A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Multiple Vulnerabilities in GoSign Desktop lead to Remote Code ExecutionU.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalogCritical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotelyMillions of sites at risk from Imunify360 critical flaw exploitCritical FortiWeb flaw under attack, allowing complete compromiseGermany’s BSI issues guidelines to counter evasion attacks targeting LLMsWashington Post notifies 10,000 individuals affected in Oracle-linked data theftChrome extension “Safery” steals Ethereum wallet seed phrasesA new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnetU.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalogAmazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-daysGoogle sues cybercriminal group Smishing TriadNew Danabot Windows version appears in the threat landscape after May disruptionAustralia’s spy chief warns of China-linked threats to critical infrastructureSynology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UKMicrosoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bugSAP fixed a maximum severity flaw in SQL Anywhere MonitorFantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaSNorth Korea-linked Konni APT used Google Find Hub to erase data and spy on defectorsU.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalogCritical Triofox bug exploited to run malicious payloads via AV configurationGlassWorm malware has resurfaced on the Open VSX registryDenmark and Norway investigate Yutong bus security flaw amid rising tech fearsAgentic AI in Cybersecurity: Beyond Triage to Strategic Threat HuntingNine NuGet packages disrupt DBs and industrial systems with time-delayed payloadsQNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025AI chat privacy at risk: Microsoft details Whisper Leak side-channel attackInternational Press – NewsletterCybercrimePhishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and CustomersRoman Novak, a crypto fraudster, and his wife were killed in the UAE Yanluowang initial access broker pleaded guilty to ransomware attacksMan and woman jailed for their roles in multibillion-pound fraudulent Bitcoin scheme Google sues cybercriminal group behind E-ZPass, USPS text phishing scams The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign End of the game for cybercrime infrastructure: 1025 servers taken down Thousands of Domains Target Hotel Guests in Massive Phishing CampaignNew Scam Center Strike Force Battles Southeast Asian Crypto Investment Fraud Targeting Americans Malware9 Malicious NuGet Packages Deliver Time-Delayed Destructive PayloadsQ3 2025 Ransomware ReportFantasy Hub: Another Russian Based RAT as M-a-a-S Unleashing the Kraken ransomware group Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover HackingWhisper Leak: A novel side-channel attack on remote language models No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480 Dangerous runC flaws could allow hackers to escape Docker containersCISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login AttacksSuspected Fortinet zero-day exploited in the wildCritical Vulnerability in Fortinet FortiWeb Exploited in the Wild Critical: Remote Code Execution via Malicious Obfuscated Malware in Imunify360 AV (AI-bolit) Multiple Vulnerabilities in GoSign Desktop leads to Remote Code Execution Intelligence and Information WarfareSamsung Spyware Attack — Critical Landfall 0-Day Exploited Australia Sanctions Hackers Supporting North Korea’s Weapons Program Top US Army General Says He’s Letting ChatGPT Make Military DecisionsState-Sponsored Remote Wipe Tactics Targeting Android Devices Why a lot of people are getting hacked with government spyware It’s time to reckon with the geopolitics of artificial intelligence Amazon discovers APT exploiting Cisco and Citrix zero-daysDisrupting the first reported AI-orchestrated cyber espionage campaign Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government TargetsContagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery Justice Department Announces Nationwide Actions to Combat Illicit North Korean Government Revenue GenerationCybersecurityFearing vulnerability to China, Europe has a new worry: Electric buses ENISA Sectorial Threat Landscape – Public AdministrationMeta is earning a fortune on a deluge of fraudulent ads, documents show Drilling Down on Uncle Sam’s Proposed TP-Link Ban The November 2025 Security Update Review Firefox expands fingerprint protections: advancing towards a more private web Evasion Attacks on LLMs – Countermeasures in PracticeElon Musk’s X botched its security key switchover, locking users outCISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)