A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme Experts warn of the new sophisticate […

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Crooks are reviving the Grandoreiro banking trojan

Russian authorities arrest three suspects behind Mamont Android banking trojan

Mozilla fixed critical Firefox vulnerability CVE-2025-2857

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

New ReaderUpdate malware variants target macOS users

BlackLock Ransomware Targeted by Cybersecurity Firm

Google fixed the first actively exploited Chrome zero-day since the start of the year

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Android malware campaigns use .NET MAUI to evade detection

Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack

A cyberattack hits Ukraine’s national railway operator Ukrzaliznytsia

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Attackers can bypass middleware auth checks by exploiting critical Next.js flaw

FBI warns of malicious free online document converters spreading malware

Cloak ransomware group hacked the Virginia Attorney General’s Office

UAT-5918 ATP group targets critical Taiwan

International Press – Newsletter

Cybercrime

Ransomware Group Claims Attack on Virginia Attorney General’s Office      

FBI Denver Warns of Online File Converter Scam  

The DNA of organised crime is changing – and so is the threat to Europe  

Exclusive: DOGE staffer ‘Big Balls’ provided tech support to cybercrime ring, records show

A Sneaky Phish Just Grabbed my Mailchimp Mailing List

Arrests in Tap-to-Pay Scheme Powered by Phishing

DeepSeek users targeted with fake sponsored Google ads that deliver malware          

Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes  

DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme  

Malware

Microsoft Trusted Signing service abused to code-sign malware

Shedding light on the ABYSSWORKER driver 

Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks

Shifting the sands of RansomHub’s EDRKillShifter  

Multiple crypto packages hijacked, turned into info-stealers  

CoffeeLoader: A Brew of Stealthy Techniques

PJobRAT makes a comeback, takes another crack at chat apps      

Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices

Hacking

Next.js and the corrupt middleware: the authorizing artifact  

Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

New GitHub Action supply chain attack: reviewdog/action-setup  

OpenAI Offering $100K Bounties for Critical Vulnerabilities

Over 150K websites hit by full-page hijack linking to Chinese gambling sites  

Intelligence and Information Warfare

Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation  

Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US

RedCurl’s Ransomware Debut: A Technical Deep Dive

You will always remember this as the day you finally caught FamousSparrow      

Private Data and Passwords of Senior U.S. Security Officials Found Online

TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN’S YOUTH LAPTOP SCHEME TO TARGET INDIA  

Cybersecurity

The Trump Administration Accidentally Texted Me Its War Plans

Flailing OpenAI Calls for Ban on Chinese AI 

Why government workers and military planners all love Signal now  

SignalGate Isn’t About Signal    

TCCing is Believing  

Oracle Health breach compromises patient data at US hospitals

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/176014/breaking-news/security-affairs-newsletter-round-517-by-pierluigi-paganini-international-edition.html