4/30/2025 April 30, 2025April 30, 2025 ~ The Cyber Beat ~ Leave a comment Chinese Hackers TheWizards Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement ToolNebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware AttacksApple Notifies New Victims of Spyware Attacks Across the WorldAI Code Hallucinations Increase the Risk of ‘Package Confusion’ AttacksMeta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure CodeSolarWinds Security Chief Tim Brown Hopes the SEC Will Dismiss ChargesIndian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse AllegationsLeaders of Global Online Extortion and Exploitation Group 764 ChargedMaryland Man Pleads Guilty to Outsourcing U.S. Gov’t Work to North Korean Dev in ChinaUK Retailer Co-op Confirms Hack, Reports “Small Impact” to Its SystemsAscension Discloses New Data Breach After Third-Party Hacking IncidentCommvault Says Recent Breach Didn’t Impact Customer Backup DataJapanese Global Logistics Company Kintetsu World Express Confirms Ransomware AttackFBI Shares Massive List of 42,000 LabHost Phishing DomainsDarkWatchman Cybercrime Malware Returns on Russian NetworksRansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed ControlResearchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and DefenseSonicWall: SMA100 VPN Vulnerabilities Now Exploited in Attacks
4/29/2025 April 29, 2025April 29, 2025 ~ The Cyber Beat ~ Leave a comment France Accuses Russian Intelligence of Repeated Cyber Attacks Since 2021…France Ties Russian APT28 Hackers to 12 Cyberattacks on French OrgsSentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and ClientsChina Now America’s Number One Cyber Threat – U.S. Must Get Up to SpeedUK Officials Warn Lawmakers of ‘Turbulence’ at U.S. Cyber Agencies, but Say Partnership Will PrevailU.S. Critical Infrastructure Still Struggles With OT SecurityGoogle Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security ProductsAirPlay Security Flaws Could Help Hackers Spread Malware on Your NetworkWhatsApp Is Walking a Tightrope Between AI Features and PrivacyRisks of Using AI Models Developed by Competing NationsGrinex Exchange Suspected Rebrand of Sanctioned Garantex Crypto FirmUkraine’s Largest Home Improvement Retailer Epicentr Disrupted by CyberattackNova Scotia Energy Provider Takes Some Servers Offline Following Cyber IncidentSK Telecom Cyberattack: Free SIM Replacements for 25 Million CustomersBritain’s M&S Says Cyber Attack Has Hit Food Availability in Some StoresRansomware Attack Forces Shutdown of DuPage County Sheriff’s Office, Courthouse Computer SystemsPhorpiex Botnet Delivers LockBit Ransomware with Automated TacticsNew Gremlin Infostealer Distributed on TelegramNew WordPress Malware Masquerades as PluginHackers Ramp up Scans for Leaked Git Tokens and SecretsCISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV DatabaseMicrosoft: Windows Server Hotpatching to Require Subscription
4/28/2025 April 29, 2025April 29, 2025 ~ The Cyber Beat ~ Leave a comment Uyghur Diaspora Group Targeted with Remote Surveillance MalwareIran Repelled Large Cyber Attack on SundayDonald Trump: “I Would Frankly Tell These People Not to Use Signal”Car Subscription Features Raise Your Risk of Government Surveillance, Police Records ShowiOS and Android Juice Jacking Defenses Have Been Trivial to Bypass for YearsHalf of Mobile Devices Run Outdated Operating SystemsDeep-Pocketed Investors Make Startups a Target for HackersPalo Alto Networks Acquiring Protect AI to Boost Artificial Intelligence ToolsCybersecurity CEO Accused of Running Malware on Hospital PC Blabs About It on LinkedInGovernment Set to Ban SIM Farms in European FirstCloudflare Mitigates Record Number of DDoS Attacks in 2025Ukrainian State and Banking Services Restored After Data Center OutageHitachi Vantara Takes Servers Offline After Akira Ransomware AttackMarks & Spencer Breach Linked to Scattered Spider Ransomware AttackMedia Firm Urban One Confirms Data Breach After Cybercriminals Claim February AttackVeriSource Now Says February Data Breach Impacts 4 Million PeoplePortugal’s REN Says No Sign Blackout Caused by CyberattackEarth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft ToolsHackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely CompromisedKali Linux Warns of Update Failures After Losing Repo Signing KeyHow to Survive as a CISO aka ‘Chief Scapegoat Officer’
4/25-27/2025 April 27, 2025April 27, 2025 ~ The Cyber Beat ~ Leave a comment FBI Seeks Help to Unmask Salt Typhoon Hackers Behind Telecom BreachesEx-CISA Boss Chris Krebs Says Trump Actions Risk ‘Dangerously Degrading’ U.S. Cyber DefensesEasterly Calls for United Front Against ‘Politicizing’ of the Cyber IndustrySecurity Experts Flag Chrome Extension Using AI Engine to Act Without User InputPopular LLMs Found to Produce Vulnerable Code by DefaultSam Altman: AI Privacy Safeguards Can’t Be Established Before ‘Problems Emerge’Receiving Odd Texts for Someone Else? Rise of ‘Wrong Number’ Messages Is New Payday for ScammersCoinbase Fixes 2FA Log Error Making People Think They Were HackedBrave’s Cookiecrumbler Tool Taps Community to Help Block Cookie NoticesWindows “Inetpub” Security Fix Can Be Abused to Block Future UpdatesEx-Disney Worker Who Hacked Menus Gets 3 Years in PrisonMobile Provider MTN Says Cyberattack Compromised Customer DataMarks & Spencer Pauses Online Orders After CyberattackNearly 500,000 Impacted by 2023 Cyberattack on Long Beach, CaliforniaToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double ExtortionDragonForce Expands Ransomware Model With White-Label Branding SchemeStorm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining ContainersWooCommerce Admins Targeted by Fake Security Patches That Hijack SitesDslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan AttacksHackers Abuse OAuth 2.0 Workflows to Hijack Microsoft 365 AccountsCraft CMS RCE Exploit Chain Used in Zero-Day Attacks to Steal DataSAP Fixes Critical Vulnerability After Evidence of Exploitation
4/24/2025 April 24, 2025April 24, 2025 ~ The Cyber Beat ~ Leave a comment North Korean Cyber Spies Created U.S. Firms, and Blocknovas and Softglide, to Dupe Crypto DevelopersLazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle MalwareVerizon DBIR: Small Businesses Bearing the Brunt of Ransomware AttacksDarcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for CybercriminalsGmail’s New Encrypted Messages Feature Opens a Door for ScamsSouth Korea Says DeepSeek Transferred User Data to China and the U.S. Without ConsentUK Bans Export of Video Game Controllers to Russia to Hinder Attack Drone PilotsCyberattack Hits Drinking Water Supplier in Spanish Town Near BarcelonaSSNs and More on 5.5M+ Patients Feared Stolen From Yale HealthFrederick Health Data Breach Impacts Nearly 1 Million PatientsInterlock Ransomware Claims DaVita Attack, Leaks Stolen DataELENOR-corp Ransomware Targets Healthcare SectorLinux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection ToolsHighest-Risk Security Flaw Found in Commvault Backup SolutionsNavigating Regulatory Shifts & AI Risks
4/23/2025 April 23, 2025April 23, 2025 ~ The Cyber Beat ~ Leave a comment FTC’s Holyoak Says Agency Will Avoid ‘Excessive Regulation’ of AI DevelopmentCloudflare: Government-Backed Internet Shutdowns Plummet to Zero in First QuarterFBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024Ransomware Gangs Innovate With New Affiliate ModelsVerizon’s DBIR Reveals 34% Jump in Vulnerability ExploitationVulnerability Exploitation and Credential Theft Now Top Initial Access VectorsKrebs: DOGE Worker’s Code Supports NLRB WhistleblowerThe Tech That Safeguards the Conclave’s SecrecyWhatsApp Now Lets You Block People From Exporting Your Entire Chat HistoryGoogle Drops Cookie Prompt in Chrome, Adds IP Protection to IncognitoCybersecurity Startup Chainguard Almost Triples Valuation to $3.5 Billion After FundraiseAndroid Spyware Disguised as Alpine Quest App Targets Russian Military DevicesRussian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsAppDPRK Hackers Steal $137M from TRON Users in Single-Day Phishing AttackIran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job CampaignBlue Shield of California Leaked Health Data of 4.7 Million Members to GoogleThousands of Baltimore Students, Teachers Affected by Data Breach Following February Ransomware AttackActive! Mail RCE Flaw Exploited in Attacks on Japanese OrgsASUS Releases Fix for AMI Bug that Lets Hackers Brick ServersThe Foundations of a Resilient Cyber WorkforceEU Fines Apple €500 Million and Meta €200 Million for Breaking Digital Market Rules
4/22/2025 April 22, 2025April 22, 2025 ~ The Cyber Beat ~ Leave a comment Russia Is Ramping up Hybrid Attacks Against Europe, Dutch Intelligence SaysBillbug Espionage Group Deploys New Tools in Southeast Asia…Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded MalwareWhistleblower: DOGE Siphoned NLRB Case Data (Krebs)DeepSeek Breach Opens Floodgates to Dark WebMicrosoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate UsersBeware of Video Call Links That Are Attempts to Steal Microsoft 365 Access, Researchers Tell NGOsRIP, Google Privacy SandboxSK Telecom Warns Customer USIM Data Exposed in Malware AttackMarks & Spencer Confirms Cybersecurity Incident Amid Ongoing DisruptionRipple’s Recommended XRP Library xrpl.js Hacked to Steal WalletsNew Cryptojacking Malware Targets Docker with Novel Mining TechniqueCookie-Bite Attack PoC Uses Chrome Extension to Steal Session TokensGCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI PackagesMicrosoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
4/21/2025 April 22, 2025April 22, 2025 ~ The Cyber Beat ~ Leave a comment Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and JapanToday’s LLMs Craft Exploits From Patches at Lightning SpeedHackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware DeliveryHow to Protect Yourself From Phone Searches at the U.S. BorderSoutheast Asian Cyber Fraud Industry at ‘Inflection Point’ as It Expands GloballyTwo Top Cyber Officials Resign From CISAAbilene (TX) Takes Systems Offline After Cyberattack‘Fog’ Hackers Troll Victims With DOGE Ransom Notes‘Elusive Comet’ Attackers Use Zoom to Swindle VictimsJapan Warns of Hundreds of Millions of Dollars in Unauthorized Trades From Hacked AccountsWordPress Ad-Fraud Plugins Generated 1.4 Billion Ad Requests per DayMicrosoft Entra Account Lockouts Caused by User Token Logging Mishap
4/18-20/2025 April 20, 2025April 20, 2025 ~ The Cyber Beat ~ Leave a comment U.S. Will Keep Helping Taiwan in Its Self-Defence, Senator Says in TaipeiChinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 StatesDems Fret Over Doge Feeding Sensitive Data Into Random AIICE Is Paying Palantir $30 Million to Build ‘Immigrationos’ Surveillance PlatformChase Is Suing More Customers for Stealing Money Last Year Using the Viral TikTok ‘Money Hack’Airport Retailer Paradies Shops Agrees to $6.9 Million Settlement Over Ransomware Data BreachCould Ransomware Survive Without Cryptocurrency?Alleged SmokeLoader Malware Operator Facing Federal Charges in VermontTrump Is Shifting Cybersecurity to the States, but Many Aren’t PreparedIf Boards Don’t Fix Operational Technology (OT) Security, Regulators WillMulti-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoaderExperts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoTNew Android Malware Steals Your Credit Cards for NFC Relay Attacks…New Payment-Card Scam Involves a Phone Call, Some Malware and a Personal TapPhishers Abuse Google OAuth to Spoof Google in DKIM Replay AttackInterlock Ransomware Gang Pushes Fake IT Tools in ClickFix AttacksCVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File DownloadCritical Erlang/OTP SSH RCE Bug Now Has Public Exploits, Patch NowASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update FirmwareWidespread Microsoft Entra Lockouts Tied to New Security Feature Rollout
4/17/2025 April 17, 2025April 17, 2025 ~ The Cyber Beat ~ Leave a comment Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL UpdatesState-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware CampaignsNetwork Edge Devices the Biggest Entry Point for Attacks on SMBsSenators Urge Cyber-Threat Sharing Law Extension Before DeadlineThis ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for CopsStormont Asks Cyber Security Police to Investigate Fake Rates WebsiteNew Jersey Sues Discord for Allegedly Failing to Protect ChildrenCybersecurity Startup Exaforce Raises $75 MillionAirport Retailer Agrees to $6.9 Million Settlement Over Ransomware Data BreachEntertainment Services Giant Legends International Discloses Data BreachAhold Delhaize Confirms Data Theft After INC Ransomware Claims AttackMayor of Fall River (MA) Confirms School System Was Hit with a Ransomware AttackNode.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView InstallersNTLM Hash Exploit Targets Poland and Romania Days After PatchChrome Extensions With 6 Million Installs Have Hidden Tracking CodeCISA Flags Actively Exploited Vulnerability in SonicWall SMA DevicesCritical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code ExecutionCybersecurity by Design: When Humans Meet Technology
4/16/2025 April 17, 2025April 17, 2025 ~ The Cyber Beat ~ Leave a comment Brian Krebs: Funding Expires for Key Cyber Vulnerability Database…Trump Administration Decides to Fund CVE Cybersecurity Tracker After All…Last-Minute Funding Uncertainty for Key Cyber Program Spooks IndustryFormer Trump Official Chris Krebs Targeted With Government Probe Vows to Fight…Ex-CISA Chief Chris Krebs Leaving SentinelOne Following Trump PressureGoogle Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 202492% of Mobile Apps Found to Use Insecure Cryptographic MethodsChinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto UsersChinese Firm Tied to Uyghur Rights Abuses Now Training Tibet Police on Hacking TechniquesChina-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European BusinessesResearchers Uncover Social Media Harassment Campaign Targeting Thai Dissidents Since 2020Jira Down: Atlassian Users Experiencing Degraded PerformanceCISA Warns of Potential Data Breaches Caused by Legacy Oracle Cloud LeakGamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint LoginsNew BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server AttacksOver 16,000 Fortinet Devices Compromised With Symlink BackdoorNew Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with LogsApple Fixes Two Zero-Days Exploited in Targeted iPhone Attacks
4/15/2025 April 16, 2025April 17, 2025 ~ The Cyber Beat ~ Leave a comment China Names Alleged U.S. Snoops Over Asian Winter Games AttacksChinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell ToolTrade War Raises Cyber Stakes With ChinaThe CVE Program for Tracking Security Flaws Is About to Lose Federal FundingEU Confirms Issuing ‘Burner Phones’ to Top Officials but Denies Practice Caused by TrumpKrebs: Trump Revenge Tour Targets Cyber Leaders, ElectionsBot Traffic Overtakes Human Activity as Threat Actors Turn to AIChatGPT 4.1 Early Benchmarks Compared Against Google GeminiMajority of Browser Extensions Can Access Sensitive Enterprise Data, New Report FindsAndroid Phones Will Soon Reboot if They’re Locked for a Few DaysLabHost Phishing Mastermind Sentenced to 8.5 Years4Chan’s ‘Cesspool of the Internet’ Is Down After Apparently Being Hacked…Suspected 4Chan Hack Could Expose Longtime, Anonymous AdminsFederal Employee Alleges DOGE Activity Resulted in Data Breach at Labor BoardLandmark Admin Data Breach Impact Now Reaches 1.6 Million PeopleMidnight Blizzard Deploys New Grapeloader Malware in Embassy PhishingNorth Korean Hackers Exploit LinkedIn to Infect Crypto Developers with InfostealersMalicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect OrdersGladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE VulnerabilityMicrosoft Blocks ActiveX by Default in Microsoft 365, Office 2024Are We Prioritizing the Wrong Security Metrics?
4/14/2025 April 14, 2025April 14, 2025 ~ The Cyber Beat ~ Leave a comment Taiwan Charges Chinese Ship Captain With Breaking Subsea CablesChinese Police Ensnaring Tibetans Over Phone and Internet Activity, Human Rights Watch SaysThe Most Dangerous Hackers You’ve Never Heard OfTraderTraitor: The Kings of the Crypto HeistProdaft Offers “No Judgment” Deal to Buy Dark Web Accounts from Cybercrime Forum UsersU.S. Blocks Foreign Governments from Acquiring Citizen DataMeta to Resume AI Training on Content Shared by EuropeansOpenAI’s GPT-4.1, 4.1 nano, and 4.1 mini Models Release ImminentHackers Using AI-Produced Audio to Impersonate Tax Preparers, IRSSilicon Valley Crosswalk Buttons Hacked to Imitate Musk, Zuckerberg’s VoicesDialysis Firm DaVita Hit by Ransomware Attack, Says Patient Care ContinuesHertz Says Customers’ Personal Data and Driver’s Licenses Stolen in Data BreachInsurance Firm Lemonade Says Breach Exposed Driver’s License NumbersGovtech Giant Conduent Confirms Client Data Stolen in January CyberattackPakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RATNew Malware ResolverRAT Targets Healthcare and Pharma SectorsThat Groan You Hear Is Users’ Reaction to Recall Going back Into WindowsNew SSL/TLS Cert to Live No Longer Than 47 Days by 202940 More Student Athletes Sue Against University of Michigan After Matt Weiss Cyber Hack
4/11-13/2025 April 13, 2025April 13, 2025 ~ The Cyber Beat ~ Leave a comment In Secret Meeting, China Acknowledged Role in U.S. Infrastructure HacksPaper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian SectorsGoogle Cloud: China Achieves “Cyber Superpower” StatusLLMs Can’t Stop Making up Software Dependencies and Sabotaging EverythingLeak Confirms OpenAI’s GPT 4.1 is Coming Before GPT 5.0Google’s AI Video Generator Veo 2 Is Rolling out on AI StudioTycoon2FA Phishing Kit Targets Microsoft 365 with New TricksMicrosoft Defender Will Isolate Undiscovered Endpoints to Block AttacksUnitedHealth Group Sends Demands for Hack Loan RepaymentsWhy Data Privacy Isn’t the Same as Data SecurityTen Things to Know about the European Union’s New Product Liability DirectiveNVD Revamps Operations as Vulnerability Reporting SurgesMorocco Investigates Major Data Breach Allegedly by Algerian HackersLaboratory Services Cooperative Exposed Health Data of 1.6 Million PeopleWestern Sydney University Discloses Security Breaches, Data LeakRansomware Attack Cost IKEA Operator in Eastern Europe $23 MillionResearchers Warn About ‘Goffee’ Spilling Onto Russian Flash DrivesSpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake AppsPalo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect GatewaysFortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink ExploitCyble Urges Critical Vulnerability Fixes Affecting Industrial SystemsChrome 136 Fixes 20-Year Browser History Privacy RiskMicrosoft: Windows ‘Inetpub’ Folder Created by Security Fix, Don’t Delete
4/10/2025 April 10, 2025April 10, 2025 ~ The Cyber Beat ~ Leave a comment Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in UkraineInfosec Experts Fear China Could Retaliate Against Tariffs With a Typhoon AttackKrebs: China-based SMS Phishing Triad Pivots to BanksCybersecurity Industry Falls Silent as Trump Turns Ire on SentinelOneTrump Administration Planning Major Workforce Cuts at CISASpyware Maker NSO Group Is Paving a Path Back Into Trump’s AmericaOperation Endgame Continues with Smokeloader Customer ArrestsOpenAI Wants ChatGPT to ‘Know You Over Your Life’ With New Memory UpdateChatGPT’s o4-mini, o4-mini-high and o3 Spotted Ahead of ReleaseSweden Arrests Senior Uyghur Representative on Suspicion of Spying for ChinaU.S. Sensor Giant Sensata Admits Ransomware Derailed OpsOregon’s Environmental Agency Shuts Down Network After CyberattackSouth African Telecom Provider Cell C Serving 7.7 Million Confirms Data Leak Following Cyberattack90 Degree Benefits (AL) Provides Notice of Data BreachNew TCESB Malware Found in Active Attacks Exploiting ESET Security ScannerSpyNote Malware Targets Android Users with Fake Google Play PagesMalicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto AddressesHackers Exploit WordPress Plugin Auth Bypass Hours After DisclosureIncomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container EscapesUsing Post-Quantum Planning to Improve Security Hygiene
4/9/2025 April 9, 2025April 9, 2025 ~ The Cyber Beat ~ Leave a comment Western Intelligence Agencies Warn Spyware Threat Targeting Taiwan, Tibetan Rights AdvocatesU.S. Senator Wyden Announces Hold on Trump Cyber Nominee, Citing Telecom ‘Cover-Up’Precision-Validated Phishing Elevates Credential Theft RisksRansomware Attacks Hit All-Time High as Payoffs DwindleExplosive Growth of Non-Human Identities Creating Massive Security Blind SpotsOpenAI Helps Spammers Plaster 80,000 Sites With Messages That Bypassed FiltersPolice Detains Smokeloader Malware Customers, Seizes ServersData Privacy Regulators Lobby Lawmakers to Not Draft Federal Legislation Preempting State LawsAs Spyware Market Continues to Expand, Diplomatic Pall Mall Process Hits a Pivot PointUkraine’s Railways Restore Half of IT Services Hit by Cyber Attack So FarGermany Links Cyberattack on Research Group to Russian State-Backed APT29 HackersOracle Says “Obsolete Servers” Hacked, Denies Cloud BreachHackers Target SSRF Bugs in EC2-Hosted Sites to Steal AWS CredentialsPipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy RansomwareCISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE AttacksAdobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities DiscoveredKrebs: Patch Tuesday, April 2025 EditionGoogle Takes on Cursor With Firebase Studio, Its AI Builder for Vibe Coding
4/8/2025 April 8, 2025April 9, 2025 ~ The Cyber Beat ~ Leave a comment U.S. Financial Regulator Office of the Comptroller of the Currency (OCC) Says Email Hack Exposed Sensitive Data on Banks…Hackers Lurked in Treasury OCC’s Systems Since June 2023 BreachCanada Says China-Linked Information Campaign Spreading False Narratives About Prime MinisterTo Tackle Espionage, Dutch Government Plans to Screen University Students and ResearchersUAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting UkraineScattered Spider Stops the Rickrolls, Starts the RAT RaceDon’t Open that JPEG in WhatsApp for Windows. It Might Be An .EXEWhatsApp Flaw Can Let Attackers Run Malicious Code on Windows PCsMusk’s DOGE Using AI to Snoop on U.S. Federal Workers, Sources SayEncryptHub’s Dual Life: Cybercriminal vs Windows Bug-Bounty ResearcherCzech Prime Minister Says His X Account Was Hacked ‘From Abroad’Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software ListingsVeristat Files Notice of Data Breach Affecting Consumers’ Social Security NumbersNew Mirai Botnet Behind Surge in TVT DVR ExploitationFortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change FlawAmazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path TraversalAWS Rolls Out ML-KEM to Secure TLS From Quantum ThreatsCISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active ExploitationMicrosoft: Windows CLFS Zero-Day Exploited by Ransomware GangMicrosoft April 2025 Patch Tuesday Fixes Exploited Zero-Day, 134 FlawsNIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog
4/7/2025 April 7, 2025April 7, 2025 ~ The Cyber Beat ~ Leave a comment Public Officials Separate Workplace and Personal Online Lives. Hackers Don’t Care.Darknet’s Xanthorox AI Offers Customizable Tools for HackersUK Loses Bid to Keep Apple Appeal Against Demand for iPhone ‘Backdoor’ a SecretAlleged Scattered Spider SIM-Swapper Must Pay back $13.2m to 59 VictimsSix Arrested for AI-Powered Investment Scams That Stole $20 MillionAustralian Regulator Pulls Licenses of 95 Companies in Effort to Crack Down on Investment ScamsRussia Arrests CEO of Tech Company Linked to Doppelgänger Disinformation CampaignHackers Are Pretending to Be Drone Companies and State Agencies to Spy on Ukrainian VictimsSomeone Hacked Ransomware Gang Everest’s Leak SiteFood Giant WK Kellogg Discloses Data Breach Linked to Clop RansomwareFlaw in ESET Security Software Used to Spread Malware From ToddyCat GroupMalicious Microsoft VS Code Extensions Used in Cryptojacking CampaignWindows 11 24H2 Blocked on PCs with Code-Obfuscation Driver BSODsGoogle Fixes Android Zero-Days Exploited in Attacks, 60 Other Flaws
4/4-6/2025 April 6, 2025April 6, 2025 ~ The Cyber Beat ~ Leave a comment North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm PackagesNSA Director Fired After Trump’s Meeting With Right-Wing Influencer Laura LoomerKrebs: Cyber Forensic Expert in 2,000+ Cases Faces FBI ProbeMaryland Pharmacist Used Keyloggers to Spy on Coworkers for a Decade, Victim AllegesRussia Jails Hacker for Two Years Over Cyberattack on Local Tech CompanyToll Payment Text Scam Returns in Massive Phishing WaveCoinbase to Fix 2FA Account Activity Entry Freaking Out UsersFor Bitcoin Bulls Who Self-Custody Crypto, the Global Risks Are GrowingAlan Turing Institute: UK Can’t Handle a Fight Against AI-Enabled CrimsOpenAI Tests Watermarking for ChatGPT-4O Image Generation ModelHackers Strike Australia’s Largest Pension Funds in Coordinated AttacksEuropcar GitLab Breach Exposes Data of up to 200,000 CustomersPort of Seattle Says Ransomware Breach Impacts 90,000 PeopleLife University Confirms Data Breach Following July 2024 Cybersecurity IncidentLiUNA Announces Data Breach Following Confirmed Ransomware AttackPoisonSeed Phishing Campaign Behind Emails With Wallet Seed PhrasesMalicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive DataTj-actions Supply Chain Attack Traced Back to Single GitHub Token CompromiseWinRAR Flaw Bypasses Windows Mark of the Web Security AlertsMicrosoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
