Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

International Press – Newsletter

Cybercrime

Grinex Emerges as Likely Garantex Rebrand 

Marks & Spencer breach linked to Scattered Spider ransomware attack

Alleged Nemesis Market founder charged by federal grand jury with money laundering, drug distribution

DarkWatchman cybercrime malware returns on Russian networks

Emera and Nova Scotia Power Responding to Cybersecurity Incident 

Phishing Domains Associated with LabHost PhaaS Platform Users

Santa Clarita Man Agrees to Plead Guilty to Hacking Disney Employee’s Computer, Downloading Confidential Data from Company  

Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge  

Harrods latest retailer to be hit by cyber attack 

Co-op cyber attack affects customer data, firm admits, after hackers contact BBC  

Malware

io_uring Is Back, This Time as a Rootkit  

I StealC You: Tracking the Rapid Changes To StealC

Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin

Using Trusted Protocols Against You: Gmail as a C2 Mechanism        

Dual Explanations via Subgraph Matching for Malware Detection

Hacking

Investigating an in-the-wild campaign using RCE in CraftCMS  

Fake Security Vulnerability Phishing Campaign Targets WooCommerce Users  

‘Source of data’: are electric cars vulnerable to cyber spies and hackers?  

Hello A 2024 Zero-Day Exploitation Analysis 

Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk 

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

When Space Goes Dark: Inside the Cyberattack on Poland’s Space Agency 

Lessons from a Blue Team failure 

Intelligence and Information Warfare

A few secretive AI companies could crush free society, researchers warn 

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries 

Russia – Attribution of cyber attacks on France to the Russian military intelligence service (APT28) (April 29th 2025) 

Inside the Latest Espionage Campaign of Nebulous Mantis

Skip to main contentSkip to footer Claude API Solutions Research Commitments Learn News Try Claude Societal Impacts Detecting and Countering Malicious Uses of Claude: March 2025  

Pro-Russian hacker group shuts down websites of numerous Dutch municipalities and provinces  

FortiGuard Incident Response Team Detects Intrusion into Middle East Critical National Infrastructure

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks 

Cybersecurity

U.S. government agency sounds alarm on AI’s toll on environment, humanity  

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy 

Building Private Processing for AI tools on WhatsApp 

Indian court orders blocking of Proton Mail  

AI, Automation, and Dark Web Fuel Evolving Threat Landscape

DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns      

Pushing passkeys forward: Microsoft’s latest updates for simpler, safer sign-ins  

Irish Data Protection Commission fines TikTok €530 million and orders corrective measures following Inquiry into transfers of EEA User Data to China 

How to stay safe from ‘quishing’ and protect yourself from QR code scams  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)