Security Affairs Newsletter Round 537 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Google Says Hackers Stole Its Customers' Data by Breaching Its Salesforce Database
ShinyHunters sent Google an extortion demand; Shiny
on current activities. The cyber threat group claims to have gained unauthorized access to Google's Salesforce database, exposing sensitive customer data.
Two Defendants Plead Guilty To Fraud Scheme Involving Data Stolen From Hospital Patients
The two defendants pleaded guilty to a scheme that involved stealing patient data from hospitals and selling it on the dark web. The investigation led by the FBI resulted in the arrest of two individuals who were charged with conspiracy to commit wire fraud.
Unmasking Interlock Group’s Evolving Malware Arsenal
Rapid7 Access Brokers Report: New Research Reveals Depth of Compromise in Access Broker Deals, with 71% Offering Privileged Access When
Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal
Treasury Sanctions Cryptocurrency Exchange and Network Enabling Sanctions Evasion and Cyber Criminals ‘Blue Locker’ Analysis: Ransomware Targeting Oil & Gas Sector in Pakistan Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images
SCENE 1: SoupDealer – Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks
Threat Bulletin: Fire in the Woods – A New Variant of FireWood Postman, engineer, cleaner: Are hackers sneaking into your office? You Snooze You Lose: RPC-Racer Winning RPC Endpoints Against Services Chrome Sandbox Escape Earns Researcher $250,000 Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code Uncovering memory corruption in NVIDIA Triton (as a new hire)
Don’t Phish-let Me Down: FIDO Authentication Downgrade Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely! The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device ScarCruft’s New Language: Whispering in PubNub, Crafting Backdoor in Rust, Striking with Ransomware From Drone Strike to File Recovery: Outsmarting a Nation State
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds
House of Commons hit by cyberattack from ‘threat actor’: internal email Vulnerabilities exposed: Israeli company reveals how users can hack ChatGPT accounts remotely UAT-7237 targets Taiwanese web hosting infrastructure The August 2025 Security Update Review SAP Security Notes: August 2025 Patch Day AI agents are being drafted into the cyber defense forces of corporations Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000 How we’re using AI in new ways to fight invalid traffic Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived
Follow me on Twitter: @securityaffairs and Facebook and Mastodon