A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.LangChain core vulnerability allows prompt injection and data exposureNPM package with 56,000 downloads compromises WhatsApp accountsTrust Wallet warns users to update Chrome extension after $7M security lossPro-Russian group Noname057 claims cyberattack on La Poste servicesAflac confirms June data breach affecting over 22 million customersSpotify cracks down on unlawful scraping of 86 million songsFive-year-old Fortinet FortiOS SSL VPN vulnerability actively exploitedHigh-severity MongoDB flaw CVE-2025-14847 could lead to server takeoverFBI seized ‘web3adspanels.org’ hosting stolen loginsU.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concernsItalian regulator rules Apple’s ATT feature limits competitionLa Poste outage after a cyber attack disrupts digital banking and online servicesRed Hat GitLab breach exposes data of 21,000 Nissan customersCritical n8n flaw could enable arbitrary code executionWhy Third-Party Access Remains the Weak Link in Supply Chain SecurityU.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalogRomanian Waters confirms cyberattack, critical water operations unaffectedUkrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.Infy Returns: Iran-linked hacking group shows renewed activityUniversity of Sydney discloses a data breach impacting 27,000 peopleWaymo suspends service after power outage hit San FranciscoMassive Android botnet Kimwolf infects millions, strikes with DDoSInternational Press – NewsletterCybercrimeUkrainian National Pleads Guilty to Conspiracy to Use Ransomware Romanian water authority hit by ransomware attack over weekend Cybercrime Magazine. Cybercrime To Cost The World $12.2 Trillion Annually By 2031 Chinese Crypto Scammers on Telegram Are Fueling the Biggest Darknet Markets Ever574 arrests and USD 3 million recovered in coordinated cybercrime operation across Africa Justice Department Announces Seizure of Stolen-Password Database Used in Bank Account Takeover Fraud From Dark Web Pages to Blockchain Trails: The Red Room Case TRM Traces Stolen Crypto from 2022 LastPass Breach — On-chain Indicators Suggest Russian Cybercriminal Involvement Trust Wallet confirms extension hack led to $7 million crypto theft MalwareChoose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in UzbekistanFrom Linear to Complex: An Upgrade in RansomHouse Encryption NPM Package With 56K Downloads Caught Stealing WhatsApp Messages Malicious Chrome Extensions “Phantom Shuttle” Masquerade as a VPN to Intercept Traffic and Exfiltrate Credentials HackingCVE-2025-7771: Exploiting a Signed Kernel Driver in a Red Team Operation Flaw in photo booth maker’s website exposes customers’ pictures Pro-Russian hackers claim cyberattack on French postal service Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283 Critical LangChain Core Vulnerability Exposes Secrets via Serialization InjectionAll I Want for Christmas is Your Secrets: LangGrinch hits LangChain Core (CVE-2025-68664) Forensic Insights into an EDR Freeze Attack Intelligence and Information WarfarePrince of Persia: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope The APT35 Dump Episode 4: Leaking The Backstage Pass To An Iranian Intelligence OperationOperation Artemis: Analysis of HWP-Based DLL Side Loading Attacks Intellexa’s Global Corporate WebNorth Korea and the Industrialization of Cryptocurrency Theft Breaking the Final Frontier: Cyber Operations Against the Space Sector Meet the team that investigates when journalists and activists get hacked with government spyware CybersecurityDecember 22 Advisory: Critical n8n Vulnerability Allows Remote Code Execution [CVE-2025-68613]Red Hat Confirms GitLab Instance Hack, Data Theft France’s postal service disrupted by suspected cyberattack Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store CompetitionFCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security RisksSpotify investigates data breach, after pirate group claims it ‘scraped’ its music library More than 22 million Aflac customers impacted by June data breachHacks, thefts, and disruption: The worst data breaches of 2025 Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)