"Expert used ChatGPT4o to creat a replica of his passport in just 5 minutes, bypassing KYC."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 06 April 2025, 1335 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

72K followers25 articles per week

#security#tech

30

Most popular

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

ChatGPT generates fake passports easily

•

200+by Pierluigi Paganini / 5h

A researcher used ChatGPT-4o to create a replica of his passport in just five minutes, realistic enough to deceive most automated KYC systems. Polish researcher Borys Musielak ( @michuk ) used ChatGPT-4o to generate a fake passport in just five minutes. The document is realistic enough to bypass automated Know Your Customer (KYC) checks, the expert states. “You can now generate fake passports wit

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40

by Pierluigi Paganini / 1h

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with Nietzsche Analyzing New HijackLoader Evasion Tactics Ma

Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 1h

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A flaw in Verizon’s iOS Call Filter app exposed call records of millions Port of Seattle ‘s August data breach impacted 90,000 people President Trump fire

Yesterday

A flaw in Verizon’s iOS Call Filter app exposed call records of millions

by Pierluigi Paganini / 18h

A now-patched flaw in Verizon ’s iOS Call Filter app exposed call records of millions. No abuse found. Only phone numbers and timestamps were at risk. A now-patched vulnerability in Verizon ’s iOS Call Filter app could have been exploited to harvest the call records of millions of Americans. Verizon’s Call Filter app allows users to identify and manage unwanted calls, such as spam and robocalls.

Port of Seattle ‘s August data breach impacted 90,000 people

2 TTPs

•

by Pierluigi Paganini / 1d

•

Port of Seattle cyberattack exposes data

Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle , which also operates the Seattle-Tacoma International Airport. The attack impacted websites and phone systems. According to The Seattle Times, the cyber attack disrupted travel plans. Source NewsBytes The Port of

Apr 4, 2025

President Trump fired the head of U.S. Cyber Command and NSA

Trump fires NSA director Haugh

•

36by Pierluigi Paganini / 1d

President Trump fired Gen. Timothy Haugh as head of U.S. Cyber Command and NSA President Donald Trump this week fired Air Force Gen. Timothy Haugh, who served as the head of U.S. Cyber Command and the National Security Agency. Gen. Haugh’s was fired just over a year into a typical three-year term. Intelligence experts warn that the decision could significantly impact national security. Trump also

Critical flaw in Apache Parquet’s Java Library allows remote code execution

5 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2025-30065

Experts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution. Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as Apache Hadoop, Apache Spark, and

Apr 3, 2025

CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

by Pierluigi Paganini / 2d

CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data. The Computer Emergency Response Team of Ukraine (CERT-UA) reported three cyberattacks in March 2025 targeting Ukrainian agencies and infrastructure to steal sensitive data. This activity is tracked under the identifier UAC-0219. “The Ukrainian government’s computer emergency

39M secrets exposed: GitHub rolls out new security tools

Secrets management critical for security

•

by Pierluigi Paganini / 2d

39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. The exposure of this sensitive information poses a serious risk to organizations, as malicious actors are ready to ex

China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March

2 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2025-22457

Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457 . The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose details abou

Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests

by Pierluigi Paganini / 2d

An international law enforcement operation shuts down Kidflix, a child sexual abuse material (CSAM) streaming platform with 1.8M users. An international operation, codenamed Operation Stream, against child sexual exploitation shuts down one of the largest streaming platforms that offered child sexual abuse material (CSAM) in the world, Kidflix. The investigation was led by the State Criminal Poli

Apr 2, 2025

New Triada Trojan comes preinstalled on Android devices

by Pierluigi Paganini / 3d

A new Triada trojan variant comes preinstalled on Android devices, stealing data on setup, warn researchers from Kaspersky. Kaspersky researchers discovered a new Triada trojan variant preinstalled on thousands of Android devices, enabling data theft upon setup. Kaspersky detected 2,600+ infections in Russia from March 13-27, 2025. The malware was discovered on counterfeit Android devices mimicki

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

15 TTPs

•

by Pierluigi Paganini / 3d

•

FIN7 uses Anubis backdoor malware

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems. It executes shell commands and system operations while using obfu

U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog

8 TTPs

•

by Pierluigi Paganini / 3d

•

CVE-2025-24813

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path equivalence vulnerability, tracked as CVE-2025-24813 , to its Known Exploited Vulnerabilities (KEV) catalog . The Apache Tomcat vulnerability CVE-2025-24813 was recently dis

Apr 1, 2025

Apple backported fixes for three actively exploited flaws to older devices

4 TTPs

•

by Pierluigi Paganini / 4d

Apple backports three critical vulnerabilities actively exploited in attacks against older iOS and macOS models. Apple has backported fixes for three actively exploited vulnerabilities to older devices and OS versions. The three vulnerabilities are: CVE-2025-24085 (CVSS score: 7.3) – In January, Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24

Spike in Palo Alto Networks scanner activity suggests imminent cyber threats

24,000 IPs target Palo Alto GlobalProtect

•

by Pierluigi Paganini / 4d

Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks, warns threat intelligence firm GreyNoise. GreyNoise reports that over 24,000 uniqu

Microsoft warns of critical flaw in Canon printer drivers

2 TTPs

•

by Pierluigi Paganini / 4d

•

CVE-2025-1268

Microsoft’s offensive security team discovered a critical code execution vulnerability impacting Canon printer drivers. Researchers at Microsoft’s Offensive Research and Security Engineering (MORSE) team have discovered a critical code execution vulnerability, tracked as CVE-2025-1268 (CVSS score of 9.4), impacting Canon printer drivers. The vulnerability is an out-of-bounds issue that resides in

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

CVE-2025-2825

•

by Pierluigi Paganini / 4d

Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825 , in the CrushFTP file transfer software. Attackers are using exploits based on publicly available proof-of-concept exploit code . The vulnerability impacts Crus

France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency

Apple fined 150 million euros

•

by Pierluigi Paganini / 5d

France fines Apple €150M for abusing its dominance in ATT consent practices on iOS and iPadOS from 2021 to 2023. France’s Autorité de la concurrence fined Apple €150M for abusing its dominance in App Tracking Transparency (ATT) consent practices on iOS and iPadOS between April 26, 2021 and July 25, 2023. Apple launched ATT with iOS 14.5, which requires apps to get user consent to access the Ident

Mar 31, 2025

Hiding WordPress malware in the mu-plugins directory to avoid detection

10 TTPs

•

by Pierluigi Paganini / 5d

•

Malware targets WordPress mu-plugins directory

Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. In February, Sucuri warned of threat actors exploiting WordPress mu-plugins, which auto-load without activation, to maintain persistence and evade detection by hiding backdoors in the plugin directory. “Unlike regular plugins, must-use plugins are automatically loaded on ever

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Collection (Enterprise TA0009)

•

by Pierluigi Paganini / 5d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog . Last week, Cisco disclosed two vulnerabilities in

Russia-linked Gamaredon targets Ukraine with Remcos RAT

13 TTPs

•

by Pierluigi Paganini / 5d

•

Gamaredon exploits LNK files for Remcos

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon , Primitive Bear , ACTINIUM , Callisto ) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukraini

CoffeeLoader uses a GPU-based packer to evade detection

25 TTPs

•

by Pierluigi Paganini / 5d

•

CoffeeLoader malware evades detection

CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active