A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html) [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html) [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html) [Banshee macOS stealer supports new evasion mechanisms](https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html) [Researchers disclosed details of a now-patched Samsung zero-click flaw](https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html) [Phishers abuse CrowdStrike brand targeting job seekers with cryptominer](https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html) [China-linked APT group MirrorFace targets Japan](https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html) [U.S. Medical billing provider Medusind suffered a sata breach](https://securityaffairs.com/172870/data-breach/medusind-data-breach.html) [Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex](https://securityaffairs.com/172864/hacktivism/ukrainian-cyber-alliance-destroyed-russian-isp-nodex.html) [U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/172857/hacking/u-s-cisa-adds-ivanti-connect-secure-policy-secure-and-zta-gateways-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [SOC Scalability: How AI Supports Growth Without Overloading Analysts](https://securityaffairs.com/172831/security/scaling-up-a-security-operations-center-soc.html) [SonicWall warns of an exploitable SonicOS vulnerability](https://securityaffairs.com/172823/security/sonicwall-sonicos-authentication-bypass-flaw.html) [Gayfemboy Botnet targets Four-Faith router vulnerability](https://securityaffairs.com/172805/malware/gayfemboy-mirai-botnet-four-faith-flaw.html) [Meta replaces fact-checking with community notes post ‘Cultural Tipping Point’](https://securityaffairs.com/172793/social-networks/meta-replaces-fact-checking.html) [U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/172783/security/u-s-cisa-adds-oracle-weblogic-server-mitel-micollab-flaws-known-exploited-vulnerabilities-catalog.html) [Threat actors breached the Argentina’s airport security police (PSA) payroll](https://securityaffairs.com/172776/uncategorized/argentinas-airport-security-police-psa-payroll-hacked.html) [Moxa router flaws pose serious risks to industrial environmets](https://securityaffairs.com/172770/ics-scada/moxa-router-flaws-risks-to-industrial-environmets.html) [US adds Tencent to the list of companies supporting Chinese military](https://securityaffairs.com/172765/security/us-adds-tencent-list-of-companies-supporting-chinese-military.html) [Eagerbee backdoor targets govt entities and ISPs in the Middle East](https://securityaffairs.com/172748/malware/eagerbee-backdoor-targets-middle-east.html) [Nessus scanner agents went offline due to a faulty plugin update](https://securityaffairs.com/172738/security/nessus-scanner-agents-issue.html) [China-linked Salt Typhoon APT compromised more US telecoms than previously known](https://securityaffairs.com/172724/intelligence/china-linked-salt-typhoon-breached-multiple-us.html) [PLAYFULGHOST backdoor supports multiple information stealing features](https://securityaffairs.com/172707/malware/playfulghost-backdoor-capabilities.html) [Nuclei flaw allows signature bypass and code execution](https://securityaffairs.com/172692/security/nuclei-flaw-execute-malicious-code.html)**International Press — Newsletter****Cybercrime**[School districts in Maine, Tennessee respond to holiday cyberattacks](https://therecord.media/school-cyberattacks-holidays-maine-tennessee)[The data of members of the PSA, the force that depends on Bullrich, was hacked and part of their salary was stolen](https://www.pagina12.com.ar/794730-el-apagon-y-hackeo-que-la-psa-queria-ocultar)[A Day in the Life of a Prolific Voice Phishing Crew](https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/)[Phish-free PayPal Phishing](https://www.fortinet.com/blog/threat-research/phish-free-paypal-phishing)[Marijuana dispensary STIIIZY warns of leaked IDs after November data breach](https://therecord.media/marijuana-dispensary-warns-of-data-breach)[Operators of Cryptocurrency Mixers Charged with Money Laundering](https://www.justice.gov/opa/pr/operators-cryptocurrency-mixers-charged-money-laundering)[Fintech Giant Finastra Investigating Data Breach](https://krebsonsecurity.com/2024/11/fintech-giant-finastra-investigating-data-breach/)[Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.infostealers.com/article/telefonica-breach-infostealer-malware-opens-door-for-social-engineering-tactics/)[Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data](https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/)**Malware**[Finding