Weekly Security Affairs Newsletter Round 516: Global Cybersecurity Updates
Stay informed with the latest in cybersecurity news, data breaches, and threat intelligence. This week's Security Affairs newsletter covers critical updates and global security incidents.
TL;DR
- This week’s Security Affairs newsletter highlights significant cybersecurity incidents, including data breaches, malware attacks, and vulnerability exploits.
- Key topics include the lifting of sanctions on Tornado Cash, new malware techniques, and critical vulnerabilities in popular software.
Weekly Security Affairs Newsletter: Round 516
Welcome to the latest edition of the Security Affairs newsletter! Stay updated with the top security articles delivered straight to your inbox every week.
International Press – Newsletter
Cybercrime
- Blockchain gaming platform WEMIX hacked to steal $6.1 million
- Babuk2 Ransomware: Extortion Attempts Based on False Claims
- Western Alliance Bank notifies 21,899 customers of data breach
- Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack
- Tornado Cash Delisting
- LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users
Malware
- Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer Playbook—Then a Second Hacker Strikes
- ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery
- StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
- Arcane stealer: We want all your data
- Shedding light on the ABYSSWORKER driver
- RansomHub: Attackers Leverage New Custom Backdoor
Hacking
- Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs
- Abusing with style: Leveraging cascading style sheets for evasion and tracking
- One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild
- Harden-Runner detection: tj-actions/changed-files action is compromised
- ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns
- New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents
- By Executive Order, We Are Banning Blacklists – Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120)
- Technical Advisory: Mass Exploitation of CVE-2024-4577
- Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440
Intelligence and Information Warfare
- The cyber threat to the telecommunications sector
- Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia
- Russia, China Hitting West With ‘Massive Digital Arsenals’: EU
- UAC-0200: Espionage against the defense-industrial complex using DarkCrystal RAT (CERT-UA#14045)
- Head Mare and Twelve join forces to attack Russian entities
- Operation FishMedley
- UAT-5918 targets critical infrastructure entities in Taiwan
- Canadian provincial police appear to be using advanced commercial spyware
- Ukraine’s IT Army keeps up attacks on Russia despite waning media hype
- North Korea launches new unit with a focus on AI hacking, per report
- Musk’s X suspends opposition accounts in Turkey amid civil unrest
- UAT-5918 targets critical infrastructure entities in Taiwan
Cybersecurity
- The Rise and Fall of Terrorgram: Inside a Global Online Hate Network
- OpenAI Says It’s “Over” If It Can’t Steal All Your Copyrighted Work
- NIST Announces HQC as Fifth Standardized Post Quantum Algorithm
- WhatsApp patched zero-click flaw exploited in Paragon spyware attacks
- Russian zero-day seller is offering up to $4 million for Telegram exploits
- Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information
Stay connected with us on Twitter, Facebook, and Mastodon.
For more details, visit the full article: source
Conclusion
This week’s Security Affairs newsletter highlights the dynamic and ever-evolving landscape of cybersecurity. From significant data breaches to advanced malware techniques and critical vulnerability exploits, staying informed is crucial for protecting against emerging threats. As cybercriminals continue to innovate, it is essential for organizations and individuals to remain vigilant and proactive in their security measures.
Additional Resources
For further insights, check: