Código HTML do Conteúdo
Post: Security Affairs newsletter Round 537 by Pierluigi Paganini – INTERNATIONAL EDITION
<div>
<h2>Security Affairs newsletter Round 537 by Pierluigi Paganini – INTERNATIONAL EDITION</h2>
<h2>A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.</h2>
<p>Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.</p>
<p><strong>International Press – Newsletter</strong></p>
<p><strong>Cybercrime<a target="_blank"></a></strong></p>
<p><a href="https://techcrunch.com/2025/08/06/google-says-hackers-stole-its-customers-data-in-a-breach-of-its-salesforce-database/" target="_blank">Google says hackers stole its customers’ data by breaching its Salesforce database</a></p>
<p><a href="https://databreaches.net/2025/08/08/shinyhunters-sent-google-an-extortion-demand-shiny-comments-on-current-activities/" target="_blank">ShinyHunters sent Google an extortion demand; Shiny comments on current activities</a></p>
<p><a href="https://www.justice.gov/usao-sdny/pr/two-defendants-plead-guilty-fraud-scheme-involving-data-stolen-hospital-patients" target="_blank">Two Defendants Plead Guilty To Fraud Scheme Involving Data Stolen From Hospital Patients</a></p>
<p><a href="https://www.esentire.com/blog/unmasking-interlock-groups-evolving-malware-arsenal" target="_blank">Unmasking Interlock Group’s Evolving Malware Arsenal</a></p>
<p><a href="https://www.rapid7.com/about/press-releases/rapid7-access-brokers-report-new-research-reveals-depth-of-compromise-in-access-broker-deals-with-71-offering-privileged-access/" target="_blank">Rapid7 Access Brokers Report: New Research Reveals Depth of Compromise in Access Broker Deals, with 71% Offering Privileged Access</a></p>
<p><a href="https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/when-hackers-call-social-engineering-abusing-brave-support-and-encrypthubs-expanding-arsenal/" target="_blank">When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal</a></p>
<p><a href="https://home.treasury.gov/news/press-releases/sb0225" target="_blank">Treasury Sanctions Cryptocurrency Exchange and Network Enabling Sanctions Evasion and Cyber Criminals</a></p>
<p><strong>Malware</strong><strong></strong></p>
<p><a href="https://www.resecurity.com/blog/article/blue-locker-analysis-ransomware-targeting-oil-gas-sector-in-pakistan" target="_blank">‘Blue Locker’ Analysis: Ransomware Targeting Oil & Gas Sector in Pakistan</a></p>
<p><a href="https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images" target="_blank">Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images</a></p>
<p><a href="https://www.malwation.com/blog/technical-analysis-of-a-stealth-java-loader-used-in-phishing-campaigns-targeting-turkiye" target="_blank">SCENE 1: SoupDealer – Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye</a></p>
<p><a href="https://www.trendmicro.com/en_us/research/25/h/crypto24-ransomware-stealth-attacks.html" target="_blank">Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks</a></p>
<p><a href="https://intezer.com/blog/threat-bulletin-firewood/" target="_blank">Threat Bulletin: Fire in the Woods – A New Variant of FireWood</a></p>
<p><strong>Hacking</strong></p>
<p><a href="https://eclypsium.com/blog/badcam-now-weaponizing-linux-webcams/" target="_blank">BadCam: Now Weaponizing Linux Webcams</a></p>
<p><a href="https://www.euronews.com/business/2025/08/10/postman-engineer-cleaner-are-hackers-sneaking-into-your-office" target="_blank">Postman, engineer, cleaner: Are hackers sneaking into your office?</a></p>
<p><a href="https://www.safebreach.com/blog/you-snooze-you-lose-winning-rpc-endpoints/" target="_blank">You Snooze You Lose: RPC-Racer Winning RPC Endpoints Against Services</a> <a href="https://www.securityweek.com/chrome-sandbox-escape-earns-researcher-250000/" target="_blank"></a></p>
<p><a href="https://www.securityweek.com/chrome-sandbox-escape-earns-researcher-250000/" target="_blank">Chrome Sandbox Escape Earns Researcher $250,000</a></p>
<p><a href="https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid" target="_blank">Case: Citrix vulnerability (Update 11-08-2025)</a></p>
<p><a href="https://thehackernews.com/2025/08/fortinet-warns-about-fortisiem.html" target="_blank">Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code</a></p>
