A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New Linux backdoor Plague bypasses auth via malicious PAM module China Presses Nvidia Over Alleged Backdoors […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

New Linux backdoor Plague bypasses auth via malicious PAM module

China Presses Nvidia Over Alleged Backdoors in H20 Chips Amid Tech Tensions

Malicious AI-generated npm package hits Solana users

Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits

ToolShell under siege: Check Point analyzes Chinese APT Storm-2603

CISA released Thorium platform to support malware and forensic analysis

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

Attackers actively exploit critical zero-day in Alone WordPress Theme

Dahua Camera flaws allow remote hacking. Update firmware now

Researchers released a decryptor for the FunkSec ransomware

Apple fixed a zero-day exploited in attacks against Google Chrome users

PyPI maintainers alert users to email verification phishing attack

FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms

Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

Orange reports major cyberattack, warns of service disruptions

Hackers leak images and comments from women dating safety app Tea

Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

Seychelles Commercial Bank Reported Cybersecurity Incident

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Scattered Spider targets VMware ESXi in using social engineering

China-linked group Fire Ant exploits VMware and F5 flaws since early 2025

Allianz Life data breach exposed the data of most of its 1.4M customers

International Press – Newsletter

Cybercrime

Cybercriminals Attack Seychelles – Offshore Banking as a Target 

Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack

United States files a civil complaint in the Northern District of Texas seeking the forfeiture of over $1.7 million worth of cryptocurrency seized by Dallas FBI 

Minnesota Activates National Guard in Response to Cyberattack 

Scammers Unleash Flood of Slick Online Gaming Sites 

PyPI Users Email Phishing Attack

Malware

Endgame Gear mouse config tool infected users with malware

Auto-Color Backdoor: How Darktrace Thwarted a Stealthy Linux Intrusion 

Sealed Chain of Deception: Actors leveraging Node.JS to Launch JSCeal

Decrypted: FunkSec Ransomware 

Threat actor uses AI to create a better crypto wallet drainer 

Hacking

From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944  

Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin 

Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability 

How attackers are still phishing “phishing-resistant” authentication 

Vulnerabilities Identified in Dahua Hero C1 Smart Cameras  

Attackers Actively Exploiting Critical Vulnerability in Alone Theme 

UNC2891 Bank Heist: Physical ATM Backdoor & Linux Forensic Evasion Evasion

How AI red teams find hidden flaws before attackers do

MaterialX and OpenEXR Security Audit    

Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations 

Pwn2Own Returns to Ireland with a One Million Dollar WhatsApp Target 

Intelligence and Information Warfare

Fire Ant: A Deep-Dive into Hypervisor-Level Espionage 

Cyberattack on Russian airline Aeroflot causes the cancellation of more than 100 flights

Beijing summons Nvidia over alleged backdoors in China-bound AI chips  

Google says UK government has not demanded an encryption backdoor for its users’ data

The Covert Operator’s Playbook: Infiltration of Global Telecom Networks

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto 

Cybersecurity

A Second Tea Breach Reveals Users’ DMs About Abortions and Cheating 

Orange, France’s largest telecoms company, hit by cyberattack

Wyden asks White House to scrutinize UK surveillance laws 

Apple patches security flaw exploited in Chrome zero-day attacks

Cost of a Data Breach Report 2025 The AI Oversight Gap

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats

Thorium Platform Public Availability 

The Growing Impact Of AI And Quantum On Cybersecurity 

From Payrolls to Patents: The Spectrum of Data Leaked into GenAI Copy 

Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/180711/breaking-news/security-affairs-newsletter-round-535-by-pierluigi-paganini-international-edition.html