A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems EncryptHub abuses Brave Support in new […

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems

EncryptHub abuses Brave Support in new campaign exploiting MSC EvilTwin flaw

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

‘Blue Locker’ Ransomware Targeting Oil & Gas Sector in Pakistan

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

Norway confirms dam intrusion by Pro-Russian hackers

Zoom patches critical Windows flaw allowing privilege escalation

U.S. CISA adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog

Manpower data breach impacted 144,180 individuals

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

Critical FortiSIEM flaw under active exploitation, Fortinet warns

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

Researchers cracked the encryption used by DarkBit ransomware

Chrome sandbox escape nets security researcher $250,000 reward

Smart Buses flaws expose vehicles to tracking, control, and spying

MedusaLocker ransomware group is looking for pentesters

Google confirms Salesforce CRM breach, faces extortion threat

BadCam: Linux-based Lenovo webcam bugs enable BadUSB attacks

International Press – Newsletter

Cybercrime

Google says hackers stole its customers’ data by breaching its Salesforce database

ShinyHunters sent Google an extortion demand; Shiny comments on current activities  

Two Defendants Plead Guilty To Fraud Scheme Involving Data Stolen From Hospital Patients  

Unmasking Interlock Group’s Evolving Malware Arsenal

Rapid7 Access Brokers Report: New Research Reveals Depth of Compromise in Access Broker Deals, with 71% Offering Privileged Access  

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal

Treasury Sanctions Cryptocurrency Exchange and Network Enabling Sanctions Evasion and Cyber Criminals  

Malware

‘Blue Locker’ Analysis: Ransomware Targeting Oil & Gas Sector in Pakistan 

Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images  

SCENE 1: SoupDealer – Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks 

Threat Bulletin: Fire in the Woods – A New Variant of FireWood  

Hacking

BadCam: Now Weaponizing Linux Webcams  

Postman, engineer, cleaner: Are hackers sneaking into your office?  

You Snooze You Lose: RPC-Racer Winning RPC Endpoints Against Services  

Chrome Sandbox Escape Earns Researcher $250,000

Case: Citrix vulnerability (Update 11-08-2025)  

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Uncovering memory corruption in NVIDIA Triton (as a new hire) 

Don’t Phish-let Me Down: FIDO Authentication Downgrade 

Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely!

The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device  

Intelligence and Information Warfare

ScarCruft’s New Language: Whispering in PubNub, Crafting Backdoor in Rust, Striking with Ransomware

From Drone Strike to File Recovery: Outsmarting a Nation State

New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds     

Norway spy chief blames Russian hackers for dam sabotage in April 

House of Commons hit by cyberattack from ‘threat actor’: internal email  

Vulnerabilities exposed: Israeli company reveals how users can hack ChatGPT accounts remotely  

UAT-7237 targets Taiwanese web hosting infrastructure  

Cybersecurity

The August 2025 Security Update Review     

SAP Security Notes: August 2025 Patch Day  

AI agents are being drafted into the cyber defense forces of corporations 

Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000  

How we’re using AI in new ways to fight invalid traffic  

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Source: SecurityAffairs
Source Link: https://securityaffairs.com/181226/breaking-news/security-affairs-newsletter-round-537-by-pierluigi-paganini-international-edition.html