related to conspiracy to use ransomware. The incident marks another significant development in the ongoing crackdown on cybercrime.
## Harrods Latest Retailer to Be Hit by Cyber Attack
Harrods, a luxury retailer, has become the latest high-profile target of a cyberattack. The incident highlights the risks faced by retailers and emphasizes the need for robust cybersecurity measures.
## Co-op Cyber Attack Affects Customer Data, Firm Admits, After Hackers Contact BBC
The Co-operative Bank has admitted that it was hit by a cyber attack that affected customer data. The incident highlights the risks faced by financial institutions and emphasizes the need for robust cybersecurity measures.
## io_uring Is Back, This Time as a Rootkit
io_uring, a previously known malware variant, has resurfaced in the form of a rootkit. The incident highlights the ongoing threat posed by sophisticated cybercrime tools.
## StealC You: Tracking the Rapid Changes To StealC
StealC, a piece of malware that was first discovered in 2020, has undergone significant changes. Researchers have been tracking these changes to better understand the evolving threat landscape.
## Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin
Researchers have discovered a new type of malware that disguises itself as legitimate anti-malware software. The incident highlights the ongoing threat posed by sophisticated phishing attacks.
## Using Trusted Protocols Against You: Gmail as a C2 Mechanism
Gmail has been used as a command and control (C2) mechanism by cyber attackers. The incident highlights the risks faced by email services and emphasizes the need for robust security measures.
## Dual Explanations via Subgraph Matching for Malware Detection
Researchers have developed a new approach to malware detection that uses subgraph matching. The method provides dual explanations, highlighting the evolving threat landscape and the importance of robust cybersecurity measures.
## Investigating an in-the-wild Campaign Using RCE in CraftCMS
An in-the-wild campaign using remote code execution (RCE) in CraftCMS has been identified. Researchers have begun investigating the incident to better understand the attack vector and provide recommendations for mitigation.
## Fake Security Vulnerability Phishing Campaign Targets WooCommerce Users
A phishing campaign targeting WooCommerce users has been detected. The incident highlights the risks faced by e-commerce platforms and emphasizes the need for robust security measures.
## ‘Source of data’: are electric cars vulnerable to cyber spies and hackers?
Researchers have raised concerns about the vulnerability of electric cars to cyber spies and hackers. The incident highlights the growing threat posed by IoT devices and the importance of robust cybersecurity measures.
## Hello A 2024 Zero-Day Exploitation Analysis
A new zero-day exploitation analysis has been conducted on malware targeting AirPlay Protocol. The incident highlights the ongoing threat posed by sophisticated cybercrime tools.
## Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk
Wormable, a piece of malware that was first discovered in 2020, has been found to exploit zero-click remote code execution (RCE) in AirPlay Protocol. The incident highlights the risks faced by Apple and IoT devices.
## SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
SonicWall has confirmed that multiple appliance models are affected by known security vulnerabilities. The incident highlights the ongoing threat posed by exploitation of these vulnerabilities.
## When Space Goes Dark: Inside the Cyberattack on Poland’s Space Agency
A cyberattack on Poland's space agency has highlighted the risks faced by government agencies and private sector organizations. Researchers have begun investigating the incident to better understand the attack vector and provide recommendations for mitigation.
## Lessons from a Blue Team Failure
Researchers have identified key lessons from a recent blue team failure. The incident highlights the importance of robust cybersecurity measures and the need for continuous training and improvement.
A few secretive AI companies could crush free society, researchers warn.