A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network […

A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Silent Ransom Group targeting law firms, the FBI warns

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Operation RapTor led to the arrest of 270 dark web vendors and buyers

Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog

New Signal update stops Windows from capturing user chats

Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS

Russia-linked APT28 targets western logistics entities and technology firms

A cyberattack was responsible for the week-long outage affecting Cellcom wireless network

Coinbase data breach impacted 69,461 individuals

U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

A critical flaw in OpenPGP.js lets attackers spoof message signatures

SK Telecom revealed that malware breach began in 2022

4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

UK’s Legal Aid Agency discloses a data breach following April cyber attack

Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

Japan passed a law allowing preemptive offensive cyber actions

James Comey is under investigation by Secret Service for a seashell photo showing “8647”

Pwn2Own Berlin 2025: total prize money reached $1,078,750

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

International Press – Newsletter

Cybercrime

M&S hackers believed to have gained access through third party 

Domestic abuse victim data stolen in Legal Aid hack  

An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado  

“SKT All Subscribers’ SIM Card Information Leaked”… Malicious Codes Increase to 25 Types 

Worcester College Student to Plead Guilty to Cyber Extortions  

A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist

Cellcom Service Disruption Caused by Cyberattack

Justice Department Seizes Domains Behind Major Information-Stealing Malware Operation

270 arrested in global dark web crackdown targeting online drug and criminal networks  

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead

Leader of Qakbot Malware Conspiracy Indicted for Involvement in Global Ransomware Scheme

Silent Ransom Group Targeting Law Firms 

Operation ENDGAME strikes again: the ransomware kill chain broken at its source 

Malware

Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector  

RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale 

Hidden Threats of Dual-Function Malware Found in Chrome Extensions       

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

A Brief History of DanaBot, Longtime Ecrime Juggernaut Disrupted by Operation Endgame    

Hacking

Pwn2Own Berlin 2025: Day Three Results  

Firefox Security Response to pwn2own 2025 

The Legacy Loophole: How Attackers Are Exploiting Entra ID and What to Do About It  

O2 VoLTE: locating any customer with a phone call  

ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse

Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)      

Intelligence and Information Warfare

Rogue communication devices found in Chinese solar power inverters

New Japan law allows preemptive defense of infrastructure cyberattack

ESET APT Activity Report Q4 2024–Q1 2025

From banks to battalions: SideWinder’s attacks on South Asia’s public sector  

Russian GRU Targeting Western Logistics Entities and Technology Companies

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Cybersecurity

Ex-FBI boss James Comey investigated for seashell photo seen as threat to Trump 

“We would be less confidential than Google” – Proton threatens to quit Switzerland over new surveillance law 

Japan passed a law allowing preemptive offensive cyber actions

We Made Luigi Mangione’s 3D-Printed Gun—and Fired It 

Cyber attack threat keeps me awake at night, bank boss says  

By Default, Signal Doesn’t Recall  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/178257/breaking-news/security-affairs-newsletter-round-525-by-pierluigi-paganini-international-edition.html