<p><a href="https://blog.trailofbits.com/2025/08/04/uncovering-memory-corruption-in-nvidia-triton-as-a-new-hire/" target="_blank">Uncovering memory corruption in NVIDIA Triton (as a new hire)</a></p>
<p><a href="https://www.proofpoint.com/us/blog/threat-insight/dont-phish-let-me-down-fido-authentication-downgrade" target="_blank">Don’t Phish-let Me Down: FIDO Authentication Downgrade</a></p>
<p><a href="https://security.humanativaspa.it/attacking-genai-applications-and-llms-sometimes-all-it-takes-is-to-ask-nicely/" target="_blank">Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely!</a></p>
<p><a href="https://zimperium.com/blog/the-rooting-of-all-evil-security-holes-that-could-compromise-your-mobile-device" target="_blank">The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device</a></p>
<p><strong>Intelligence and Information Warfare</strong></p>
<p><a href="https://s2w.inc/en/resource/detail/899" target="_blank">ScarCruft’s New Language: Whispering in PubNub, Crafting Backdoor in Rust, Striking with Ransomware</a></p>
<p><a href="https://profero.io/blog/from-drone-strike-to-file-recovery-outsmarting-a-nation-state" target="_blank">From Drone Strike to File Recovery: Outsmarting a Nation State</a></p>
<p><a href="https://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html" target="_blank">New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises</a></p>
<p><a href="https://businessinsights.bitdefender.com/curly-comrades-new-threat-actor-targeting-geopolitical-hotbeds" target="_blank">Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds</a> </p>
<p><a href="https://www.reuters.com/technology/norway-spy-chief-blames-russian-hackers-dam-sabotage-april-2025-08-13/" target="_blank">Norway spy chief blames Russian hackers for dam sabotage in April</a></p>
<p><a href="https://www.cbc.ca/news/politics/house-of-commons-data-breach-1.7608061" target="_blank">House of Commons hit by cyberattack from ‘threat actor’: internal email</a></p>
<p><a href="https://www.jpost.com/business-and-innovation/tech-and-start-ups/article-863740" target="_blank">Vulnerabilities exposed: Israeli company reveals how users can hack ChatGPT accounts remotely</a></p>
<p><a href="https://blog.talosintelligence.com/uat-7237-targets-web-hosting-infra/" target="_blank">UAT-7237 targets Taiwanese web hosting infrastructure</a></p>
<p><strong>Cybersecurity</strong></p>
<p><a href="https://www.zerodayinitiative.com/blog/2025/8/12/the-august-2025-security-update-review" target="_blank">The August 2025 Security Update Review</a> </p>
<p><a href="https://onapsis.com/blog/sap-security-notes-august-2025-patch-day/" target="_blank">SAP Security Notes: August 2025 Patch Day</a></p>
<p><a href="https://www-cnbc-com.cdn.ampproject.org/c/s/www.cnbc.com/amp/2025/08/10/ai-agents-drafted-into-cybersecurity-defense-forces-of-companies.html" target="_blank">AI agents are being drafted into the cyber defense forces of corporations</a></p>
<p><a href="https://www.securityweek.com/manpower-says-data-breach-stemming-from-ransomware-attack-impacts-140000/" target="_blank">Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000</a></p>
<p><a href="https://blog.google/products/ads-commerce/using-ai-to-fight-invalid-ad-traffic/" target="_blank">How we’re using AI in new ways to fight invalid traffic</a> <a href="https://thehackernews.com/2025/08/cisco-warns-of-cvss-100-fmc-radius-flaw.html" target="_blank"></a></p>
<p><a href="https://thehackernews.com/2025/08/cisco-warns-of-cvss-100-fmc-radius-flaw.html" target="_blank">Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution</a></p>
<p><a href="https://www.wired.com/story/the-first-federal-cybersecurity-disaster-of-trump-20-has-arrived/" target="_blank">The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived</a></p>
<p>Follow me on Twitter:<a href="https://twitter.com/securityaffairs" target="_blank">@securityaffairs</a>and<a href="https://www.facebook.com/sec.affairs" target="_blank">Facebook</a>and<a href="https://infosec.exchange/@securityaffairs" target="_blank">Mastodon</a></p>
<p><a href="http://www.linkedin.com/pub/pierluigi-paganini/b/742/559" target="_blank">PierluigiPaganini</a></p>
<p>(<a href="http://securityaffairs.co/wordpress/" target="_blank">SecurityAffairs</a>–hacking,newsletter)</p>
<hr>
<hr>
</div>