UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London 英国警方逮捕两名Scattered Spider黑客成员，指控其参与2024年对伦敦交通局的网络攻击，并涉及针对美国医疗网络的攻击活动。两人面临多项指控，包括计算机欺诈和洗钱罪名。此次行动凸显国际执法合作打击网络犯罪的决心。... 2025-9-19 10:54:52 | 阅读: 7 | 收藏 | Security Affairs - securityaffairs.com jubair scattered spider london tfl

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT Radware发现针对ChatGPT的服务器端数据窃取攻击ShadowLeak，利用零点击漏洞通过恶意邮件触发敏感数据泄露。该攻击无需用户操作或可见界面，数据直接从OpenAI云环境外泄。OpenAI已修复该漏洞。... 2025-9-18 23:29:17 | 阅读: 11 | 收藏 | Security Affairs - securityaffairs.com attacker openai client chatgpt radware

SonicWall warns customers to reset credentials after MySonicWall backups were exposed read file error: read notes: is a directory... 2025-9-18 14:14:21 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com preference mysonicwall cloud backup security

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025 read file error: read notes: is a directory... 2025-9-18 08:57:48 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com chrome exploited 10585 windows confusion

Jaguar Land Rover will extend its production halt into a third week following a cyberattack 捷豹路虎因网络攻击延长停产至第三周，生产与零售受阻，每周损失约5000万英镑，疑似黑客组织Scattered Lapsus$ Hunters所为。... 2025-9-18 07:40:48 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com jlr jaguar rover cyberattack halt

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy 中国关联的网络间谍组织APT41伪装成美国议员，在2025年7月至8月期间针对与美中贸易和政策相关的政府机构、智库和学术界人士发起钓鱼攻击。攻击利用虚假立法草案诱骗目标下载恶意文件，植入恶意软件以获取远程访问权限并收集情报。... 2025-9-17 20:26:57 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com ta415 economic apt41 tied phishing

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service 微软与Cloudflare合作打击RaccoonO365钓鱼服务，关闭338个网站并切断其基础设施。该服务被用于窃取数千个Microsoft 365凭证，并影响94个国家。... 2025-9-17 14:18:59 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com microsoft phishing raccoono365 dcu disrupted

DoJ resentenced former BreachForums admin to three years in prison 美国司法部重新判处前黑客论坛BreachForums管理员Conor Brian Fitzpatrick三年监禁，因其经营网络犯罪市场并持有儿童色情内容。该论坛曾交易被盗数据和犯罪工具。... 2025-9-17 09:35:51 | 阅读: 9 | 收藏 | Security Affairs - securityaffairs.com fitzpatrick justice resentenced prison

Apple backports fix for actively exploited CVE-2025-43300 Apple修复了CVE-2025-43300漏洞，该漏洞存在于ImageIO框架中，可能导致内存损坏。补丁已发布到iOS、iPadOS和macOS的多个版本，并确认被用于特定攻击。... 2025-9-17 05:24:16 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com inch 43300 exploited 1st ventura

New supply chain attack hits npm registry, compromising 40+ packages npm registry遭遇供应链攻击，40多个包受影响。恶意更新传播到其他包，篡改文件并注入脚本，导致下游项目被感染。攻击者利用GitHub Actions持续传播和窃取机密信息。... 2025-9-16 20:30:41 | 阅读: 7 | 收藏 | Security Affairs - securityaffairs.com github cloud malicious pierluigi tinycolor

Cybercrime group accessed Google Law Enforcement Request System (LERS) 网络犯罪团伙“Scattered Lapsus$ Hunters”入侵Google执法请求系统(LERS)，创建虚假账户后被封禁。该团伙还声称进入FBI的eCheck系统。Google确认未有数据泄露。该团伙通过社交工程攻击Salesforce数据，影响包括Google在内的多家企业。... 2025-9-16 13:24:15 | 阅读: 11 | 收藏 | Security Affairs - securityaffairs.com lers fraudulent salesforce vanity echeck

China-linked Mustang Panda deploys advanced SnakeDisk USB worm 中国关联的网络攻击组织Mustang Panda利用新型USB蠕虫SnakeDisk和更新版TONESHELL后门进行攻击，主要针对泰国，并与近期的地缘政治紧张局势相关。... 2025-9-16 07:36:59 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com snakedisk thailand worm yokai panda

Insider breach at FinWise Bank exposes data of 689,000 AFF customers FinWise Bank因前员工导致数据泄露，影响68.9万名AFF客户。该员工离职后仍可访问数据，银行已提供一年免费信用监控服务。... 2025-9-16 05:58:14 | 阅读: 23 | 收藏 | Data Breach - securityaffairs.com finwise aff loans american 689

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records 黑客入侵导致Gucci、Balenciaga和Alexander McQueen的客户数据泄露，涉及数百万用户的姓名、联系方式、地址及消费记录。Kering公司确认了此次安全事件，并已通知数据保护机构，但未透露受影响客户数量。攻击者声称获取了7.4 million个电子邮件地址，并试图勒索但遭拒绝。... 2025-9-15 22:27:21 | 阅读: 4 | 收藏 | Security Affairs - securityaffairs.com kering alexander bbc gucci mcqueen

Fairmont Federal Credit Union 2023 data breach impacted 187K people Fairmont联邦信用合作社在2023年的数据泄露事件中影响了18.7万人，泄露了个人、财务和医疗信息。该机构于2024年1月发现此次 breach，并于2025年8月确认攻击发生在2023年9月至10月间。Black Basta勒索软件团伙声称对此负责，并已影响全球500多家组织。... 2025-9-15 18:10:25 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com basta security fairmont ffcu debit

UK ICO finds students behind majority of school data breaches 英国 ICO 报告称学生引发超半数学校数据泄露事件，部分青少年因好奇或报复等原因参与网络犯罪。... 2025-9-15 05:12:13 | 阅读: 8 | 收藏 | Security Affairs - securityaffairs.com insider schools nca pierluigi paganini

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance 巴拿马经济和财政部遭遇网络攻击，黑客组织INC声称窃取1.5TB数据，包括财务文件和内部邮件。尽管关键系统未受影响，但该部门已启动安全措施应对威胁。... 2025-9-15 05:8:24 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com ministry economy panama finance mef

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62 网站使用cookies记录用户偏好和访问信息以提升体验，用户可点击“接受所有”同意使用所有cookies，或通过“Cookie设置”进行个性化控制。... 2025-9-14 15:5:8 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com remembering repeat visits

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION 本网站使用cookies记录用户偏好和访问历史以优化体验。点击"Accept All"即同意使用所有cookies,或通过"Cookie Settings"自定义设置.... 2025-9-14 12:9:19 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com remembering repeat visits

ShinyHunters Attack National Credit Information Center of Vietnam 越南国家信用信息中心（CIC）遭ShinyHunters网络攻击，利用未修复漏洞窃取个人数据并出售。该事件影响多个金融机构，引发身份盗窃风险。相关部门已展开调查并采取应对措施。... 2025-9-14 08:6:38 | 阅读: 9 | 收藏 | Security Affairs - securityaffairs.com vietnam cic banks