A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.—————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[A ransomware attack forced New York Blood Center to reschedule appointments](https://securityaffairs.com/173702/cyber-crime/new-york-blood-center-faced-ransomware-attack.html) [Contec CMS8000 patient monitors contain a hidden backdoor](https://securityaffairs.com/173694/security/cisa-fda-warned-hidden-backdoor-in-contec-cms8000.html) [Community Health Center data breach impacted over 1 million patients](https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html) [Italy’s data protection authority Garante blocked the DeepSeek AI platform](https://securityaffairs.com/173680/security/italys-data-protection-authority-garante-blocked-deepseek.html) [Broadcom fixed information disclosure flaws in VMware Aria Operations](https://securityaffairs.com/173677/security/vmware-aria-operations-flaws.html) [DeepSeek database exposed highly sensitive information](https://securityaffairs.com/173666/data-breach/deepseek-db-exposed-highly-sensitive-information.html) [TeamViewer fixed a vulnerability in Windows client and host applications](https://securityaffairs.com/173658/security/teamviewer-windows-client-flaw.html) [Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites](https://securityaffairs.com/173651/cyber-crime/operation-talent-seized-cracked-nulled-cybercrime-websites.html) [PHP package Voyager flaws expose to one-click RCE exploits](https://securityaffairs.com/173646/hacking/php-package-voyager-flaws.html) [Italy’s Data Protection Authority Garante requested information from Deepseek](https://securityaffairs.com/173637/digital-id/italys-garante-requested-information-from-deepseek.html) [U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173622/hacking/us-cisa-adds-apple-products-flaw-known-exploited-vulnerabilities-catalog.html) [Aquabot variant v3 targets Mitel SIP phones](https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html) [Critical remote code execution bug found in Cacti framework](https://securityaffairs.com/173597/security/critical-rce-cacti-framework.html) [Attackers actively exploit a critical zero-day in Zyxel CPE Series devices](https://securityaffairs.com/173589/hacking/zyxel-cpe-series-devices-cve-2024-40891-exploited.html) [Attackers exploit SimpleHelp RMM Software flaws for initial access](https://securityaffairs.com/173578/security/attackers-exploit-simplehelp-rmm-software-flaws.html) [VMware fixed a flaw in Avi Load Balancer](https://securityaffairs.com/173569/security/vmware-fixed-avi-load-balancer-flaw.html) [Ransomware attack on ENGlobal compromised personal information](https://securityaffairs.com/173566/cyber-crime/englobal-disclosed-a-ransomware-attack.html) [EU announced sanctions on three members of Russia’s GRU Unit 29155](https://securityaffairs.com/173555/security/eu-sanctions-russias-gru-unit-29155.html) [Chinese AI platform DeepSeek faced a ‘large-scale’ cyberattack](https://securityaffairs.com/173546/security/chinese-ai-platform-deepseek-faced-a-large-scale-cyberattack.html) [Apple fixed the first actively exploited zero-day of 2025](https://securityaffairs.com/173536/hacking/apple-fixed-the-first-zero-day-vulnerability-of-2025.html) [TalkTalk confirms data breach involving a third-party platform](https://securityaffairs.com/173526/cyber-crime/talktalk-confirms-data-breach.html) [Multiple Git flaws led to credentials compromise](https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html) [GamaCopy targets Russia mimicking Russia-linked Gamaredon APT](https://securityaffairs.com/173501/apt/gamacopy-mimics-russia-linked-gamaredon-apt.html) [ESXi ransomware attacks use SSH tunnels to avoid detection](https://securityaffairs.com/173487/cyber-crime/esxi-ransomware-attacks-use-ssh-tunnels-to-avoid-detection.html) [Attackers allegedly stole $69 million from cryptocurrency platform Phemex](https://securityaffairs.com/173478/digital-id/cryptocurrency-platform-phemex-cyber-heist.html) [Change Healthcare data breach exposed the private data of over half the U.S.](https://securityaffairs.com/173467/data-breach/change-healthcare-data-breach-190m-people.html) [Cisco warns of a ClamAV bug with PoC exploit](https://securityaffairs.com/173446/uncategorized/cisco-fixed-clamav-dos-flaw.html)**International Press — Newsletter****Cybercrime**[UnitedHealth Estimates Change Healthcare Hack Impacted About 190 Million People](https://www.wsj.com/articles/unitedhealth-estimates-change-healthcare-hack-impacted-about-190-million-people-9564533c)[TalkTalk investigating data breach after hacker claims theft of customer data](https://techcrunch.com/2025/01/27/talktalk-investigating-data-breach-after-hacker-claims-theft-of-customer-data/)[Law enforcement takes down two largest cybercrime forums in the world](https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-takes-down-two-largest-cybercrime-forums-in-world)[New York Blood Center Enterprises Cybersecurity Incident Update](https://www.nybce.org/news/articles/cyber/)[Cybercrime websites selling hacking tools to transnational organized crime groups seized](https://www.justice.gov/usao-sdtx/pr/cybercrime-websites-selling-hacking-tools-transnational-organized-crime-groups-seized)[Indian tech giant Tata Technologies hit by ransomware attack](https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/)**Malware**[ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling](https://www.sygnia.co/blog/esxi-ransomware-ssh-tunneling-defense-strategies/)[MintsLoader: StealC and BOINC Delivery](https://www.esentire.com/blog/mintsloader-stealc-and-boinc-delivery)[Active Exploitation: New Aquabot Variant Phones Home](https://www.akamai.com/blog/security-research/2025-january-new-aquabot-mirai-variant-exploiting-mitel-phones)[How we kept the Google Play -& Android app ecosystems safe in 2024](https://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html)**Hacking**[RANsacked Cellular Security](https://cellularsecurity.org/ransacked)[CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack](https://www.oligo.security/blog/cve-2024-50050-critical-vulnerability-in-meta-llama-llama-stack)[Clone2Leak: Your Git Credentials Belong To Us](https://flatt.tech/research/posts/clone2leak-your-git-credentials-belong-to-us/)[Apple fixes this year’s first actively exploited zero-day bug](https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/)[DeepSeek R1 Exposed: Security Flaws in China’s AI Model](https://www.kelacyber.com/blog/deepseek-r1-security-flaws/)[Arctic Wolf Observes Campaign Exploiting SimpleHelp RMM Software for Initial Access](https://arcticwolf.com/resources/blog-uk/arctic-wolf-observes-campaign-exploiting-simplehelp-rmm-software-initial-access/)[Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891)](https://www.greynoise.io/blog/active-exploitation-of-zero-day-zyxel-cpe-vulnerability-cve-2024-40891)[CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis — Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/)[The Tainted Voyage: Uncovering Voyager’s Vulnerabilities](https://www.sonarsource.com/blog/the-tainted-voyage-uncovering-voyagers-vulnerabilities/)[Browser Syncjacking: How Any Browser Extension can Be Used to Takeover Your Device](https://labs.sqrx.com/browser-syncjacking-cc602ea0cbd0)**Intelligence and Information Warfare**[Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia](https://medium.com/@knownsec404team/love-and-hate-under-war-the-gamacopy-organization-which-imitates-the-russian-gamaredon-uses-560ba5e633fa)[Climate Misinformation Is Social Media’s Biggest Issue — And It’s About to Get Way Worse](https://www.inverse.com/science/climate-misinformation-social-media-issues)[Cyber-attacks: three individuals added to EU sanctions list for malicious cyber activities against Estonia](https://www.consilium.europa.eu/en/press/press-releases/2025/01/27/cyber-attacks-three-individuals-added-to-eu-sanctions-list-for-malicious-cyber-activities-against-estonia/)[AI and security: Safeguarding users and strengthening national security](https://blog.google/technology/safety-security/ai-and-security-safeguarding-users-and-strengthening-national-security/)[Operation Phantom Circuit](https://securityscorecard.com/wp-content/uploads/2025/01/Operation-Phantom-Circuit-Report_012725_03.pdf)[WhatsApp says journalists and civil society members were targets of Israeli spyware](https://www.theguardian.com/technology/2025/jan/31/whatsapp-israel-spyware)**Cybersecurity**[OpenAI ‘reviewing’ allegations that its AI models were used to make DeepSeek](https://www.theguardian.com/technology/2025/jan/29/openai-chatgpt-deepseek-china-us-ai-models)[MGM Resorts settles lawsuits after millions of customer records stolen in data breaches](https://techcrunch.com/2025/01/29/mgm-resorts-settles-lawsuits-after-millions-of-customer-records-stolen-in-data-breaches/)[Google to kill Chrome Sync on older Chrome browser versions](https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/)[Italian regulator asks DeepSeek for information about data collection](https://therecord.media/italian-regulator-deepseek-info-collection) [](https://www.securityweek.com/us-cyber-agencys-future-role-in-elections-remains-murky-under-the-trump-administration/)[US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration](https://www.securityweek.com/us-cyber-agencys-future-role-in-elections-remains-murky-under-the-trump-administration/)[Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics](https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/)[Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History](https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak)[Cybersecurity Vulnerabilities with Certain Patient Monitors from Contec and Epsimed: FDA Safety Communication](https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication)Follow me on Twitter: [**@securityaffairs**](https://twitter.com/securityaffairs) and [**Facebook**](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**(** [**SecurityAffairs**](http://securityaffairs.co/wordpress/)**–** **hacking, newsletter)**
Related Tags:
CVE-2024-50050
CVE-2024-49138
Playcrypt
Play
NAICS: 921 – Executive
Legislative
Other General Government Support
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 72 – Accommodation And Food Services
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 517 – Telecommunications
Associated Indicators: