{"id":322594,"date":"2025-11-30T15:50:09","date_gmt":"2025-11-30T15:50:09","guid":{"rendered":"https:\/\/www.newsbeep.com\/us\/322594\/"},"modified":"2025-11-30T15:50:09","modified_gmt":"2025-11-30T15:50:09","slug":"security-affairs-newsletter-round-552-by-pierluigi-paganini-international-edition","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/us\/322594\/","title":{"rendered":"Security Affairs newsletter Round 552 by Pierluigi Paganini \u2013 INTERNATIONAL EDITION"},"content":{"rendered":"<p>\n\t\t\t\t\t\t\tSecurity Affairs newsletter Round 552 by Pierluigi Paganini \u2013 INTERNATIONAL EDITION\n\t\t\t\t\t\t<\/p>\n<p>\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/user-icon.svg\" alt=\"\"\/> <a href=\"https:\/\/securityaffairs.com\/author\/paganinip\" rel=\"nofollow noopener\" target=\"_blank\">Pierluigi Paganini<\/a><br \/>\n\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> November 30, 2025<\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/www.newsbeep.com\/us\/wp-content\/uploads\/2025\/11\/newsletter.png\" alt=\"\"\/><\/p>\n<p>A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.<\/p>\n<p>Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.<\/p>\n<p>International Press \u2013 Newsletter<\/p>\n<p>Cybercrime<a\/><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/iberia-discloses-customer-data-leak-after-vendor-security-breach\/\" rel=\"nofollow noopener\" target=\"_blank\">Iberia discloses customer data leak after vendor security breach<\/a><\/p>\n<p><a href=\"https:\/\/www.ic3.gov\/PSA\/2025\/PSA251125\" rel=\"nofollow noopener\" target=\"_blank\">Account Takeover Fraud via Impersonation of Financial Institution Support<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/onsolve-codered-cyberattack-disrupts-emergency-alert-systems-nationwide\/\" rel=\"nofollow noopener\" target=\"_blank\">OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide<\/a><\/p>\n<p><a href=\"https:\/\/www.asahigroup-holdings.com\/en\/newsroom\/detail\/20251127-0204.html\" rel=\"nofollow noopener\" target=\"_blank\">Investigation Results and Future Measures on Cyberattack Data Exposure<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/french-soccer-federation-hit-by-cyberattack-member-data-stolen\/\" rel=\"nofollow noopener\" target=\"_blank\">French Soccer Federation Hit by Cyberattack, Member Data Stolen<\/a>\u00a0\u00a0<\/p>\n<p>Malware<\/p>\n<p><a href=\"https:\/\/asec.ahnlab.com\/en\/91166\/\" rel=\"nofollow noopener\" target=\"_blank\">Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287)<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.wiz.io\/blog\/shai-hulud-2-0-ongoing-supply-chain-attack\" rel=\"nofollow noopener\" target=\"_blank\">Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed<\/a><\/p>\n<p><a href=\"https:\/\/www.acronis.com\/en\/tru\/posts\/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix\/\" rel=\"nofollow noopener\" target=\"_blank\">Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix<\/a><\/p>\n<p><a href=\"https:\/\/www.aikido.dev\/blog\/shai-hulud-strikes-again-hitting-zapier-ensdomains\" rel=\"nofollow noopener\" target=\"_blank\">Shai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman Compromised<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/socket.dev\/blog\/north-korea-contagious-interview-npm-attacks\" rel=\"nofollow noopener\" target=\"_blank\">Inside the GitHub Infrastructure Powering North Korea\u2019s Contagious Interview npm Attacks<\/a><\/p>\n<p>Hacking<\/p>\n<p><a href=\"https:\/\/labs.watchtowr.com\/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem\/\" rel=\"nofollow noopener\" target=\"_blank\">Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/openai-user-data-exposed-in-mixpanel-hack\/\" rel=\"nofollow noopener\" target=\"_blank\">OpenAI User Data Exposed in Mixpanel Hack<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.ontinue.com\/resource\/blog-microsoft-chat-with-anyone-understanding-phishing-risk\/\" rel=\"nofollow noopener\" target=\"_blank\">B2B Guest Access Creates an Unprotected Attack Vector<\/a><\/p>\n<p><a href=\"https:\/\/securelist.ru\/toddycat-apt-steals-email-data-from-outlook\/114045\/\" rel=\"nofollow noopener\" target=\"_blank\">ToddyCat \u2013 Your Hidden Email Assistant. Part 1<\/a><\/p>\n<p><a href=\"https:\/\/www.oligo.security\/blog\/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover\" rel=\"nofollow noopener\" target=\"_blank\">Critical Vulnerabilities in FluentBit Expose Cloud Environments to Remote Takeover<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2025\/11\/second-sha1-hulud-wave-affects-25000.html\" rel=\"nofollow noopener\" target=\"_blank\">Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft<\/a><\/p>\n<p>Intelligence and Information Warfare<\/p>\n<p><a href=\"https:\/\/www.crowdstrike.com\/en-us\/blog\/crowdstrike-researchers-identify-hidden-vulnerabilities-ai-coded-software\/\" rel=\"nofollow