Security Affairs Newsletter Round 525 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security Affairs newsletter, including the international press.
Malicious Actors Strike Again: A Roundup of the Latest Security Threats
Recent attacks demonstrate that cyber threats are becoming increasingly sophisticated and targeted. Hackers believed to have gained access to M&S through a third-party vendor, while domestic abuse victims had their data stolen from Legal Aid services. An $8.4 billion Chinese hub for crypto crime has been incorporated in Colorado, highlighting the growing importance of cybersecurity cooperation between nations.
Additionally, SIM card information belonging to SKT All Subscribers was leaked, and malicious codes have increased to 25 types. A Worcester College student pleaded guilty to cyber extortion charges, showcasing the devastating impact of online crimes on individuals and businesses alike.
Ransomware Actors: From 3AM Ransomware to Silent Ransom Group
3AM ransomware actors dropped virtual machines with vishing and Quick Assist, while the Silent Ransom Group targeted law firms, highlighting the ongoing struggle between cybersecurity professionals and malicious actors.
The Justice Department seized domains behind major information-stealing malware operations, demonstrating its commitment to combating cybercrime. Meanwhile, 270 individuals were arrested in a global dark web crackdown targeting online drug and criminal networks.
Other Notable Security Developments
A near-record 6.3 Tbps DDoS was launched against KrebsOnSecurity, highlighting the ever-growing threat landscape for cybersecurity professionals. TikTok videos promised pirated apps but instead delivered Vidar and StealC infostealers.
Leader of Qakbot malware conspiracy indicted for involvement in global ransomware scheme, while Operation ENDGAME struck again, breaking its source.
Security Tools Under Attack: RVTools Bumblebee and RedisRaider
RVTools Bumblebee malware attack exposed a trusted IT tool as a delivery vector for malicious code. Meanwhile, RedisRaider weaponized misconfigured Redis to mine cryptocurrency at scale, demonstrating the importance of configuration security.
Dual-Function Malware: Hidden Threats in Chrome Extensions
Hidden threats were discovered in Chrome extensions, showcasing the risks associated with software updates and user permissions. Lumma Stealer broke down delivery techniques and capabilities of a prolific infostealer.
A Brief History of DanaBot: Longtime Ecrime Juggernaut Disrupted by Operation Endgame
Operation Endgame brought an end to the long-standing ecrime juggernaut, DanaBot. This marks a significant milestone in the ongoing battle against cybercrime.
Pwn2Own Berlin 2025: Day Three Results and Firefox Security Response
The results of Pwn2Own Berlin 2025 were announced, highlighting vulnerabilities found in various software applications. Firefox responded to pwn2own 2025 with a security patch, demonstrating its commitment to user safety.
The Legacy Loophole: Exploiting Entra ID and Mitigation Strategies
Attackers are exploiting the Entra ID vulnerability, leaving users vulnerable to attacks. This article explores potential mitigation strategies for this issue.
O2 VoLTE: Locating Any Customer with a Phone Call
O2 VoLTE revealed how they use phone calls to locate customers, providing insight into the methods used by cybersecurity professionals to track down attackers.
ViciousTrap: Infiltrate, Control, Lure – Turning Edge Devices into Honeypots
Security experts have created a honeypot system using edge devices, demonstrating the potential for turning everyday objects into cybersecurity tools.
Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)
A new cyber threat emerged targeting Commvault's Metallic cloud-based backup solution. This highlights the importance of ongoing vigilance and security updates.
Rogue Communication Devices Found in Chinese Solar Power Inverters
Rogue communication devices were discovered in Chinese solar power inverters, demonstrating the growing risk of supply chain attacks.
New Japan Law Allows Preemptive Defense of Infrastructure Cyberattacks
A new Japanese law has been passed allowing for preemptive defense against cyberattacks. This marks a significant shift towards proactive cybersecurity strategies.
ESET APT Activity Report Q4 2024–Q1 2025: From Banks to Battalions
The ESET APT Activity Report provides an in-depth analysis of the latest cyber threats targeting various sectors, including banks and government agencies.
SideWinder’s Attacks on South Asia’s Public Sector
SideWinder carried out attacks against public sector organizations in South Asia, highlighting the growing threat landscape for governments and private institutions alike.
Russian GRU Targeting Western Logistics Entities and Technology Companies
The Russian GRU has been targeting logistics entities and technology companies, demonstrating the ongoing tensions between nations and industries.
UAT-6382 Exploits Cityworks Zero-Day Vulnerability to Deliver Malware
The UAT-6382 malware exploited a zero-day vulnerability in Cityworks, highlighting the importance of configuration security and patching.
"We would be less confidential than Google" – Proton Threatens to Quit Switzerland over New Surveillance Law
Proton, a popular email service provider, threatened to leave Switzerland if new surveillance laws were passed. This highlights the ongoing debate between data protection and national security.
Japan Passed a Law Allowing Preemptive Offensive Cyber Actions
A new law was passed in Japan allowing for preemptive offensive cyber actions. This marks a significant shift towards proactive cybersecurity strategies in Asia.
Cyber Attack Threat Keeps Me Awake at Night, Bank Boss Says
Bank bosses expressed concerns about the growing threat landscape, with many stating that cyberattacks keep them up at night.
Follow us on Twitter to stay updated on the latest security news and trends!