<\/div>\n

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.<\/h2>\n\n\n\n

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.<\/p>\n\n\n\n

North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit<\/a><\/td><\/tr>

Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw<\/a><\/td><\/tr>

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns<\/a><\/td><\/tr>

Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa<\/a><\/td><\/tr>

Cisco addressed a high-severity flaw in NX-OS software<\/a><\/td><\/tr>

Corona Mirai botnet spreads via AVTECH CCTV zero-day <\/a><\/td><\/tr>

Telegram CEO Pavel Durov charged in France for facilitating criminal activities<\/a><\/td><\/tr>

Iran-linked group APT33 adds new Tickler malware to its arsenal<\/a><\/td><\/tr>

U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog<\/a><\/td><\/tr>

Young Consulting data breach impacts 954,177 individuals<\/a><\/td><\/tr>

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085<\/a><\/td><\/tr>

US offers $2.5M reward for Belarusian man involved in mass malware distribution<\/a><\/td><\/tr>

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog<\/a><\/td><\/tr>

Critical flaw in WPML WordPress plugin impacts 1M websites<\/a><\/td><\/tr>

China-linked APT Volt Typhoon exploited a zero-day in Versa Director<\/a><\/td><\/tr>

Researchers unmasked the notorious threat actor USDoD<\/a><\/td><\/tr>

The Dutch Data Protection Authority (DPA) has fined Uber a record \u20ac290M<\/a><\/td><\/tr>

Google addressed the tenth actively exploited Chrome zero-day this year<\/a><\/td><\/tr>

SonicWall addressed an improper access control issue in its firewalls<\/a><\/td><\/tr>

A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport<\/a><\/td><\/tr>

Linux malware sedexp uses udev rules for persistence and evasion<\/a><\/td><\/tr>

France police arrested Telegram CEO Pavel Durov<\/a><\/td><\/tr>

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog<\/a><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n International Press \u2013 Newsletter<\/strong><\/p>\n\n\n\n Cybercrime<\/strong>  <\/p>\n\n\n\n Telegram messaging app CEO Durov arrested in France<\/a><\/p>\n\n\n\n Thousands of travelers, airport operations impacted by Port of Seattle cyberattack<\/a>  <\/p>\n\n\n\n <\/a>Hacker who stole 3 billion US data was discovered and is Brazilian<\/a><\/p>\n\n\n\n Pressure Grows in Congress to Treat Crypto Investigator Tigran Gambaryan, Jailed in Nigeria, as a Hostage<\/a>     <\/p>\n\n\n\n Reward for Information: Belarusian National Volodymyr Kadariya<\/a>  <\/p>\n\n\n\n Phishing in Style: Microsoft Sway Abused to Deliver Quishing Attacks<\/a>  <\/p>\n\n\n\n French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform<\/a><\/p>\n\n\n\n Scam Sites at Scale: LLMs Fueling a GenAI Criminal Revolution<\/a>  <\/p>\n\n\n\n 2 men from Europe charged with \u2018swatting\u2019 plot targeting former US president and members of Congress<\/a>  <\/p>\n\n\n\n Malware<\/strong><\/p>\n\n\n\n Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules<\/a><\/p>\n\n\n\n Malware infiltrates Pidgin messenger\u2019s official plugin repository<\/a><\/p>\n\n\n\n RansomHub ransomware-as-a-service<\/a>\u00a0<\/p>\n\n\n\n StopRansomware: RansomHub Ransomware<\/a>\u00a0\u00a0<\/gwmw><\/p>\n\n\n\n The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers \u201cVoldemort\u201d<\/a><\/p>\n\n\n\n Hacking<\/strong><\/p>\n\n\n\n WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)<\/a>  <\/p>\n\n\n\n Identify and Exploit Vulnerabilities in Routers: An Introductory Guide & Technical Case Studies<\/a>   <\/p>\n\n\n\n How to discover a major hacker\u2019s identity with OSINT \u2014 Solution 1<\/a>  <\/p>\n\n\n\n May 2024 Cyber Attacks Statistics<\/a><\/p>\n\n\n\n Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day<\/a><\/p>\n\n\n\n Linux Detection Engineering –  A Sequel on Persistence Mechanism<\/a><\/p>\n\n\n\n How AitM Phishing Attacks Bypass MFA and EDR\u2014and How to Fight Back<\/a><\/p>\n\n\n\n Analysis of two arbitrary code execution vulnerabilities affecting WPS Office<\/a>         <\/p>\n\n\n\n Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool<\/a> <\/p>\n\n\n\n When Get-Out-The-Vote Efforts Look Like Phishing<\/a>     <\/p>\n\n\n\n Bypassing airport security via SQL injection<\/a><\/p>\n\n\n\n Intelligence and Information Warfare<\/strong> <\/p>\n\n\n\n New 0-Day Attacks Linked to China\u2019s \u2018Volt Typhoon\u2019<\/a><\/p>\n\n\n\n Taking the Crossroads: The Versa Director Zero-Day Exploitation<\/a><\/p>\n\n\n\n South Korea’s “Pseudo Hunter” APT organization uses multiple domestic software vulnerabilities to attack China<\/a><\/p>\n\n\n\n Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations<\/a>\u00a0\u00a0 <\/p>\n\n\n\n Telegram Founder Was Wooed and Targeted by Governments<\/a><\/p>\n\n\n\n I Spy With My Little Eye: Uncovering an Iranian Counterintelligence Operation<\/a><\/p>\n\n\n\n Russian government hackers found using exploits made by spyware companies NSO and Intellexa<\/a>      <\/p>\n\n\n\n State-backed attackers and commercial surveillance vendors repeatedly use the same exploits<\/a>  <\/p>\n\n\n\n CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations<\/a> <\/p>\n\n\n\n North Korean threat actor Citrine Sleet exploiting Chromium zero-day<\/a><\/p>\n\n\n\n North Korea Still Attacking Developers via npm<\/a>     <\/p>\n\n\n\n Cybersecurity<\/strong><\/p>\n\n\n\n FAA to issue cyber rule for newly built airplanes and equipment<\/a>  <\/p>\n\n\n\n SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access<\/a><\/p>\n\n\n\n Dutch DPA imposes a fine of 290 million euro on Uber because of transfers of drivers’ data to the US<\/a> <\/p>\n\n\n\n Research AI model unexpectedly attempts to modify its own code to extend runtime<\/a>   <\/a><\/p>\n\n\n\n Chinese broadband satellites may be Beijing’s flying spying censors, think tank warns<\/a><\/p>\n\n\n\n Signal Is More Than Encrypted Messaging. Under Meredith Whittaker, It\u2019s Out to Prove Surveillance Capitalism Wrong<\/a>  <\/p>\n\n\n\n EU investigating Telegram over user numbers<\/a>  <\/p>\n\n\n\n Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem<\/a>  <\/p>\n\n\n\n Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n (<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking,\u00a0newsletter)<\/strong><\/gwmw><\/p>\n\n\n\n <\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":" A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit Fortra fixed two severe issues in […]<\/p>\n","protected":false},"author":1,"featured_media":35167,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323],"tags":[88,182,4112,9508,9506,10918,30,3529,687,841,1533],"class_list":["post-167865","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","tag-cybercrime","tag-data-breach","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-malware-2","tag-newsletter","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n