A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.———————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[McDonald’s job app exposes data of 64 Million applicants](https://securityaffairs.com/179840/hacking/mcdonalds-job-app-exposes-data-of-64-million-applicants.html) [Athlete or Hacker? Russian basketball player accused in U.S. ransomware case](https://securityaffairs.com/179831/uncategorized/athlete-or-hacker-russian-basketball-player-accused-in-u-s-ransomware-case.html) [U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/179813/hacking/u-s-cisa-adds-citrix-netscaler-adc-and-gateway-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [UK NCA arrested four people over M-&S, Co-op cyberattacks](https://securityaffairs.com/179806/cyber-crime/uk-nca-arrested-four-people-over-ms-co-op-cyberattacks.html) [PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda](https://securityaffairs.com/179789/hacking/perfektblue-bluetooth-attack-allows-hacking-infotainment-systems-of-mercedes-volkswagen-and-skoda.html) [Qantas data breach impacted 5.7 million individuals](https://securityaffairs.com/179782/data-breach/qantas-data-breach-impacted-5-7-million-individuals.html) [DoNot APT is expanding scope targeting European foreign ministries](https://securityaffairs.com/179774/apt/donot-apt-is-expanding-scope-targeting-european-foreign-ministries.html) [Nippon Steel Solutions suffered a data breach following a zero-day attack](https://securityaffairs.com/179766/data-breach/nippon-steel-solutions-data-breach.html) [Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates](https://securityaffairs.com/179754/malware/iranian-group-pay2key-i2p-ramps-up-ransomware-attacks-against-israel-and-us-with-incentives-for-affiliates.html) [Hackers weaponize Shellter red teaming tool to spread infostealers](https://securityaffairs.com/179745/malware/hackers-weaponize-shellter-red-teaming-tool-to-spread-infostealers.html) [Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day](https://securityaffairs.com/179738/security/microsoft-patch-tuesday-security-updates-for-july-2025-fixed-a-zero-day.html) [Intelligence](https://securityaffairs.com/179730/intelligence/italian-police-arrested-a-chinese-national-suspected-of-cyberespionage-on-a-u-s-warrant.html) [Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant](https://securityaffairs.com/179730/intelligence/italian-police-arrested-a-chinese-national-suspected-of-cyberespionage-on-a-u-s-warrant.html) [U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/179722/hacking/u-s-cisa-adds-mrlg-phpmailer-rails-ruby-on-rails-and-synacor-zimbra-collaboration-suite-flaws-to-its-known-exploited-vulnerabilities-catalog.html) [IT Worker arrested for selling access in $100M PIX cyber heist](https://securityaffairs.com/179706/cyber-crime/it-worker-arrested-for-selling-access-in-100m-pix-cyber-heist.html) [New Batavia spyware targets Russian industrial enterprises](https://securityaffairs.com/179699/malware/new-batavia-spyware-targets-russian-industrial-enterprises.html) [Taiwan flags security risks in popular Chinese apps after official probe](https://securityaffairs.com/179687/security/taiwan-flags-security-risks-in-popular-chinese-apps-after-official-probe.html) [U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/179682/hacking/u-s-cisa-adds-google-chromium-v8-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [Hunters International ransomware gang shuts down and offers free decryption keys to all victims](https://securityaffairs.com/179667/cyber-crime/hunters-international-ransomware-gang-shuts-down-and-offers-free-decryption-keys-to-all-victims.html)**International Press — Newsletter****Cybercrime**[From electrician to pivot of a million-dollar scam in the financial system: find out who is the IT operator who sold passwords to hackers](https://g1.globo.com/sp/sao-paulo/noticia/2025/07/04/ataque-hacker-quem-e-suspeito-de-entregar-acesso-ao-sistema-que-liga-bancos-do-pix.ghtml)[Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack](https://www.securityweek.com/nippon-steel-subsidiary-blames-data-breach-on-zero-day-attack/)[Qantas confirms data breach impacts 5.7 million customers](https://www.bleepingcomputer.com/news/security/qantas-confirms-data-breach-impacts-57-million-customers/)[Retail cyber attacks: NCA arrest four for attacks on M-&S, Co-op and Harrods](https://www.nationalcrimeagency.gov.uk/news/retail-cyber-attacks-nca-arrest-four-for-attacks-on-m-s-co-op-and-harrods)[French police arrest Russian basketball player accused of ransomware: Report](https://techcrunch.com/2025/07/10/french-police-arrest-russian-basketball-player-accused-of-ransomware-report/)[Russian basketball player arrested in France over alleged ransomware ties](https://therecord.media/russian-basketball-player-arrested-in-france-ransomware)**Malware**[Datacarry