A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian governmentChina-linked UNC6384 exploits Windows zero-day to spy on European diplomatsOld Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacksEY Exposes 4TB SQL Server Backup Publicly on Microsoft AzureSuspected Chinese actors compromise U.S. Telecom firm Ribbon CommunicationsU.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalogBrush exploit can cause any Chromium browser to collapse in 15-60 secondsEx-Defense contractor exec pleads guilty to selling cyber exploits to RussiaDentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposedHacktivists breach Canada’s critical infrastructure, cyber Agency warnsRussian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targetsU.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalogHerodotus Android malware mimics human typing to evade detectionAisuru botnet is behind record 20Tb/sec DDoS attacksEverest group claimed the hack of Sweden’s power grid operator Svenska kraftnätCritical ASP.NET flaw hits QNAP NetBak PC AgentRansomware payments hit record low: only 23% Pay in Q3 2025X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.Crafted URLs can trick OpenAI Atlas into running dangerous commandsLinux variant of Qilin Ransomware targets Windows via remote management tools and BYOVDWordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flawsSafepay ransomware group claims the hack of professional video surveillance provider XortecInternational Press – NewsletterCybercrimeInsider Threats Loom while Ransom Payment Rates Plummet FBI says card shuffling machines were hacked as part of major illegal gambling schemes Sweden’s power grid operator confirms data breach claimed by ransomware gang ASERT Threat Summary: Aisuru and Related TurboMirai Botnet DDoS Attack Mitigation and Suppression—October 2025—v1.0Former General Manager for U.S. Defense Contractor Pleads Guilty to Selling Stolen Trade Secrets to Russian BrokerNCSC Annual Review 2025 CISA: High-severity Linux flaw now exploited by ransomware gangs Ukrainian National Extradited from Ireland in Connection with Conti Ransomware Silent Push Unearths AdaptixC2’s Ties to Russian Criminal Underworld, Tracks Threat Actors Harnessing Open-Source Tool for Malicious PayloadsHackers threaten to leak data after breaching University of Pennsylvania to send mass emails MalwareAgenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD TechniquesMeet Atroposia: The Stealthy Feature-Packed RAT New Android Malware Herodotus Mimics Human Behaviour to Evade Detection 10 npm Typosquatted Packages Deploy Multi-Stage Credential Harvester PhantomRaven: NPM Malware Hidden in Invisible Dependencies HackingMass Exploit Campaign Targeting Arbitrary Plugin Installation Vulnerabilities CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing OpenAI Atlas Omnibox Prompt Injection: URLs That Become JailbreaksAI Sidebar Spoofing: Malicious Extensions Impersonates AI Browser InterfaceUnseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers “ChatGPT Tainted Memories:” LayerX Discovers The First Vulnerability in OpenAI Atlas Browser, Allowing Injection of Malicious Instructions into ChatGPT Internet-accessible industrial control systems (ICS) abused by hacktivists TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition Don’t take BADCANDY from strangers – How your devices could be implanted and what to do about it Intelligence and Information WarfareMem3nt0 mori – The Hacking Team is back!Ukrainian organizations still heavily targeted by Russian attacks Crypto wasted: BlueNoroff’s ghost mirage of funding and jobsUS accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer Major US Telecom Backbone Firm Hacked by Nation-State ActorsUNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities CN APT targets Serbian GovernmentSuspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack Is Space the Final Frontier of Espionage? China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate SystemsCybersecurityX Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid LockoutsiOS 26 update erases critical trace files used to identify Pegasus intrusions Merkle data hit as Dentsu is rocked by ‘security incident’ EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware How Android provides the most effective protection to keep you safe from mobile scamsFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)