National Cyber Warfare Foundation (NCWF)

Security Affairs newsletter Round 516 by Pierluigi Paganini INTERNATIONAL EDITION


0 user ratings
2025-03-23 19:17:50
milo
Blue Team (CND)
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash Zero-day broker Operation Zero offers up to […


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.





Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.





U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash
Zero-day broker Operation Zero offers up to $4 million for Telegram exploits
RansomHub affiliate uses custom backdoor Betruger
Cisco Smart Licensing Utility flaws actively exploited in the wild
Pennsylvania State Education Association data breach impacts 500,000 individuals
Veeam fixed critical Backup & Replication flaw CVE-2025-23120
U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog
CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT
WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware
California Cryobank, the largest US sperm bank, disclosed a data breach
Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks
U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft
ChatGPT SSRF bug quickly becomes a favorite attack vector
GitHub Action tj-actions/changed-files was compromised in supply chain attack
New StilachiRAT uses sophisticated techniques to avoid detection
Threat actors rapidly exploit new Apache Tomcat flaw following PoC release
Attackers use CSS to create evasive phishing messages
Researcher releases free GPU-Based decryptor for Linux Akira ransomware
Denmark warns of increased state-sponsored campaigns targeting the European telcos
A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down.




International Press – Newsletter





Cybercrime





Blockchain gaming platform WEMIX hacked to steal $6.1 million





Babuk2 Ransomware: Extortion Attempts Based on False Claims 





Western Alliance Bank notifies 21,899 customers of data breach





Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack! 





Tornado Cash Delisting





LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users      





Malware





Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer Playbook—Then a Second Hacker Strikes 





ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery  





StilachiRAT analysis: From system reconnaissance to cryptocurrency theft  





Arcane stealer: We want all your data  





Shedding light on the ABYSSWORKER driver 





RansomHub: Attackers Leverage New Custom Backdoor 





Hacking





Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs 





Abusing with style: Leveraging cascading style sheets for evasion and tracking





One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild     





Harden-Runner detection: tj-actions/changed-files action is compromised 





ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns  





New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents  





By Executive Order, We Are Banning Blacklists – Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120)  





Technical Advisory: Mass Exploitation of CVE-2024-4577





Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440





Intelligence and Information Warfare





The cyber threat to the telecommunications sector





Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia





Russia, China Hitting West With ‘Massive Digital Arsenals’: EU      





UAC-0200: Espionage against the defense-industrial complex using DarkCrystal RAT (CERT-UA#14045)  





Head Mare and Twelve join forces to attack Russian entities 





Operation FishMedley 





UAT-5918 targets critical infrastructure entities in Taiwan 





Canadian provincial police appear to be using advanced commercial spyware





Ukraine’s IT Army keeps up attacks on Russia despite waning media hype     





North Korea launches new unit with a focus on AI hacking, per report    





Musk’s X suspends opposition accounts in Turkey amid civil unrest





UAT-5918 targets critical infrastructure entities in Taiwan     





Cybersecurity





The Rise and Fall of Terrorgram: Inside a Global Online Hate Network 





OpenAI Says It’s “Over” If It Can’t Steal All Your Copyrighted Work





NIST Announces HQC as Fifth Standardized Post Quantum Algorithm





 WhatsApp patched zero-click flaw exploited in Paragon spyware attacks 





Russian zero-day seller is offering up to $4 million for Telegram exploits  





Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information 





Follow me on Twitter: @securityaffairs and Facebook and Mastodon





Pierluigi Paganini





(SecurityAffairs – hacking, newsletter)



Source: SecurityAffairs
Source Link: https://securityaffairs.com/175740/breaking-news/security-affairs-newsletter-round-516-by-pierluigi-paganini-international-edition.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.