A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Rhysida Ransomware gang claims the hack of the Government of Peru DragonForce group claims the theft of data […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Rhysida Ransomware gang claims the hack of the Government of Peru

DragonForce group claims the theft of data after Co-op cyberattack

U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog

Ireland’s DPC fined TikTok €530M for sending EU user data to China

Microsoft sets all new accounts passwordless by default

Luxury department store Harrods suffered a cyberattack

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations

FBI shared a list of phishing domains associated with the LabHost PhaaS platform

Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack

Two SonicWall SMA100 flaws actively exploited in the wild

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

France links Russian APT28 to attacks on dozen French entities

Indian Court ordered to block email service Proton Mail

AirBorne flaws can lead to fully hijack Apple devices

U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog

SentinelOne warns of threat actors targeting its systems and high-value clients

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

VeriSource data breach impacted 4M individuals

U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog

The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

A large-scale phishing campaign targets WordPress WooCommerce users

PoC rootkit Curing evades traditional Linux detection systems

Attackers chained Craft CMS zero-days attacks in the wild

Storm-1977 targets education sector with password spraying, Microsoft warns

International Press – Newsletter

Cybercrime

Grinex Emerges as Likely Garantex Rebrand 

Marks & Spencer breach linked to Scattered Spider ransomware attack

Alleged Nemesis Market founder charged by federal grand jury with money laundering, drug distribution

DarkWatchman cybercrime malware returns on Russian networks

Emera and Nova Scotia Power Responding to Cybersecurity Incident 

Phishing Domains Associated with LabHost PhaaS Platform Users

Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee’s Computer, Downloading Confidential Data from Company  

Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge  

Harrods latest retailer to be hit by cyber attack 

Co-op cyber attack affects customer data, firm admits, after hackers contact BBC  

Malware

io_uring Is Back, This Time as a Rootkit  

I StealC You: Tracking the Rapid Changes To StealC

Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin

Using Trusted Protocols Against You: Gmail as a C2 Mechanism        

Dual Explanations via Subgraph Matching for Malware Detection

Hacking

Investigating an in-the-wild campaign using RCE in CraftCMS  

Fake Security Vulnerability Phishing Campaign Targets WooCommerce Users  

‘Source of data’: are electric cars vulnerable to cyber spies and hackers?  

Hello A 2024 Zero-Day Exploitation Analysis 

Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk 

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

When Space Goes Dark: Inside the Cyberattack on Poland’s Space Agency 

Lessons from a Blue Team failure 

Intelligence and Information Warfare

A few secretive AI companies could crush free society, researchers warn 

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries 

Russia – Attribution of cyber attacks on France to the Russian military intelligence service (APT28) (April 29th 2025) 

Inside the Latest Espionage Campaign of Nebulous Mantis

Skip to main contentSkip to footer Claude API Solutions Research Commitments Learn News Try Claude Societal Impacts Detecting and Countering Malicious Uses of Claude: March 2025  

Pro-Russian hacker group shuts down websites of numerous Dutch municipalities and provinces  

FortiGuard Incident Response Team Detects Intrusion into Middle East Critical National Infrastructure

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks 

Cybersecurity

U.S. government agency sounds alarm on AI’s toll on environment, humanity  

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy 

Building Private Processing for AI tools on WhatsApp 

Indian court orders blocking of Proton Mail  

AI, Automation, and Dark Web Fuel Evolving Threat Landscape

DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns      

Pushing passkeys forward: Microsoft’s latest updates for simpler, safer sign-ins  

Irish Data Protection Commission fines TikTok €530 million and orders corrective measures following Inquiry into transfers of EEA User Data to China 

How to stay safe from ‘quishing’ and protect yourself from QR code scams  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/177397/breaking-news/security-affairs-newsletter-round-522-by-pierluigi-paganini-international-edition.html