A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updatesCritical Sudo bugs expose major Linux distros to local Root exploitsGoogle fined $314M for misusing idle Android users’ dataA flaw in Catwatchful spyware exposed logins of +62,000 usersChina-linked group Houken hit French organizations using zero-daysData BreachCybercriminals Target Brazil: 248,725 Exposed in CIEE One Data BreachEuropol shuts down Archetyp Market, longest-running dark web drug marketplaceKelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progressesCisco removed the backdoor account from its Unified Communications ManagerU.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hostingQantas confirms customer data breach amid Scattered Spider attacksCVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalogA sophisticated cyberattack hit the International Criminal CourtEsse Health data breach impacted 263,000 individualsGDPR violations prompt Germany to push Google and Apple to ban DeepSeek AIEuropol dismantles €460M crypto scam targeting 5,000 victims worldwideCISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructureU.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalogCanada bans Hikvision over national security concernsDenmark moves to protect personal identity from deepfakes with new copyright lawFacebook wants access to your camera roll for AI photo editsInternational Press – NewsletterCybercrimeCrypto investment fraud ring dismantled in Spain after defrauding 5 000 victims worldwideNew INTERPOL report warns of sharp rise in cybercrime in Africa QANTAS CYBER INCIDENT Treasury Sanctions Global Bulletproof Hosting Service Enabling Cybercriminals and Technology Theft PDFs: Portable documents, or perfect deliveries for phish? Hunters International Ransomware Shuts Down, Offers Free Decryptors to Victims Malware10 Things I Hate About Attribution: RomCom vs. TransferLoader FoxyWallet: 40+ Malicious Firefox Extensions Exposed Addressing malware family concept drift with triplet autoencoderRawMal-TF: Raw Malware Dataset Labeled by Type and FamilyHackingICC detects and contains new sophisticated cyber security incidentCVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security UpdateFileFix (Part 2) attackCisco warns that Unified CM has hardcoded root SSH credentialsTaking over 60k spyware user accounts with SQL injectionChina breaks RSA encryption with a quantum computer, threatening global data securityExposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open Intelligence and Information WarfareIranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based MalwareAnalysis of the threat case of kimsuky group using ‘ClickFix’ tactic Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)Dissecting Kimsuky’s Attacks on South Korea: In-Depth Analysis of GitHub-Based Malicious Infrastructure Houken seeking a path by living on the edge with zero-days Israel strikes Iran’s nuclear sites and kills top generals. Iran retaliates with missile barrages How Geopolitical Tensions Are Shaping Cyber Warfare CybersecurityFacebook is asking to use Meta AI on photos in your camera roll you haven’t yet sharedAhold Delhaize Data Breach Impacts 2.2 Million People Denmark to tackle deepfakes by giving people copyright to their own features Berlin data protection commissioner reports AI app DeepSeek in Germany to Apple and Google as illegal content263,000 Impacted by Esse Health Data Breach China breaks RSA encryption with a quantum computer, threatening global data securityData breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without PermissionVulnerability Advisory: Sudo Host Option Elevation of Privilege Top AI models will lie, cheat and steal to reach goals, Anthropic findsOnly One in 10 Organizations Globally Are Ready to Protect Against AI-Augmented Cyber Threats More than 25% of UK businesses hit by cyber-attack in last year, report findsFollow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)