Weekly Security Affairs Newsletter Round 517: International Edition
TL;DR
This week’s Security Affairs newsletter highlights critical cybersecurity incidents, including a major FBI seizure in a crypto fraud scheme, new banking trojans, and significant vulnerabilities in popular software. The international press section covers recent ransomware attacks, cybercrime trends, and malware developments.
Main Content
Welcome to the Weekly Security Affairs Newsletter
Enjoy the latest round of our weekly Security Affairs newsletter, featuring top security articles and international press coverage.
International Press – Newsletter
Cybercrime
- Ransomware Group Claims Attack on Virginia Attorney General’s Office
- FBI Denver Warns of Online File Converter Scam
- The DNA of Organised Crime is Changing – and So is the Threat to Europe
- Exclusive: DOGE Staffer ‘Big Balls’ Provided Tech Support to Cybercrime Ring, Records Show
- A Sneaky Phish Just Grabbed My Mailchimp Mailing List
- Arrests in Tap-to-Pay Scheme Powered by Phishing
- DeepSeek Users Targeted with Fake Sponsored Google Ads That Deliver Malware
- Russia Arrests Three for Allegedly Creating Mamont Malware, Tied to Over 300 Cybercrimes
- DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme
Malware
- Microsoft Trusted Signing Service Abused to Code-Sign Malware
- Shedding Light on the ABYSSWORKER Driver
- Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks
- Shifting the Sands of RansomHub’s EDRKillShifter
- Multiple Crypto Packages Hijacked, Turned into Info-Stealers
- CoffeeLoader: A Brew of Stealthy Techniques
- PJobRAT Makes a Comeback, Takes Another Crack at Chat Apps
- Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Hacking
- Next.js and the Corrupt Middleware: The Authorizing Artifact
- Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure
- CVE-2025-26633: How Water Gamayun Weaponizes MUIPath Using MSC EvilTwin
- New GitHub Action Supply Chain Attack: reviewdog/action-setup
- OpenAI Offering $100K Bounties for Critical Vulnerabilities
- Over 150K Websites Hit by Full-Page Hijack Linking to Chinese Gambling Sites
Intelligence and Information Warfare
- Weaver Ant, the Web Shell Whisperer: Tracking a Live China-Nexus Operation
- Ex-NSA Boss: Election Security Focus Helped Dissuade Increase in Russian Meddling with US
- RedCurl’s Ransomware Debut: A Technical Deep Dive
- You Will Always Remember This as the Day You Finally Caught FamousSparrow
- Private Data and Passwords of Senior U.S. Security Officials Found Online
- Turning Aid Into Attack: Exploitation of Pakistan’s Youth Laptop Scheme to Target India
Cybersecurity
- The Trump Administration Accidentally Texted Me Its War Plans
- Flailing OpenAI Calls for Ban on Chinese AI
- Why Government Workers and Military Planners All Love Signal Now
- SignalGate Isn’t About Signal
- TCCing Is Believing
- Oracle Health Breach Compromises Patient Data at US Hospitals
Follow me on Twitter: @securityaffairs, Facebook, and Mastodon
(SecurityAffairs – hacking, newsletter)
Conclusion
The cybersecurity landscape continues to evolve with new threats and vulnerabilities emerging regularly. Staying informed through resources like the Security Affairs newsletter is crucial for individuals and organizations to protect themselves against cyber threats. As cybercrime becomes more sophisticated, it is essential to implement robust security measures and remain vigilant.