noopener\" target=\"_blank\">CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers<\/a>\u00a0<\/p>\n<p><a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/11\/24\/spyware-allows-cyber-threat-actors-target-users-messaging-applications\" rel=\"nofollow noopener\" target=\"_blank\">Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications<\/a>\u200b\u00a0<\/p>\n<p><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/romcom-utilizing-socgholish-to-deliver-mythic-agent-to-usa-companies-supporting-ukraine\/\" rel=\"nofollow noopener\" target=\"_blank\">Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine<\/a><\/p>\n<p><a href=\"https:\/\/therecord.media\/hackers-knock-out-systems-russia-operated-post-ukraine\" rel=\"nofollow noopener\" target=\"_blank\">Hackers knock out systems at Moscow-run postal operator in occupied Ukraine<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.hoover.org\/research\/artificial-intelligence-and-future-war\" rel=\"nofollow noopener\" target=\"_blank\">Artificial Intelligence And The Future Of War<\/a>\u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/socket.dev\/blog\/north-korea-contagious-interview-npm-attacks\" rel=\"nofollow noopener\" target=\"_blank\">Inside the GitHub Infrastructure Powering North Korea\u2019s Contagious Interview npm Attacks<\/a><\/p>\n<p><a href=\"https:\/\/www.group-ib.com\/blog\/bloody-wolf\/\" rel=\"nofollow noopener\" target=\"_blank\">Bloody Wolf: A Blunt Crowbar Threat To Justice<\/a><\/p>\n<p>Cybersecurity<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4093403\/root-causes-of-security-breaches-remain-elusive-jeopardizing-resilience.html\" rel=\"nofollow noopener\" target=\"_blank\">Root causes of security breaches remain elusive \u2014 jeopardizing resilience<\/a><a href=\"https:\/\/doublepulsar.com\/what-organisations-can-learn-from-the-record-breaking-fine-over-capitas-ransomware-incident-6afbdfcdd35b\" rel=\"nofollow noopener\" target=\"_blank\"><\/p>\n<p><a href=\"https:\/\/doublepulsar.com\/what-organisations-can-learn-from-the-record-breaking-fine-over-capitas-ransomware-incident-6afbdfcdd35b\" rel=\"nofollow noopener\" target=\"_blank\">What organisations can learn from the record breaking fine over Capita\u2019s ransomware incident<\/a>\u00a0\u00a0 \u00a0\u00a0<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/harvard-university-discloses-data-breach-affecting-alumni-donors\/\" rel=\"nofollow noopener\" target=\"_blank\">Harvard University discloses data breach affecting alumni, donors<\/a><\/p>\n<p><a href=\"https:\/\/news.sky.com\/story\/london-councils-hit-by-cyber-attack-with-data-potentially-compromised-13475400\" rel=\"nofollow noopener\" target=\"_blank\">London councils hit by \u2018cyber attack\u2019 with data potentially compromised<\/a>\u00a0<\/p>\n<p><a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2025\/11\/30\/google-starts-sharing-all-your-text-messages-with-your-employer\/\" rel=\"nofollow noopener\" target=\"_blank\">Google Starts Sharing All Your Text Messages With Your Employer<\/a>\u00a0\u00a0<\/p>\n<p>Follow me on Twitter:\u00a0<a href=\"https:\/\/twitter.com\/securityaffairs\" rel=\"nofollow noopener\" target=\"_blank\">@securityaffairs<\/a>\u00a0and\u00a0<a href=\"https:\/\/www.facebook.com\/sec.affairs\" rel=\"nofollow noopener\" target=\"_blank\">Facebook<\/a>\u00a0and\u00a0<a href=\"https:\/\/infosec.exchange\/@securityaffairs\" rel=\"nofollow noopener\" target=\"_blank\">Mastodon<\/a><\/p>\n<p><a href=\"http:\/\/www.linkedin.com\/pub\/pierluigi-paganini\/b\/742\/559\" rel=\"nofollow noopener\" target=\"_blank\">Pierluigi\u00a0Paganini<\/a><\/p>\n<p>(<a href=\"http:\/\/securityaffairs.co\/wordpress\/\" rel=\"nofollow noopener\" target=\"_blank\">SecurityAffairs<\/a>\u00a0\u2013\u00a0hacking,\u00a0newsletter)<\/p>\n<p>\t\t\t\t\t\t\t\t\t\t\t<script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"Security Affairs newsletter Round 552 by Pierluigi Paganini \u2013 INTERNATIONAL EDITION Pierluigi Paganini November 30, 2025 A new&hellip;\n","protected":false},"author":2,"featured_media":24123,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[4,450,451,3,452,453],"class_list":{"0":"post-322594","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-breaking-news","8":"tag-breaking-news","9":"tag-breakingnews","10":"tag-headlines","11":"tag-news","12":"tag-top-stories","13":"tag-topstories"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/322594","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/comments?post=322594"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/322594\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media\/24123"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media?parent=322594"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/categories?post=322594"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/tags?post=322594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}