Malware: Unveiling PLAYFULGHOST with Google Security Operations](https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Unveiling-PLAYFULGHOST-with-Google-Security/ba-p/850676)[EAGERBEE, with updated and novel components, targets the Middle East](https://securelist.com/eagerbee-backdoor/115175/)[Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit](https://blog.xlab.qianxin.com/gayfemboy-en/)[Recruitment Phishing Scam Imitates CrowdStrike Hiring Process](https://www.crowdstrike.com/en-us/blog/recruitment-phishing-scam-imitates-crowdstrike-hiring-process/)**Hacking**[Breaking the Chain: Wiz Uncovers a Signature Verification Bypass in Nuclei, the Popular Vulnerability Scanner (CVE-2024-43405)](https://www.wiz.io/blog/nuclei-signature-verification-bypass)[Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability](https://unit42.paloaltonetworks.com/multi-turn-technique-jailbreaks-llms/)[Genetic Engineering Meets Reverse Engineering: DNA Sequencer’s Vulnerable BIOS](https://eclypsium.com/blog/genetic-engineering-meets-reverse-engineering-dna-sequencers-vulnerable-bios/)[Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure](https://thehackernews.com/2025/01/ivanti-flaw-cve-2025-0282-actively.html)[GFI KerioControl Firewall Vulnerability Exploited in the Wild](https://www.securityweek.com/gfi-keriocontrol-firewall-vulnerability-exploited-in-the-wild/)[Samsung S24: Out of bounds write in APE Decoder](https://project-zero.issues.chromium.org/issues/368695689)[Facebook awards researcher $100,000 for finding bug that granted internal access](https://techcrunch.com/2025/01/09/facebook-awards-researcher-100000-for-finding-bug-that-granted-internal-access/)**Intelligence and Information Warfare**[Chinese hack of US telecoms compromised more firms than previously known, WSJ says](https://www.reuters.com/business/media-telecom/chinese-hack-us-telecoms-compromised-more-firms-than-previously-known-wsj-says-2025-01-05/)[US designates Tencent as Chinese military company](https://www.bbc.com/news/articles/c9q78wn9g8zo)[CISA Update on Treasury Breach](https://www.cisa.gov/news-events/news/cisa-update-treasury-breach)[Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers](https://therecord.media/russian-internet-provider-says-network-destroyed-cyberattack)[Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation](https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day)[Chinese State-Sponsored RedDelta Targeted Taiwan, Mongolia, and Southeast Asia with Adapted PlugX Infection Chain](https://www.recordedfuture.com/research/reddelta-chinese-state-sponsored-group-targets-mongolia-taiwan-southeast-asia)[Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases](https://www.theregister.com/2025/01/10/china_treasury_foreign_investment/)**Cybersecurity** [](https://thehackernews.com/2025/01/india-proposes-digital-data-rules-with.html)[India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements](https://thehackernews.com/2025/01/india-proposes-digital-data-rules-with.html)[Meta is ending its fact-checking program in favor of a ‘community notes’ system similar to X](https://www.nbcnews.com/tech/social-media/meta-ends-fact-checking-program-community-notes-x-rcna186468)[New labels will help people pick devices less at risk of hacking](https://apnews.com/article/cybersecurity-trust-mark-labels-fcc-hacking-smart-devices-74e535f7e5b6d65edc690671d384b949)[Elon Musk says all human data for AI training ‘exhausted’](https://www.theguardian.com/technology/2025/jan/09/elon-musk-data-ai-training-artificial-intelligence)[China releases world’s most powerful electronic warfare weapon design software — for free](https://amp-scmp-com.cdn.ampproject.org/c/s/amp.scmp.com/news/china/science/article/3292466/china-releases-worlds-most-powerful-electronic-warfare-weapon-design-software-free)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
CVE-2024-43405
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 335 – Electrical Equipment
Appliance
Component Manufacturing
NAICS: 519 – Web Search Portals
Libraries
Archives
Other Information Services
NAICS: 517 – Telecommunications
NAICS: 336 – Transportation Equipment Manufacturing
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
Associated Indicators: