A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyberattack on Collins Aerospace disrupted operations at major European airports CISA warns of malware deployed […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

A cyberattack on Collins Aerospace disrupted operations at major European airports

CISA warns of malware deployed through Ivanti EPMM flaws

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

DoJ resentenced former BreachForums admin to three years in prison

Apple backports fix for actively exploited CVE-2025-43300

New supply chain attack hits npm registry, compromising 40+ packages

Cybercrime group accessed Google Law Enforcement Request System (LERS)

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

Fairmont Federal Credit Union 2023 data breach impacted 187K people

UK ICO finds students behind majority of school data breaches

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

ShinyHunters Attack National Credit Information Center of Vietnam

International Press – Newsletter

Cybercrime

Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers 

Hackers claim access to law enforcement portals, but do they really have access?

Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison

RaccoonO365: An Active Campaign and New Features  

FileFix in the wild! New FileFix campaign goes beyond POC and leverages steganography

Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service

United Kingdom National Charged in Connection with Multiple Cyber Attacks, Including on Critical Infrastructure

Two charged for TfL cyber attack     

Inside the Lighthouse and Lucid PhaaS Campaigns Targeting 316 Global Brands

SystemBC – Bringing the Noise     

Evolution Cybercrime—Key Trends, Cybersecurity Threats, and Mitigation Strategies from Historical Data

Malware

SmokeLoader Rises From the Ashes 

Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages 

Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation  

Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware

Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware      

Hacking

A learning approach on exploiting CVE-2020-9273

Rowhammer Attack Demonstrated Against DDR5 

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations 

ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent 

CISA Releases Malware Analysis Report on Malicious Listener Targeting Ivanti Endpoint Manager Mobile Systems

Intelligence and Information Warfare

APT Down – The North Korea Files

Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm  

Israel announces seizure of $1.5M from crypto wallets tied to Iran 

Ukraine claims cyberattacks on Russian election systems; Moscow confirms disruptions 

THREE IRANIAN CYBER ACTORS 

SEC targets US firms tied to suspected Chinese ‘pump and dump’ scams   

Minding the drone gap: Drone warfare and the EU  

Gamaredon X Turla collab 

Modus Operandi of Subtle Snail  

Cybersecurity

AI Agents are Eroding the Foundations of Cybersecurity

Kids in the UK are hacking their own schools for dares and notoriety    

Cloudflare participates in global operation to disrupt RaccoonO365   

JLR could face disruption until November after hack 

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Palo Alto Networks Unit 42 Recognised by UK’s NCSC as an Enhanced Level Cyber Incident Response Assured Service Provider 

Germany approves new rules to protect critical infrastructure

Passengers stranded at Heathrow, other European airports after cyberattack  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/182390/breaking-news/security-affairs-newsletter-round-542-by-pierluigi-paganini-international-edition.html