Ransomware](https://www.ccitic.org/assets/reports/CCITIC_Report_TLP-White_DATACARRY.pdf)[Batavia spyware steals data from Russian organizations](https://securelist.com/batavia-spyware-steals-data-from-russian-organizations/116866/)[Crypto Wallets Continue to be Drained in Elaborate Social Media Scam](https://www.darktrace.com/blog/crypto-wallets-continue-to-be-drained-in-elaborate-social-media-scam)[CoinMiner Attacks Exploiting GeoServer Vulnerability](https://asec.ahnlab.com/en/88917/)[Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach](https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/)**Hacking**[CrowdStrike Researchers Investigate the Threat of Patchless AMSI Bypass Attacks](https://www.crowdstrike.com/en-us/blog/crowdstrike-investigates-threat-of-patchless-amsi-bypass-attacks/)[Reverse Engineering of Security Products: Developing an Advanced Microsoft Defender Tamper Tradecraft — BlackHat MEA 2024 talk](https://www.slideshare.net/slideshow/reverse-engineering-of-security-products-developing-an-advanced-microsoft-defender-tamper-tradecraft-blackhat-mea-2024-talk/281362708)[CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?](https://horizon3.ai/attack-research/attack-blogs/cve-2025-5777-citrixbleed-2-write-up-maybe/)[Taking SHELLTER: a commercial evasion framework abused in- the- wild](https://www.elastic.co/security-labs/taking-shellter)[Malicious pull request infects VS Code extension](https://www.reversinglabs.com/blog/malicious-pull-request-infects-vscode-extension)[CitrixBleed 2 exploitation started mid-June — how to spot it](https://doublepulsar.com/citrixbleed-2-exploitation-started-mid-june-how-to-spot-it-f3106392aa71)[PerfektBlue. 1-click RCE attack](https://perfektblue.pcacybersecurity.com/)[Activision took down Call of Duty game after PC players hacked, says source](https://techcrunch.com/2025/07/08/activision-took-down-call-of-duty-game-after-pc-players-hacked-says-source/)[Would you like an IDOR with that? Leaking 64 million McDonald’s job applications](https://ian.sh/mcdonalds)**Intelligence and Information Warfare**[DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal](https://www.recordedfuture.com/research/drat-v2-updated-drat-emerges-tag-140s-arsenal)[NSB Alerts the Significant Cybersecurity Risks in China-Made Mobile Applications](https://www.nsb.gov.tw/en/#/%E5%85%AC%E5%91%8A%E8%B3%87%E8%A8%8A/%E6%96%B0%E8%81%9E%E7%A8%BF%E6%9A%A8%E6%96%B0%E8%81%9E%E5%8F%83%E8%80%83%E8%B3%87%E6%96%99/2025-07-02/NSB%20Alerts%20the%20Significant%20Cybersecurity%20Risks%20in%20China-Made%20Mobile%20Applications)[Chinese ‘spy’ arrested in Italy on US warrant](https://www.ansa.it/english/newswire/english_service/2025/07/07/ansachinese-spy-arrested-in-italy-on-us-warrant_9f5bbfe6-74ef-4f78-bb1e-fcf01f755652.html)[Sanctions Imposed on DPRK IT Workers Generating Revenue for the Kim Regime](https://home.treasury.gov/news/press-releases/sb0190)[Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates](https://engage.morphisec.com/hubfs/Pay2Key_Iranian_Cyber_Warfare_Targets_the_West_Whitepaper.pdf)[From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities](https://www.trellix.com/blogs/research/from-click-to-compromise-unveiling-the-sophisticated-attack-of-donot-apt-group-on-southern-european-government-entities/)**Cybersecurity**[Why the Revision of the Cybersecurity Act is the Most Consequential Regulatory Development of 2025 (and Beyond)](https://accesspartnership.com/revision-cybersecurity-act-most-consequential-regulatory-development-2025/)[The July 2025 Security Update Review](https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review) [](https://www.securityweek.com/samsung-announces-security-improvements-for-galaxy-smartphones/)[Samsung Announces Security Improvements for Galaxy Smartphones](https://www.securityweek.com/samsung-announces-security-improvements-for-galaxy-smartphones/)[Jack Dorsey launches a WhatsApp messaging rival built on Bluetooth](https://www.cnbc.com/amp/2025/07/07/jack-dorsey-whatsapp-bluetooth.html) [](https://www.theregister.com/2025/07/10/russia_ethical_hacking_bill/)[Russia, hotbed of cybercrime, says nyet to ethical hacking bill](https://www.theregister.com/2025/07/10/russia_ethical_hacking_bill/)[Mitigating CitrixBleed 2 (CVE-2025-5777) NetScaler Memory Disclosure with App -& API Protector](https://www.akamai.com/blog/security-research/mitigating-citrixbleed-memory-vulnerability-ase)[Design Patterns for Securing LLM Agents against Prompt Injections](https://arxiv.org/abs/2506.08837)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, newsletter)
Related Tags:
ControlX
CHROMIUM
Charcoal Typhoon
NAICS: 48 – Transportation
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 481 – Air Transportation
NAICS: 72 – Accommodation And Food Services
NAICS: 517 – Telecommunications
NAICS: 722 – Food Services And Drinking Places
Associated Indicators: