1(520) 261-1728

info@threatintel-solutions.net

Threat Intel Solutions

Let’s Talk

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[A flaw in Verizon’s iOS Call Filter app exposed call records of millions](https://securityaffairs.com/176217/hacking/verizon-s-ios-call-filter-app-flaw.html) [Port of Seattle ‘s August data breach impacted 90,000 people](https://securityaffairs.com/176205/data-breach/port-of-seattle-august-data-breach-impacted-90000-people.html) [President Trump fired the head of U.S. Cyber Command and NSA](https://securityaffairs.com/176196/intelligence/president-trump-fired-the-head-of-u-s-cyber-command-and-nsa.html) [CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware](https://securityaffairs.com/176181/cyber-warfare-2/cert-ua-reports-attacks-in-march-2025-targeting-ukrainian-agencies-with-wrecksteel-malware.html) [39M secrets exposed: GitHub rolls out new security tools](https://securityaffairs.com/176170/security/39m-secrets-exposed-github-rolls-out-new-security-tools.html) [China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March](https://securityaffairs.com/176162/apt/china-linked-group-unc5221-exploited-ivanti-connect-secure-zero-day-since-mid-march.html) [Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests](https://securityaffairs.com/176154/cyber-crime/europol-led-op-shuts-down-csam-platform-kidflix.html) [New Triada Trojan comes preinstalled on Android devices](https://securityaffairs.com/176143/malware/new-triada-comes-preinstalled-on-android-devices.html) [New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows](https://securityaffairs.com/176134/malware/new-advanced-fin7s-anubis-backdoor-allows-to-gain-full-system-control-on-windows.html) [U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/176129/security/u-s-cisa-adds-apache-tomcat-flaw-known-exploited-vulnerabilities-catalog.html) [Apple backported fixes for three actively exploited flaws to older devices](https://securityaffairs.com/176119/security/apple-backported-fixes-for-three-actively-exploited-flaws-to-older-devices.html) [Spike in Palo Alto Networks scanner activity suggests imminent cyber threats](https://securityaffairs.com/176108/hacking/spike-in-palo-alto-networks-scanner-activity-suggests-imminent-cyber-threats.html) [Microsoft warns of critical flaw in Canon printer drivers](https://securityaffairs.com/176104/security/microsoft-warns-of-critical-flaw-in-canon-printer-drivers.html) [CrushFTP CVE-2025-2825 flaw actively exploited in the wild](https://securityaffairs.com/176097/hacking/crushftp-cve-2025-2825-flaw-actively-exploited.html) [France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency](https://securityaffairs.com/176092/laws-and-regulations/frances-antitrust-authority-fines-apple-e150m.html) [Hiding WordPress malware in the mu-plugins directory to avoid detection](https://securityaffairs.com/176083/malware/wordpress-malware-in-the-mu-plugins-directory.html) [U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/176073/hacking/u-s-cisa-adds-cisco-smart-licensing-utility-flaw-known-exploited-vulnerabilities-catalog.html) [Russia-linked Gamaredon targets Ukraine with Remcos RAT](https://securityaffairs.com/176057/cyber-warfare-2/russia-linked-gamaredon-targets-ukraine-with-remcos-rat.html) [CoffeeLoader uses a GPU-based packer to evade detection](https://securityaffairs.com/176046/malware/coffeeloader-is-a-sophisticated-malware.html) [Morphing Meerkat phishing kits exploit DNS MX records](https://securityaffairs.com/176029/cyber-crime/morphing-meerkat-phishing-kits-exploit-dns-mx.html) [CISA warns of RESURGE malware exploiting Ivanti flaw](https://securityaffairs.com/176040/breaking-news/cisa-warns-of-resurge-malware-exploiting-ivanti-flaw.html) [Sam’s Club Investigates Alleged Cl0p Ransomware Breach](https://securityaffairs.com/175999/cyber-crime/sams-club-investigates-alleged-cl0p-ransomware-breach.html)**International Press — Newsletter****Cybercrime**[Walmart’s Sam’s Club claimed by Cl0p ransomware gang](https://cybernews.com/news/sams-club-walmart-investigates-clop-ransomware-claim/)[Anubis Backdoor](https://catalyst.prodaft.com/public/report/anubis-backdoor/overview)[New version of Triada steals cryptocurrency, messenger accounts and replaces phone numbers during calls](https://www.kaspersky.ru/about/press-releases/novaya-versiya-triada-kradyot-kriptovalyutu-akkaunty-v-messendzherah-i-podmenyaet-nomera-telefonov-vo-vremya-zvonkov)[The beginning of the end: the story of Hunters International](https://www.group-ib.com/blog/hunters-international-ransomware-group/)[Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users](https://www.europol.europa.eu/media-press/newsroom/news/global-crackdown-kidflix-major-child-sexual-exploitation-platform-almost-two-million-users)[Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems](https://therecord.media/native-minnesota-tribe-says-cyber-incident-disrupted-healthcare-casino)[Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe](https://krebsonsecurity.com/2025/04/cyber-forensic-expert-in-2000-cases-faces-fbi-probe/)**Malware**[CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure](https://www.cisa.gov/news-events/alerts/2025/03/28/cisa-releases-malware-analysis-report-resurge-malware-associated-ivanti-connect-secure)[Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor](https://www.gdatasoftware.com/blog/2025/03/38161-analysis-fin7-anubis-backdoor)[Advancements in delivery: Scripting with Nietzsche](https://www.acronis.com/en-us/cyber-protection-center/posts/advancements-in-delivery-scripting-with-nietzsche/)[Analyzing New HijackLoader Evasion Tactics](https://www.zscaler.com/blogs/security-research/analyzing-new-hijackloader-evasion-tactics)[Malicious Python packages target popular Bitcoin library](https://www.reversinglabs.com/blog/malicious-python-packages-target-popular-bitcoin-library)**Hacking**[A Phishing Tale of DoH and DNS MX Abuse](https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/)[Hackers are now using AI to break AI — and it’s working](https://bgr.com/tech/hackers-are-now-using-ai-to-break-ai-and-its-working/)[Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats](https://www.greynoise.io/blog/surge-palo-alto-networks-scanner-activity)[Someone is trying to recruit security researchers in bizarre hacking campaign](https://techcrunch.com/2025/04/01/someone-is-trying-to-recruit-security-researchers-in-bizarre-hacking-campaign/)[Critical RCE Vulnerability in Apache Parquet (CVE-2025-30065) — Advisory and Analysis](https://www.endorlabs.com/learn/critical-rce-vulnerability-in-apache-parquet-cve-2025-30065—advisory-and-analysis)[Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack](https://www.securityweek.com/compromised-spotbugs-token-led-to-github-actions-supply-chain-hack/)[Hacking the Call Records of Millions of Americans](https://evanconnelly.github.io/post/hacking-call-records/)[SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack](https://thehackernews.com/2025/04/spotbugs-access-token-theft-identified.html)**Intelligence and Information Warfare**[Gamaredon campaign abuses LNK files to distribute Remcos backdoor](https://blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/)[Russian spies as disinformation actors](https://euvsdisinfo.eu/russian-spies-as-disinformation-actors/)[The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques](https://www.trendmicro.com/en_us/research/25/c/the-espionage-toolkit-of-earth-alux.html)[Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)](https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability)[Operation HollowQuill: Malware delivered into Russian R-&D Networks via Research Decoy PDFs.](https://www.seqrite.com/blog/operation-hollowquill-russian-rd-networks-malware-pdf/)[UAC-0219: Cyber espionage using PowerShell stealer WRECKSTEEL](https://cert.gov.ua/article/6282902)[White House fires National Security Agency chief](https://www.bbc.com/news/articles/ckgerl183j3o)[Israel Enters ‘Stage 3’ of Cyber Wars With Iran Proxies](https://www.darkreading.com/threat-intelligence/israel-stage-3-cyber-wars-with-iran-proxies)[Poland’s prime minister says cyberattack targeted his party as election nears](https://therecord.media/poland-prime-minister-cyber-targeted)**Cybersecurity**[Fake Passport Generated by ChatGPT Bypasses Security](https://securityexpress.info/fake-passport-generated-by-chatgpt-bypasses-security/)[Apple hit with $162 million French antitrust fine over privacy tool](https://www.reuters.com/technology/french-antitrust-regulator-fines-apple-150-million-euros-over-privacy-tool-2025-03-31/)[GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help](https://github.blog/security/application-security/next-evolution-github-advanced-security/)[TikTok faces €500 million fine for illegally shipping European user data to China — report](https://www.euronews.com/next/2025/04/03/tiktok-faces-500-million-fine-for-illegally-shipping-european-user-data-to-china-report)[Google announces Sec-Gemini v1, a new experimental cybersecurity model](https://security.googleblog.com/2025/04/google-launches-sec-gemini-v1-new.html)[Texas city warns thousands of utility payment site breach](https://therecord.media/texas-city-warns-thousands-of-utility-site-breach)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [**Mastodon**](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**

Related Tags:
CVE-2025-30065

CVE-2025-2825

NAICS: 445 – Food And Beverage Retailers

NAICS: 44 – Retail Trade – Auto

Food

Home

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 71 – Arts

Entertainment

Recreation

NAICS: 923 – Administration Of Human Resource Programs

NAICS: 713 – Amusement

Gambling

Recreation Industries

NAICS: 334 – Computer And Electronic Product Manufacturing

Associated Indicators: