"Experts fund rogue devices, including hidden cellular radios, in Chinese-made power inverters in use worldwide."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 May 2025, 2319 UTC.

Content and Source:  "Security Affairs."

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.cybersecurityjournal.net).

Security Affairs

73K followers26 articles per week

#security#tech

71

Most popular

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Chinese devices raise solar security concerns

•

35by Pierluigi Paganini / 1d

Chinese “kill switches” found in Chinese-made power inverters in US solar farm equipment that could let Beijing remotely disable power grids in a conflict. Investigators found “kill switches” in Chinese-made power inverters in US solar farm equipment. These hidden cellular radios could let Beijing remotely cripple power grids during a conflict. The Times reported that experts found rogue devices,

Japan passed a law allowing preemptive offensive cyber actions

Japan enacts offensive cyber operations law

•

by Pierluigi Paganini / 9h

, shifting from its pacifist stance to bolster defenses like major Western powers. Japan has enacted the Active Cyberdefense Law, allowing preemptive offensive cyber operations to counter threats before damage occurs. This marks a shift from Japan’s pacifist stance under Article 9, aiming to elevate its cyber defense to match major Western powers and enable broader military support to allies. The

Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

by Pierluigi Paganini / 4h

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical vulnerabilities in the Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. “This week at the security hacking competition pwn2own, security researcher

Yesterday

James Comey is under investigation by Secret Service for a seashell photo showing “8647”

Comey faces backlash over Instagram post

•

by Pierluigi Paganini / 14h

James Comey is under investigation for a seashell photo showing “8647,” seen by some as a coded threat against Trump. Former FBI chief James Comey is under investigation by the Secret Service for sharing an image of seashells arranged to display the numbers ‘8647,’ which some interpret as incitement to violence against Trump. “Cool shell formation on my beach walk.” wrote Comey. The post on Insta

Pwn2Own Berlin 2025: total prize money reached $1,078,750

Hackers earn 260K at Pwn2Own

•

by Pierluigi Paganini / 14h

Pwn2Own Berlin 2025 wrapped up with $383,750 awarded on the final day, pushing the total prize money to $1,078,750 over three days. On the final day of Pwn2Own Berlin 2025, participants earned $383,750 for demonstrating zero-day in VMware Workstation, ESXi, Windows, NVIDIA, and Firefox. During the competition, the participants earned a total of $1,078,750, demonstrating 28 unique 0-days in multip

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

by Pierluigi Paganini / 1d

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer Interlock ransomware evolving under the radar Technical Analysis of TransferLoader Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 Horabot Unleashed: A Stealthy Phishing Threat High Risk War

Security Affairs newsletter Round 524 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 1d

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials Shields up US retailers. Scattere

May 17, 2025

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

FBI warns of AI voice scams

•

by Pierluigi Paganini / 2d

FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S. officials. The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials. The FBI warns of a campaign using smishing and vishing with deepfake texts and AI voice messages impersonating senior U.S. officials

Shields up US retailers. Scattered Spider threat actors can target them

2 TTPs

•

by Pierluigi Paganini / 2d

•

Scattered Spider targets retail sector

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. companies, shifting their focus across the Atlantic. The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. The cybercrime group is suspected of hacking into hundreds of organizations over the past two years, including

May 16, 2025

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

Valid Accounts (Enterprise T1078)

•

by Pierluigi Paganini / 2d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the descriptions for these flaws:

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

Hackers earn 260K at Pwn2Own

•

by Pierluigi Paganini / 3d

On day two of Pwn2Own Berlin 2025, participants earned $435,000 for demonstrating zero-day in SharePoint, ESXi, VirtualBox, RHEL, and Firefox. On day two of Pwn2Own Berlin 2025, bug hunters earned a total of $435,000, which brings the contest total to $695,000, after $260,000 was awarded during the first day of the competition. The participants demonstrated 20 unique zero-days in multiple product

New botnet HTTPBot targets gaming and tech industries with surgical attacks

8 TTPs

•

by Pierluigi Paganini / 3d

•

HTTPBot botnet targets Windows systems

New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS cybersecurity discovered a new botnet called HTTPBot that has been used to target the gaming industry, technology firms, and educational institutions in China. HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. The botnet was emp

Meta plans to train AI on EU user data from May 27 without consent

Noyb challenges Meta's AI data use

•

by Pierluigi Paganini / 3d

; privacy group noyb threatens lawsuit over lack of explicit opt-in. Meta plans to use EU user data for AI training starting May 27 without explicit consent. Austrian privacy group noyb threatens a