Cybersecurity News Roundup: Key Insights from Security Affairs International Edition

TL;DR

This week’s Security Affairs newsletter highlights significant cybersecurity incidents, including targeted attacks on US officials, new malware threats, and critical vulnerabilities. Key stories include AI-generated deepfake attacks, major data breaches, and updates from prominent cybersecurity conferences.

Main Content

Stay Informed with the Weekly Security Affairs Newsletter

Welcome to the latest edition of the Security Affairs newsletter, your weekly dose of the most critical cybersecurity news and insights. This week, we bring you a comprehensive roundup of the latest threats, vulnerabilities, and expert analyses from around the globe.

Top Cybersecurity Stories

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Shields up US retailers. Scattered Spider threat actors can target them

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

New botnet HTTPBot targets gaming and tech industries with surgical attacks

Meta plans to train AI on EU user data from May 27 without consent

AI in the Cloud: The Rising Tide of Security and Privacy Risks

Google fixed a Chrome vulnerability that could lead to full account takeover

Nova Scotia Power discloses data breach after March security incident

Coinbase disclosed a data breach after an extortion attempt

U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

U.S. CISA adds Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

Ivanti fixed two EPMM flaws exploited in limited attacks

Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days

Fortinet fixed actively exploited FortiVoice zero-day

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Marks and Spencer confirms data breach after April cyber attack

Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

Apple released security updates to fix multiple flaws in iOS and macOS

U.S. CISA adds TeleMessage TM SGNL to its Known Exploited Vulnerabilities catalog

Researchers found one-click RCE in ASUS’s pre-installed software DriverHub

Threat actors use fake AI tools to deliver the information stealer Noodlophile

German police seized eXch crypto exchange

Google will pay Texas $1.4 billion over its location tracking practices

International Press – Newsletter

Cybercrime

Crypto swapping service “eXch” shut down

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States

Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data

Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins

Senior US Officials Impersonated in Malicious Messaging Campaign

Malware

PupkinStealer : A .NET-Based Info-Stealer

Interlock ransomware evolving under the radar

High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding

Printer maker Procolored offered malware-laced drivers for months

Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT

Hacking

One-Click RCE in ASUS’s Preinstalled Driver Software

Revealed — The Hackers Behind The World’s Most Prolific Cyberattacks

SAP Zero – Frostbite: How Russian RaaS Actor Qilin Exploited CVE-2025-31324 Weeks Before its Public Disclosure

Intelligence and Information Warfare

Marbled Dust leverages zero-day in Output Messenger for regional espionage

China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures

TA406 Pivots to the Front

ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver

Robot Soldiers, Neural Networks: How Machine Vision Is Changing Warfare

Chinese ‘kill switches’ found hidden in US solar farms

Operation RoundPress

Cybersecurity

Google to pay Texas $1.4 billion in data privacy settlement

The May 2025 Security Update Review

Protecting Our Customers – Standing Up to Extortionists

Nova Scotia Power confirms hackers stole customer data in cyberattack

‘They yanked their own plug’: How Co-op averted an even worse cyber attack

noyb sends Meta ‘cease and desist’ letter over AI training. European Class Action as potential next step

Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds

Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

( SecurityAffairs – hacking, newsletter)

For more details, visit the full article: source

Conclusion

This week’s newsletter highlights the ongoing challenges in the cybersecurity landscape, from sophisticated attacks to critical vulnerabilities. Staying informed and proactive is essential for defending against these evolving threats.

Additional Resources

For further insights, check:

• Cybersecurity & Infrastructure Security Agency (CISA)
• National Cyber Security Centre (NCSC)
• European Union Agency for Cybersecurity (ENISA)