A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Law enforcement operations seized BlackSuit ransomware gang’s darknet sitesArizona woman sentenced for aiding North Korea in U.S. IT job fraud schemeOperation CargoTalon targets Russia’s aerospace with EAGLET malware,Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin accessKoske, a new AI-Generated Linux malware appears in the threat landscapeMitel patches critical MiVoice MX-ONE Auth bypass flawCoyote malware is first-ever malware abusing Windows UI AutomationSonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacksDSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033Stealth backdoor found in WordPress mu-Plugins folderU.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalogU.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalogSophos fixed two critical Sophos Firewall vulnerabilitiesFrench Authorities confirm XSS.is admin arrested in UkraineMicrosoft linked attacks on SharePoint flaws to China-nexus actorsCisco confirms active exploitation of ISE and ISE-PIC flawsSharePoint under fire: new ToolShell attacks target enterprisesCrushFTP zero-day actively exploited at least since July 18Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devicesMuddyWater deploys new DCHSpy variants amid Iran-Israel conflictU.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalogMicrosoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacksSharePoint zero-day CVE-2025-53770 actively exploited in the wildSingapore warns China-linked group UNC3886 targets its critical infrastructureU.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalogRadiology Associates of Richmond data breach impacts 1.4 million peopleInternational Press – NewsletterCybercrimeAt Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds Key figure behind major Russian-speaking cybercrime forum targeted in Ukraine UK student jailed for selling phishing kits linked to £100m of fraud A Spike in the Desert: How GreyNoise Uncovered a Global Pattern of VOIP-Based Telnet AttacksArizona Woman Sentenced in $17M IT Worker Fraud Scheme That Illegally Generated Revenue for North Korea BlackSuit ransomware gang’s darknet websites seized by police Hackers are trying to steal passwords and sensitive data from users of Signal cloneAptly Named: How the Leakzone Exposed Access Logs Phishers Target Aviation Execs to Scam CustomersMalwareUncovering a Stealthy WordPress Backdoor in mu-plugins NPM package ‘is’ with 2.8M weekly downloads infected devs with malwareCoyote in the Wild: First-Ever Malware That Abuses UI Automation AI-Generated Malware in Panda Image Hides Persistent Linux ThreatToptal’s GitHub Organization Hijacked: 10 Malicious Packages PublishedHackingSharePoint Under Siege: from SOC triage to new 0-dayCVE-2025-54309: CrushFTP Zero-Day Exploited in the Wild Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root AccessFire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter EnvironmentsIntelligence and Information WarfareWhat is UNC3886, the group that attacked Singapore’s critical information infrastructure? Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran ConflictThe SOC files: Rumble in the jungle or APT41’s new target in AfricaSharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers Disrupting active exploitation of on-premises SharePoint vulnerabilitiesProfile: GRU cyber and hybrid threat operations Operation CargoTalon : UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant Apple alerted Iranians to iPhone spyware attacks, say researchers CybersecurityMost cybersecurity risk comes from just 10% of employees HPE warns of hardcoded passwords in Aruba access pointsShould We Trust AI? Three Approaches to AI FallibilityNo Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble?Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers Clorox accuses IT provider in lawsuit of giving hackers employee passwords Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)