A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.———————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[Kidney dialysis firm DaVita confirms ransomware attack compromised data of 2.7M people](https://securityaffairs.com/181458/data-breach/kidney-dialysis-firm-davita-confirms-ransomware-attack-compromised-data-of-2-7m-people.html) [China-linked Silk Typhoon APT targets North America](https://securityaffairs.com/181453/apt/china-linked-silk-typhoon-apt-targets-north-america.html) [Over 300 entities hit by a variant of Atomic macOS Stealer in recent campaign](https://securityaffairs.com/181441/malware/over-300-entities-hit-by-a-variant-of-atomic-macos-stealer-in-recent-campaign.html) [Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M](https://securityaffairs.com/181434/cyber-crime/operation-serengeti-2-0-interpol-nabs-1209-cybercriminals-in-africa-seizes-97m.html) [After SharePoint attacks, Microsoft stops sharing PoC exploit code with China](https://securityaffairs.com/181430/security/after-sharepoint-attacks-microsoft-stops-sharing-poc-exploit-code-with-china.html) [Former developer jailed after deploying kill-switch malware at Ohio firm](https://securityaffairs.com/181422/cyber-crime/former-developer-jailed-after-deploying-kill-switch-malware-at-ohio-firm.html) [Colt Discloses Breach After Warlock Ransomware Group Puts Files Up for Sale](https://securityaffairs.com/181412/data-breach/colt-discloses-breach-after-warlock-ransomware-group-puts-files-up-for-sale.html) [U.S. CISA adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/181406/security/u-s-cisa-adds-apple-ios-ipados-and-macos-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [Orange Belgium July data breach impacted 850,000 customers](https://securityaffairs.com/181399/data-breach/orange-belgium-july-data-breach-impacted-850000-customers.html) [Apple addressed the seventh actively exploited zero-day](https://securityaffairs.com/181394/security/apple-addressed-the-seventh-actively-exploited-zero-day.html) [Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection](https://securityaffairs.com/181356/malware/hackers-deploy-dripdropper-via-apache-activemq-flaw-patch-systems-to-evade-detection.html) [A Scattered Spider member gets 10 years in prison](https://securityaffairs.com/181383/cyber-crime/a-scattered-spider-member-gets-10-years-in-prison.html) [FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage](https://securityaffairs.com/181347/intelligence/fbi-russia-linked-group-static-tundra-exploit-old-cisco-flaw-for-espionage.html) [US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin](https://securityaffairs.com/181363/security/us-cert-cc-warns-of-flaws-in-workhorse-software-accounting-software-used-by-hundreds-of-municipalities-in-wisconsin.html) [Britain targets Kyrgyz financial institutions, crypto networks aiding Kremlin](https://securityaffairs.com/181375/laws-and-regulations/britain-targets-kyrgyz-financial-institutions-crypto-networks-aiding-kremlin.html) [DOJ takes action against 22-year-old running RapperBot Botnet](https://securityaffairs.com/181342/cyber-crime/doj-takes-action-against-22-year-old-running-rapperbot-botnet.html) [Google fixed Chrome flaw found by Big Sleep AI](https://securityaffairs.com/181338/security/google-fixed-chrome-flaw-found-by-big-sleep-ai.html) [Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack](https://securityaffairs.com/181311/data-breach/pharmaceutical-firm-inotiv-discloses-ransomware-attack-qilin-group-claims-responsibility-for-the-hack.html) [A hacker tied to Yemen Cyber Army gets 20 months in prison](https://securityaffairs.com/181320/cyber-crime/a-hacker-tied-to-yemen-cyber-army-gets-20-months-in-prison.html) [Exploit weaponizes SAP NetWeaver bugs for full system compromise](https://securityaffairs.com/181325/security/exploit-weaponizes-sap-netweaver-bugs-for-full-system-compromise.html) [Noodlophile Stealer evolution](https://securityaffairs.com/181236/cyber-crime/noodlophile-stealer-evolution.html) [Allianz Life security breach impacted 1.1 million customers](https://securityaffairs.com/181294/data-breach/allianz-life-security-breach-impacted-1-1-million-customers.html) [Analyzing evolution of the PipeMagic malware](https://securityaffairs.com/181286/breaking-news/analyzing-evolution-of-the-pipemagic-malware.html) [U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/181283/hacking/u-s-cisa-adds-trend-micro-apex-one-flaw-to-its-known-exploited-vulnerabilities-catalog.html) [AI for Cybersecurity: Building Trust in Your Workflows](https://securityaffairs.com/181278/security/ai-for-cybersecurity-building-trust-in-your-workflows.html) [Human resources firm Workday disclosed a data breach](https://securityaffairs.com/181271/data-breach/human-resources-firm-workday-disclosed-a-data-breach.html) [DoJ seizes $2.8M linked to Zeppelin Ransomware](https://securityaffairs.com/181237/cyber-crime/doj-seizes-2-8m-linked-to-zeppelin-ransomware.html) [Xerox fixed path traversal and XXE bugs in FreeFlow Core](https://securityaffairs.com/181243/security/xerox-fixed-path-traversal-and-xxe-bugs-in-freeflow-core.html) [Colt Technology faces multi-day outage after WarLock ransomware attack](https://securityaffairs.com/181247/data-breach/colt-technology-faces-multi-day-outage-after-warlock-ransomware-attack.html)**International Press — Newsletter****Cybercrime**[Justice Department Announces Seizure of Over $2.8 Million in Cryptocurrency, Cash, and other Assets](https://www.justice.gov/opa/pr/justice-department-announces-seizure-over-28-million-cryptocurrency-cash-and-other-assets)[Colt Telecom attack claimed by WarLock ransomware, data up for sale](https://www.bleepingcomputer.com/news/security/colt-telecom-attack-claimed-by-warlock-ransomware-data-up-for-sale/)[Serial hacker who defaced official websites is sentenced](https://www.nationalcrimeagency.gov.uk/news/serial-hacker-who-defaced-official-websites-is-sentenced)[Oregon man charged with administering ‘Rapper Bot’ DDoS-for-hire Botnet](https://www.justice.gov/usao-ak/pr/oregon-man-charged-administering-rapper-bot-ddos-hire-botnet)[Fraud-as-a-Service: The Rising Threat to Africa’s Digital Future](https://sumsub.com/media/spotlight/fraud-as-a-service-in-africa/)[SIM-Swapper, Scattered Spider Hacker Gets 10 Years](https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/)[Colt confirms customer data stolen as Warlock ransomware auctions files](https://www.bleepingcomputer.com/news/security/colt-confirms-customer-data-stolen-as-warlock-ransomware-auctions-files/)[Chinese National Who Deployed ‘Kill Switch’ Code on Employer’s Network Sentenced to Four Years in Prison](https://www.justice.gov/opa/pr/chinese-national-who-deployed-kill-switch-code-employers-network-sentenced-four-years-prison)[African authorities dismantle massive cybercrime and fraud networks, recover millions](https://www.interpol.int/en/News-and-Events/News/2025/African-authorities-dismantle-massive-cybercrime-and-fraud-networks-recover-millions)[Europol confirms $50,000 Qilin ransomware reward is fake](https://www.bleepingcomputer.com/news/security/europol-confirms-that-qilin-ransomware-reward-is-fake/)**Malware**[Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak](https://hunt.io/blog/ermac-v3-banking-trojan-source-code-leak)[Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824](https://securelist.com/pipemagic/117270/)[Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints](https://www.morphisec.com/blog/noodlophile-stealer-evolves-targeted-copyright-phishing-hits-enterprises-with-social-media-footprints/)[GodRAT — New RAT targeting financial institutions](https://securelist.com/godrat/117119/)[Preventing Domain Resurrection Attacks](https://blog.pypi.org/posts/2025-08-18-preventing-domain-resurrections/)**Hacking**[From Support Ticket to Zero Day](https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/)[New Exploit for Critical SAP Vulnerability CVE-2025-31324 Released in the Wild](https://onapsis.com/blog/new-exploit-for-cve-2025-31324/)[Hijacked Satellites and Orbiting Space Weapons: In the 21st Century, Space Is the New Battlefield](https://www.securityweek.com/hijacked-satellites-and-orbiting-space-weapons-in-the-21st-century-space-is-the-new-battlefield/)[Google says its AI-based bug hunter found 20 security vulnerabilities](https://techcrunch.com/2025/08/04/google-says-its-ai-based-bug-hunter-found-20-security-vulnerabilities/)[‘Scamlexity’ We Put Agentic AI Browsers to the Test — They Clicked, They Paid, They Failed](https://guard.io/labs/scamlexity-we-put-agentic-ai-browsers-to-the-test-they-clicked-they-paid-they-failed)[Brazil: 121,981 files were exposed without security on a server containing health documents](https://medium.com/@newschu.substack.com/brazil-121-981-files-were-exposed-without-security-on-a-server-containing-health-documents-50dee9f31bb1)[DOM-based Extension Clickjacking: Your Password Manager Data at Risk](https://marektoth.com/blog/dom-based-extension-clickjacking/)[Scattered Spider: A Threat Profile](https://www.flashpoint.io/blog/scattered-spider-threat-profile/)[Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks](https://thehackernews.com/2025/08/apple-patches-cve-2025-43300-zero-day.html)**Intelligence and Information Warfare**[Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices](https://blog.talosintelligence.com/static-tundra/)[Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure](https://www.ic3.gov/PSA/2025/PSA250820)[Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code](https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/)[MURKY PANDA: A Trusted-Relationship Threat in the Cloud](https://www.crowdstrike.com/en-us/blog/murky-panda-trusted-relationship-threat-in-cloud/)[APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files](https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/)**Cybersecurity**[HR giant Workday discloses data breach amid Salesforce attacks](https://www.bleepingcomputer.com/news/security/hr-giant-workday-discloses-data-breach-amid-salesforce-attacks/)[Allianz Life data breach affects 1.1 million customers](https://techcrunch.com/2025/08/18/allianz-life-data-breach-affects-1-1-million-customers/)[U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback](https://thehackernews.com/2025/08/uk-government-drops-apple-encryption.html)[Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data](https://www.securityweek.com/flaws-in-software-used-by-hundreds-of-cities-and-towns-exposed-sensitive-data/)[Orange Belgium informs its customers about a cyberattack](https://corporate.orange.be/en/node/57971)[Hackers who exposed North Korean government hacker explain why they did it](https://techcrunch.com/2025/08/21/hackers-who-exposed-north-korean-government-hacker-explain-why-they-did-it/)Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, newsletter)
Related Tags:
CVE-2025-31324
CVE-2025-29824
Silk Typhoon
Storm-0875
Octo Tempest
NAICS: 524 – Insurance Carriers And Related Activities
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 517 – Telecommunications
NAICS: 541 – Professional
Scientific
Technical Services
Associated Indicators: