A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.Palo Alto Networks fixed multiple privilege escalation flawsUnusual toolset used in recent Fog Ransomware attackA cyberattack on United Natural Foods caused bread shortages and bare shelvesApple confirmed that Messages app flaw was actively exploited in the wildTrend Micro fixes critical bugs in Apex Central and TMEE PolicyServerParagon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhonesSinoTrack GPS device flaws allow remote vehicle control and location trackingU.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalogExposed eyes: 40,000 security cameras vulnerable to remote hackingOperation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdownOver 80,000 servers hit as Roundcube RCE bug gets rapidly exploitedA flaw could allow recovery of the phone number associated with any Google accountData BreachTexas Department of Transportation (TxDOT) data breach exposes 300,000 crash reportsSAP June 2025 Security Patch Day fixed critical NetWeaver bugU.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalogMirai botnets exploit Wazuh RCE, Akamai warnedChina-linked threat actor targeted +70 orgs worldwide, SentinelOne warnsDOJ moves to seize $7.74M in crypto linked to North Korean IT worker scamOpenAI bans ChatGPT accounts linked to Russian, Chinese cyber opsNew Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warnsOver 950K weekly downloads at risk in ongoing supply chain attack on Gluestack packagesInternational Press – NewsletterCybercrime20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown Eggs in a Cloudy Basket: Skeleton Spider’s Trusted Cloud Malware DeliverySingapore leads multinational operation to shutter scam centers tied to $225 million in thefts Fog Ransomware: Unusual Toolset Used in Recent AttackCyberattack leads to Whole Foods shortages Whole Foods supplier United Natural Foods says cyber incident disrupted operations Inside a Dark Adtech Empire Fed by Fake CAPTCHAsMalwareSupply chain attack hits Gluestack NPM packages with 960K weekly downloads Destructive npm Packages Disguised as Utilities Enable Remote System WipeDemystifying Myth Stealer: A Rust Based InfoStealer DanaBleed: DanaBot C2 Server Memory Leak Bug Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability HackingBruteforcing the phone number of any Google user Hackers Stole 300,000 Crash Reports From Texas Department of Transportation Big Brother Is Watching You catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default PasswordsSmartAttack: Air-Gap Attack via Smartwatches The TokenBreak AttackWeaponizing Wholesome Yearbook Quotes to Break AI Chatbot FiltersJSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation TechniqueIntelligence and Information WarfareDisrupting malicious uses of AI: June 2025 Operation Phantom Enigma Proxy Services Feast on Ukraine’s IP Address ExodusFollow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets Telegram, the FSB, and the Man in the Middle Paragon says it canceled contracts with Italy over government’s refusal to investigate spyware attack on journalist Sleep with one eye open: how Librarian Ghouls steal data by night UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign Meta found a new way to violate your privacy. Here’s what you can doGraphite Caught First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted CybersecurityDepartment Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government Why the Revision of the Cybersecurity Act is the Most Consequential Regulatory Development of 2025 (and Beyond) Defending Against Malware: The Invisible EnemyAI could unleash ‘deep societal upheavals’ that many elites are ignoring, Palantir CEO Alex Karp warns Apple fixes new iPhone zero-day bug used in Paragon spyware hacks Global Cybersecurity Market To Reach $1 Trillion Annually By 2031 Follow me on Twitter: @securityaffairs and Facebook and MastodonPierluigi Paganini(SecurityAffairs – hacking, newsletter)