4/3/2025 April 3, 2025April 3, 2025 ~ The Cyber Beat ~ Leave a comment Hackers Hit Ukrainian State Agencies, Critical Infrastructure With New ‘Wrecksteel’ MalwarePoland’s Prime Minister Says Cyberattack Targeted His Party as Election NearsSuspected Chinese Spies Right Now Hijacking Buggy Ivanti Gear – For Third Time in 3 YearsWhy Is Someone Mass-Scanning Juniper and Palo Alto Networks Products?Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost MalwareMicrosoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver MalwareAmateur Hacker ‘Coquettte’ Leverages Russian Bulletproof Hosting Server Proton66 to Spread MalwareMicrosoft at 50: Its Incredible Rise, 15 Lost Years, and Stunning Comeback – In 4 ChartsTexas State Bar Warns of Data Breach After INC Ransomware Claims AttackOracle Privately Confirms Cloud Breach to CustomersSensitive Data Breached in Highline Schools Ransomware IncidentHunters International Shifts From Ransomware to Pure Data ExtortionHacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 RecordsU.S., Australia, Canada Warn of ‘Fast Flux’ Scheme Used by Ransomware GangsCISA Warns of Fast Flux DNS Evasion Used by Cybercrime GangsRecent GitHub Supply Chain Attack Traced to Leaked Spotbugs TokenMax Severity RCE Flaw Discovered in Widely Used Apache ParquetGoogle Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
4/2/2025 April 3, 2025April 3, 2025 ~ The Cyber Beat ~ Leave a comment Waltz and Staff Used Gmail for Government Communications, Officials SayCybersecurity Professor Xiaofeng Wang Faced China-Funding Inquiry Before Disappearing, Sources Say…Cybersecurity Professor Targeted by FBI Has Not Been Detained, Lawyer SaysCrimelords at Hunters International Tell Lackeys Ransomware Too ‘Risky’GitHub Expands Security Tools After 39 Million Secrets Leaked in 2024Microsoft Adds Hotpatching Support to Windows 11 EnterpriseGray Bots Surge as Generative AI Scraper Activity IncreasesChatGPT Is Down Worldwide With Something Went Wrong ErrorOpenAI Backs Deepfake Cybersecurity Startup Adaptive Security in New Funding RoundGenetic Data Site OpenSNP to Close and Delete Data Over Privacy ConcernsPolice Shuts Down KidFlix Child Sexual Exploitation PlatformRoyal Mail Investigates Data Breach Affecting SupplierVerizon Call Filter API Flaw Exposed Customers’ Incoming Call HistoryNative Tribe in Minnesota Says Cyber Incident Knocked Out Healthcare, Casino SystemsThe Siegel Group Announces Data Breach Following Early 2025 CyberattackFIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint SitesOutlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux ServersNew Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for StealthCisco Warns of CSLU Backdoor Admin Account Used in AttacksStripe API Skimming Campaign Unveils New Techniques for TheftCounterfeit Android Devices Found Preloaded With Triada MalwareGoogle Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
4/1/2025 April 1, 2025April 1, 2025 ~ The Cyber Beat ~ Leave a comment North Korean IT Worker Army Expands Operations in EuropeSomeone Is Trying to Recruit Security Researchers in Bizarre Hacking CampaignChina-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber IntrusionsEuropean Commission Takes Aim at End-To-End Encryption and Proposes Europol Become an EU FBIGoogle to Switch on E2EE for All Gmail UsersOpenAI says Deep Research is Coming to ChatGPT Free “Very Soon”Microsoft to Mark Five Decades of Ctrl-Alt-Deleting the CompetitionNew Windows 11 Trick Lets You Bypass Microsoft Account RequirementUkraine Blames Russia for Railway Hack, Labels It “Act of Terrorism”Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining CampaignNearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan CampaignNew Phishing Attack Combines Vishing and DLL Sideloading TechniquesCybercriminals Expand Use of Lookalike Domains in Email AttacksWP Ultimate CSV Importer Flaws Expose 20,000 Websites to AttacksCritical Auth Bypass Bug in CrushFTP Now Exploited in AttacksApple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices