A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.———————————————————————————————————————————————————–Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.[China-linked hackers target U.S. non-profit in long-term espionage campaign](https://securityaffairs.com/184351/apt/china-linked-hackers-target-u-s-non-profit-in-long-term-espionage-campaign.html) [A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem](https://securityaffairs.com/184340/security/a-new-italian-citizen-was-targeted-with-paragons-graphite-spyware-we-have-a-serious-problem.html) [LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks](https://securityaffairs.com/184331/security/landfall-spyware-exploited-samsung-zero-day-cve-2025-21042-in-middle-east-attacks.html) [Cisco fixes critical UCCX flaw allowing Root command execution](https://securityaffairs.com/184321/security/cisco-fixes-critical-uccx-flaw-allowing-root-command-execution.html) [Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems](https://securityaffairs.com/184303/apt/russia-linked-apt-inedibleochotense-impersonates-eset-to-deploy-backdoor-on-ukrainian-systems.html) [Clop Ransomware group claims the breach of The Washington Post](https://securityaffairs.com/184304/cyber-crime/clop-ransomware-group-claims-the-breach-of-the-washington-post.html) [Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices](https://securityaffairs.com/184290/security/cisco-became-aware-of-a-new-attack-variant-against-secure-firewall-asa-and-ftd-devices.html) [Google sounds alarm on self-modifying AI malware](https://securityaffairs.com/184275/malware/google-sounds-alarm-on-self-modifying-ai-malware.html) [Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs](https://securityaffairs.com/184268/hacking/alleged-russia-linked-curly-comrades-exploit-windows-hyper-v-to-evade-edrs.html) [SonicWall blames state-sponsored hackers for September security breach](https://securityaffairs.com/184258/security/sonicwall-blames-state-sponsored-hackers-for-september-security-breach.html) [U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program](https://securityaffairs.com/184249/laws-and-regulations/u-s-sanctioned-north-korea-bankers-for-laundering-funds-linked-to-cyberattacks-and-peapons-program.html) [Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks](https://securityaffairs.com/184240/cyber-crime/former-cybersecurity-employees-attempted-to-extort-five-u-s-companies-in-2023-using-blackcat-ransomware-attacks.html) [U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/184226/security/u-s-cisa-adds-gladinet-centrestack-and-cwp-control-web-panel-flaws-to-its-known-exploited-vulnerabilities-catalog.html) [Nine arrested in €600M crypto laundering bust across Europe](https://securityaffairs.com/184215/cyber-crime/nine-arrested-in-e600m-crypto-laundering-bust-across-europe.html) [Google fixed a critical remote code execution in Android](https://securityaffairs.com/184208/security/google-fixed-a-critical-remote-code-execution-in-android.html) [SesameOp: New backdoor exploits OpenAI API for covert C2](https://securityaffairs.com/184197/malware/sesameop-new-backdoor-exploits-openai-api-for-covert-c2.html) [Google Big Sleep found five vulnerabilities in Safari](https://securityaffairs.com/184184/security/google-big-sleep-found-five-vulnerabilities-in-safari.html) [Crooks exploit RMM software to hijack trucking firms and steal cargo](https://securityaffairs.com/184171/cyber-crime/crooks-exploit-rmm-software-to-hijack-trucking-firms-and-steal-cargo.html) [Jabber Zeus developer ‘MrICQ’ extradited to US from Italy](https://securityaffairs.com/184158/cyber-crime/jabber-zeus-developer-mricq-extradited-to-us-from-italy.html) [Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid](https://securityaffairs.com/184149/security/chrome-142-released-two-high-severity-v8-flaws-fixed-100k-in-rewards-paid.html) [Android Apps misusing NFC and HCE to steal payment data on the rise](https://securityaffairs.com/184130/security/android-apps-misusing-nfc-and-hce-to-steal-payment-data-on-the-rise.html) [Conduent January 2025 breach impacts 10M+ people](https://securityaffairs.com/184128/data-breach/conduent-january-2025-breach-impacts-10m-people.html)**International Press — Newsletter****Cybercrime**[Remote access, real cargo: cybercriminals targeting trucking and logistics](https://www.proofpoint.com/us/blog/threat-insight/remote-access-real-cargo-cybercriminals-targeting-trucking-and-logistics)[Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody](https://krebsonsecurity.com/2025/11/alleged-jabber-zeus-coder-mricq-in-u-s-custody/)[Decisive actions against cryptocurrency scammers earning over EUR 600 million](https://www.eurojust.europa.eu/news/decisive-actions-against-cryptocurrency-scammers-earning-over-eur-600-million)[Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers](https://techcrunch.com/2025/11/03/lawmakers-say-stolen-police-logins-are-exposing-flock-surveillance-cameras-to-hackers/)[Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/scattered-lapsuss-hunters-anatomy-of-a-federated-cybercriminal-brand/)[Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says](https://chicago.suntimes.com/the-watchdogs/2025/11/02/crytpo-cryptocurrency-crime-chicago-digital-mint-ransom-ransomware-hack)[INSIDE LOCKBIT 5.0: AN EXCLUSIVE INTERVIEW WITH THE NEW INSTANCE OF THE WORLD’S MOST INFAMOUS RANSOMWARE BRAND](https://hackmanac.com/news/inside-lockbit-5-0-an-exclusive-interview)[How a ransomware gang encrypted Nevada government’s systems](https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/)**Malware**[SesameOp: Novel backdoor uses OpenAI Assistants API for command and control](https://www.microsoft.com/en-us/security/blog/2025/11/03/sesameop-novel-backdoor-uses-openai-assistants-api-for-command-and-control/)[Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector](https://cyble.com/blog/weaponized-military-documents-deliver-backdoor/)[Gootloader Returns: What Goodies Did They Bring?](https://www.huntress.com/blog/gootloader-threat-detection-woff2-obfuscation)[LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices](https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/)**Hacking**[Exploiting Trust in Collaboration: Microsoft Teams Vulnerabilities Uncovered](https://blog.checkpoint.com/research/exploiting-trust-in-collaboration-microsoft-teams-vulnerabilities-uncovered/)[HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage](https://www.tenable.com/blog/hackedgpt-novel-ai-vulnerabilities-open-the-door-for-private-data-leakage)[Cisco Event Response: Continued Attacks Against Cisco Firewalls](https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks)[LLM-goat](https://www.secforce.com/llm-goat/)[The most advanced ClickFix yet?](https://pushsecurity.com/blog/the-most-advanced-clickfix-yet/)**Intelligence and Information Warfare**[DPRK’s Playbook: Kimsuky’s HttpTroy and Lazarus’s New BLINDINGCAN Variant](https://www.gendigital.com/blog/insights/research/dprk-kimsuky-lazarus-analysis)[Disrupting Illicit DPRK Bankers and Institutions Laundering Cybercrime and IT Worker Funds](https://www.state.gov/releases/office-of-the-spokesperson/2025/11/disrupting-illicit-dprk-bankers-and-institutions-laundering-cybercrime-and-it-worker-funds/)[Preparing for Threats to Come: Cybersecurity Forecast 2026](https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2026)[Sonicwall: Cloud Backup Security Incident Investigation Complete and Strengthened Cyber Resilience](https://www.sonicwall.com/blog/cloud-backup-security-incident-investigation-complete-and-strengthened-cyber-resilience)[Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines](https://businessinsights.bitdefender.com/curly-comrades-evasion-persistence-hidden-hyper-v-virtual-machines)[ESET APT Activity Report Q2 2025–Q3 2025](https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q2-2025-q3-2025/)[Italian communications executive reveals he was targeted with Paragon spyware](https://therecord.media/italy-comms-exec-spyware)[China-linked Actors Maintain Focus on Organizations Influencing U.S. Policy](https://www.security.com/threat-intelligence/china-apt-us-policy)[Russian Cybercrime -& State Militarization](https://analyst1.com/russian-cybercrime-state-militarization/)**Cybersecurity**[**Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities**](https://www.securityweek.com/google-pays-100000-in-rewards-for-two-chrome-vulnerabilities/)[**Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit**](https://thehackernews.com/2025/11/googles-ai-big-sleep-finds-5-new.html)**Follow me on Twitter:** [**@securityaffairs**](https://twitter.com/securityaffairs)**and** [**Facebook**](https://www.facebook.com/sec.affairs)**and** [**Mastodon**](https://infosec.exchange/@securityaffairs)[**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, newsletter)**
Related Tags:
Gootloader
Strawberry Tempest
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 517 – Telecommunications
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 522 – Credit Intermediation And Related Activities
Associated Indicators: