"Google fined $314M for misusing idle Android users' data." 

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 04 July 2025, 1453 UTC.

Content and Source:  "Security Affairs."

Email subscription via https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

74K followers25 articles per week

#security#tech

44

Most popular

Google fined $314M for misusing idle Android users’ data

Google fined over data misuse

•

by Pierluigi Paganini / 1h

Google must pay $314M after a California court ruled it misused idle Android users’ data. The case ends a class-action suit filed in August 2019. A San Jose jury ruled that Google misused Android users’ cell phone data and must pay over $314.6 million in damages to affected users in California. Google is liable for collecting data from idle Android phones without consent, placing unfair costs on

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

5 TTPs

•

by Pierluigi Paganini / 3d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler vulnerability, tracked as CVE-2025-6543 , to its Known Exploited Vulnerabilities (KEV) catalog . CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability

CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025

2 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2025-6554

Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit exists in the wild. Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit is available in the wild. “Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via

Yesterday

A flaw in Catwatchful spyware exposed logins of +62,000 users

by Pierluigi Paganini / 6h

A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered the vulnerability. Catwat

China-linked group Houken hit French organizations using zero-days

9 TTPs

•

by Pierluigi Paganini / 19h

China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set, which overlaps wi

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

Impact (Enterprise TA0040)

•

by Pierluigi Paganini / 21h

Resecurity found a breach in Brazil’s CIEE One platform, exposing PII and documents, later sold by data broker “888” on the dark web. Resecurity identified a data breach of one of the major platforms in Brazil connecting businesses and trainees called CIEE One – leading to the compromise of sensitive PII, including ID records, contact information, medical reports, scans of documents, and other re

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

Darknet drug market Archetyp dismantled

•

by Pierluigi Paganini / 1d

Europol shuts down Archetyp Market, longest-running dark web drug site, the police arrested the admin in Spain, top vendors hit in Sweden. An international law enforcement operation led by German authorities has shut down Archetyp Market, the longest-running dark web drug marketplace, in a coordinated operation across six countries with support from Europol and Eurojust. The market’s administrato

Jul 2, 2025

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

Kelly Benefits data breach impacts 550000

•

by Pierluigi Paganini / 1d

A data breach at Kelly Benefits has impacted 550,000 people, with the number of affected individuals growing as the investigation continues. Benefits and payroll solutions firm Kelly Benefits has confirmed that a recent data breach has affected 550,000 individuals. As the investigation continued, the scale of the impact expanded, revealing that more people were affected than initially believed. T

Cisco removed the backdoor account from its Unified Communications Manager

Valid Accounts (Enterprise T1078)

•

by Pierluigi Paganini / 1d

•

CVE-2025-20309

Digital communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM). A flaw, tracked as CVE-2025-20309 (CVSS score of 10), in Cisco Unified Communications Manager and its Session Management Edition lets remote attackers log in using hardcoded root credentials set during development. Cisco Unified Communications Manager

U.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hosting

US sanctions Aeza Group cybercriminal hosting

•

by Pierluigi Paganini / 2d

U.S. Treasury sanctions Russia-based Aeza Group and affiliates for aiding cybercriminals via bulletproof hosting services. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russia-based Aeza Group for aiding global cybercriminals via bulletproof hosting services. A bulletproof hosting service is a type of internet hosting provider that knowingly allows cybercriminals to host

Qantas confirms customer data breach amid Scattered Spider attacks

6 TTPs

•

by Pierluigi Paganini / 2d

•

FBI warns of airline cyberattacks

Qantas reports a cyberattack after hackers accessed customer data via a third-party platform, amid ongoing Scattered Spider aviation breaches. Qantas, Australia’s largest airline, disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing Scattered Spider activity, was detected and contained on Mon

Jul 1, 2025

U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog

by Pierluigi Paganini / 2d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the descriptions for these flaws: CVE-2025-48927 (CVSS score of 5.3) TeleMessage TM SGNL Initiali

A sophisticated cyberattack hit the International Criminal Court

ICC targeted by multiple cyberattacks

•

by Pierluigi Paganini / 2d

The International Criminal Court (ICC) is probing a sophisticated cyberattack that was discovered and contained last week. On June 30, 2025, the International Criminal Court (ICC) announced that it was hit by a sophisticated and targeted cyberattack. The organization confirmed that the incident was detected and contained by its defense systems. “Late last week, the International Criminal Court (“

Esse Health data breach impacted 263,000 individuals

2 TTPs

•

by Pierluigi Paganini / 2d

•

Esse Health data breach impacts 263000

A cyberattack on healthcare provider Esse Health in April 2025 exposed data of 263K+ patients, including SSNs and medical info. In April 2025, Missouri-based healthcare provider Esse Health suffered a cyberattack that disrupted its systems and led to the theft of personal data from over hundreds of thousands individuals. Esse Health is an independent physician group based in the Greater St. Louis

GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI

by Pierluigi Paganini / 3d

Germany asked Google and Apple to remove DeepSeek AI from their app stores, citing GDPR violations over unlawful data collection and transfers to China. The Berlin Commissioner for Data Protection requested Google and Apple to remove the DeepSeek AI app from their app stores due to GDPR violations. On May 6, 2025, Berlin’s Data Protection Commissioner asked the company to remove its apps from Ger

Europol dismantles €460M crypto scam targeting 5,000 victims worldwide

by Pierluigi Paganini / 3d

Europol busted a crypto scam ring that laundered €460M from 5,000+ victims. Operation Borrelli involved Spain, the U.S., France, and Estonia. Europol has taken down a massive cryptocurrency fraud ring that scammed over 5,000 people worldwide, laundering around €460 million ($540 million). The international operation, dubbed Operation Borrelli , began in 2023 and was led by Spain’s Guardia Civil w

Jun 30, 2025

CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

3 TTPs

•

by Pierluigi Paganini / 3d

•

DHS issues terrorism advisory bulletin

U.S. warns of rising Iranian cyber threats exploiting outdated software and weak passwords, with attacks likely to escalate due to recent events. U.S. cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connect

Canada bans Hikvision over national security concerns

by Pierluigi Paganini / 4d

, ordering the company to stop operations and barring its tech from government use. Canada ordered Chinese surveillance firm Hikvision to cease all operations in the country, citing national security concerns. Minister Mélanie Joly announced the decision after a security review found vendor’s activities could pose a threat. Canada bans Hikvision products for government use, reviewing existing pro

Denmark moves to protect personal identity from deepfakes with new copyright law

Denmark grants rights over digital features

•

by Pierluigi Paganini / 4d

Denmark plans to let citizens copyright their face, body, and voice to combat deepfakes under a new law strengthening personal digital rights. Denmark plans to amend its copyright law to give individuals rights over their body, face, and voice, to combat AI-generated deepfakes. Believed to be the first law of its kind in Europe, the proposal has broad political support and will be submitted for c

Jun 29, 2025

Ahold Delhaize data breach affected over 2.2 Million individuals

3 TTPs

•

by Pierluigi Paganini / 4d

•

Ahold Delhaize USA names Jason Wilson CFO

A ransomware attack on grocery giant Ahold Delhaize led to a data breach that affected more than 2.2 million people. A ransomware attack on Dutch grocery giant Ahold Delhaize has led to a data breach affecting over 2.2 million people. Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company. Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhai

Facebook wants access to your camera roll for AI photo edits

Facebook seeks camera roll AI access

•

by Pierluigi Paganini / 4d

Facebook asks users to allow “cloud processing” to access phone photos for AI-generated collages and recaps, even if not uploaded. Meta-owned Facebook is prompting users to enable “cloud processing” to access photos from their phones, even those not uploaded. If users opt into “cloud processing,” Facebook will continuously upload media to its servers and use details like time, location, and theme

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

by Pierluigi Paganini / 4d

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play Uncovering a Tor-Enabled Docker Exploit Threat Ac

Security Affairs newsletter Round 530 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 4d

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs