A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
International Press – Newsletter
Cybercrime
Insider Threats Loom while Ransom Payment Rates Plummet
FBI says card shuffling machines were hacked as part of major illegal gambling schemes
Sweden’s power grid operator confirms data breach claimed by ransomware gang
ASERT Threat Summary: Aisuru and Related TurboMirai Botnet DDoS Attack Mitigation and Suppression—October 2025—v1.0
Former General Manager for U.S. Defense Contractor Pleads Guilty to Selling Stolen Trade Secrets to Russian Broker
NCSC Annual Review 2025
CISA: High-severity Linux flaw now exploited by ransomware gangs
Ukrainian National Extradited from Ireland in Connection with Conti Ransomware
Silent Push Unearths AdaptixC2’s Ties to Russian Criminal Underworld, Tracks Threat Actors Harnessing Open-Source Tool for Malicious Payloads Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails
Malware
Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
Meet Atroposia: The Stealthy Feature-Packed RAT
New Android Malware Herodotus Mimics Human Behaviour to Evade Detection
10 npm Typosquatted Packages Deploy Multi-Stage Credential Harvester
PhantomRaven: NPM Malware Hidden in Invisible Dependencies
Hacking
Mass Exploit Campaign Targeting Arbitrary Plugin Installation Vulnerabilities
CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing
OpenAI Atlas Omnibox Prompt Injection: URLs That Become Jailbreaks
AI Sidebar Spoofing: Malicious Extensions Impersonates AI Browser Interface
Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers
“ChatGPT Tainted Memories:” LayerX Discovers The First Vulnerability in OpenAI Atlas Browser, Allowing Injection of Malicious Instructions into ChatGPT
Internet-accessible industrial control systems (ICS) abused by hacktivists
TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition
Don’t take BADCANDY from strangers – How your devices could be implanted and what to do about it
Intelligence and Information Warfare
Mem3nt0 mori – The Hacking Team is back!
Ukrainian organizations still heavily targeted by Russian attacks
Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs
US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer
Major US Telecom Backbone Firm Hacked by Nation-State Actors
UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities
CN APT targets Serbian Government
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
Is Space the Final Frontier of Espionage?
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems
Cybersecurity
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts
iOS 26 update erases critical trace files used to identify Pegasus intrusions
Merkle data hit as Dentsu is rocked by ‘security incident’
EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
How Android provides the most effective protection to keep you safe from mobile scams
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, newsletter)
Show Full Preview Show Less Similar Posts