A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC releaseAuthorities released free decryptor for Phobos and 8base ransomwareAnne Arundel Dermatology data breach impacts 1.9 million peopleLameHug: first AI-Powered malware linked to Russia’s APT285 Features Every AI-Powered SOC Platform Needs in 2025Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolenUnited Natural Foods Expects $400M revenue impact from June cyber attackCisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 SeverityUNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operationsOperation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard networkFormer US Army member confesses to Telecom hack and extortion conspiracyCVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assaultU.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalogAndroid Malware Konfety evolves with ZIP manipulation and dynamic loadingBelk hit by May cyberattack: DragonForce stole 150GB of dataNorth Korea-linked actors spread XORIndex malware via 67 malicious npm packagesFBI seized multiple piracy sites distributing pirated video gamesAn attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distanceInterlock ransomware group deploys new PHP-based RAT via FileFixGlobal Louis Vuitton data breach impacts UK, South Korea, and TurkeyExperts uncover critical flaws in Kigen eSIM technology affecting billionsSpain awarded €12.3 million in contracts to HuaweiPatch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWebWing FTP Server flaw actively exploited shortly after technical details were made publicInternational Press – NewsletterCybercrimeHacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment Louis Vuitton Data Breach Hits Customers in Several CountriesRomania arrests 13 in phishing scam targeting British tax office CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call CenterBaitTrap – The rise of baiting news sites behind online investment fraudFBI Atlanta Seizes Major Video Game Piracy WebsitesGLOBAL GROUP: Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their AffiliatesFormer U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies Global operation targets NoName057(16) pro-Russian cybercrime network Ransomware Group Claims to Have Stolen Data of 600,000 North Country HealthCare Patients Hackers are trying to steal passwords and sensitive data from users of Signal clone Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in ChinaMalwareKongTuke FileFix Leads to New Interlock RAT Variant Code highlighting with Cursor AI for $500,000The Linuxsys Cryptominer From a Teams Call to a Ransomware Threat: Matanbuchus 3.0 MaaS Levels UpUnmasking AsyncRAT: Navigating the labyrinth of forksNew Phobos and 8base ransomware decryptor recover files for freeHackingeSIM security Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild Pre-Auth SQL Injection to RCE – Fortinet FortiWeb Fabric Connector (CVE-2025-25257) FileFix (Part 2)End-of-Train and Head-of-Train Remote Linking Protocol CVE-2025-47943: Stored XSS in Gogs via PDFOngoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor VMware fixes four ESXi zero-day bugs exploited at Pwn2Own BerlinChinese authorities are using a new tool to hack seized phones and extract data Zero-Day Threat Mitigation via Deep Learning in Cloud EnvironmentsJuly 16 Advisory: Pre-Auth SQL Injection Leads to RCE in Fortinet FortiWeb [CVE-2025-25257]Flaw in Signal App Clone Could Leak Passwords — GreyNoise Identifies Active Reconnaissance and Exploit Attempts CitrixBleed 2 situation update — everybody already got owned Intelligence and Information WarfareHow terrorist groups are leveraging AI to recruit and finance their operationsThe government pays 12 million to China’s Huawei to protect police wiretaps Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 CommunicationChina’s Salt Typhoon Hacked US National Guard MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entitiesUAC-0001 cyberattacks on the security and defense sector using the LAMEHUG software tool, which uses LLM (large language model) (CERT-UA#16039)Trump administration to spend $1 billion on ‘offensive’ hacking operations Addressing State-Linked Cyber Threats to Critical Maritime Port Infrastructure UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspiesCybersecurityCVE-2025-47812: Wing FTP Server Remote Code Execution Vulnerability Exploited in the WildEngaging the Vulnerability Research community through the Vulnerability Research Initiative Hyper-volumetric DDoS attacks skyrocket: Cloudflare’s 2025 Q2 DDoS threat report TRACKING RANSOMWARE : JUNE 2025 Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root CodeUnited Natural Foods Projects Up to $400M Sales Hit From June Cyberattack DOGE Denizen Marko Elez Leaked API Key for xAI Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)