A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups HybridPetya ransomware bypasses UEFI Secure Boot […] A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI warns of Salesforce attacks by UNC6040 and UNC6395 groupsHybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetyaCisco fixes high-severity IOS XR flaws enabling image bypass and DoSSamsung fixed actively exploited zero-dayUK train operator LNER (London North Eastern Railway) discloses a data breachApple issues spyware warnings as CERT-FR confirms attacksU.S. CISA adds Dassault Syst mes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalogAkira Ransomware exploits year-old SonicWall flaw with multiple vectorsGoogle fixes critical Chrome flaw, researcher earns $43KKosovo man pleads guilty to running online criminal marketplace BlackDBAttackers abuse ConnectWise ScreenConnect to drop AsyncRATJaguar Land Rover discloses a data breach after recent cyberattackCritical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accountsGoogle Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited imagesKillSec Ransomware is Attacking Healthcare Institutions in BrazilMicrosoft Patch Tuesday security updates for September 2025 fixed two zero-day flawsSAP September 2025 Patch Day fixed 4 critical flawsSupply chain attack targets npm, +2 Billion weekly npm downloads exposedLunaLock Ransomware threatens victims by feeding stolen data to AI modelsHackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attackCanadian investment platform Wealthsimple disclosed a data breachVenezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spiesCzech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure International Press Newsletter Cybercrime New LunaLock ransomware group emerges with unique extortion tactic ACE and DAZN Shut Down Calcio, One of Italy’s Most-Visited Illicit Sports Streaming Networks KillSec Ransomware is Attacking Healthcare Institutions in Brazil Jaguar Land Rover admits hackers may have taken data Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises Kosovo National Pleads Guilty To Operating An Online Criminal Marketplace Off Your Docker: Exposed APIs Are Targeted in New Malware Strain Employee at Multinational DVD Company Sentenced to Over Four Years Prison for Stealing, Selling Pre-Release Commercial DVDs for Blockbuster Films Bulletproof Host Stark Industries Evades EU Sanctions Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion Malware GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe Trojanized ScreenConnect installers evolve, dropping multiple RATs on a single machine AsyncRAT in Action: Fileless Malware Techniques and Analysis of a Remote Access Trojan ChillyHell: A Deep Dive into a Modular macOS Backdoor Hacking GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies npm debug and chalk packages compromised Critical Chrome Vulnerability Earns Researcher $43,000 Akira Ransomware Group Utilizing SonicWall Devices for Initial Access NT OS Kernel Information Disclosure Vulnerability CVE-2025-53136 Samsung patches actively exploited zero-day reported by WhatsApp Intelligence and Information Warfare N KIB issued a warning against the threat of data transfer and remote administration from the People’s Republic of China Venezuela’s president thinks American spies can’t hack Huawei phones Handbook “Weapons of Information Warfare” France says Apple notified victims of new spyware attacks Geedge & MESA Leak: Analyzing the Great Firewall’s Largest Document Leak APT37 Targets Windows with Rust Backdoor and Python Loader Cybersecurity Lovesac confirms data breach after ransomware attack claims Introducing Signal Secure Backups The September 2025 Security Update Review Memory Integrity Enforcement: A complete vision for memory safety in Apple devices How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials Treasury Sanctions Southeast Asian Networks Targeting Americans with Cyber Scams UK Train Operator LNER Warns Customers of Data Breach U.S. Senator accuses Microsoft of “gross cybersecurity negligence” Sam Altman says that bots are making social media feel ‘fake’ AI Startup Says It Will End Crime by Blanketing the Entire United States in Ever-Watching Spy Cameras Tenable Confirms Data Breach Hackers Accessed Customers’ Contact Details Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs hacking, newsletter)
Published: 2025-09-14T12:09:19