Month: May 2025

5/29/2025

~ The Cyber Beat ~ Leave a comment
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

Threat Actors Abuse Google Apps Script in Evasive Phishing Attacks

New Fullscreen Browser-in-the-Middle (BitM) Exploit Technique Undermines Phishing Detection

Do-It-Yourself Cyberattack Tools Are Booming

The U.S. Is Storing Migrant Children’s DNA in a Criminal Database

U.S. Sanctions Firm Linked to Cyber Scams Behind $200 Million in Losses

European Commission: Make Europe Great Again… For Startups		Victoria’s Secret Takes Website Offline After Security Incident

ConnectWise Confirms Hack, “Very Small Number” of Customers Affected

Kettering Health No Longer Diverting Ems From Its Hospitals

Malware Analysis Reveals Sophisticated RAT With Corrupted Headers

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

The Ancient Warfare Tactics Behind Modern Cyber Attacks

UK Military to Establish New Cyber and Electromagnetic Command

5/28/2025

~ The Cyber Beat ~ Leave a comment
Czech Republic Accuses China (APT31) of Government Hack

Ukraine Tallies up Russian Cyberattacks on Local Media Since Start of War

Ukraine Detains Alleged Russian Spies Who Used Dash Cams to Guide Missile Strikes

Russian IT Pro Sentenced to 14 Years Forced Labor for Sharing Medical Data With Ukraine

North Korea Infiltrates U.S. Remote Jobs—With the Help of Everyday Americans

Google Warns of Vietnam-Based Hackers Using Bogus AI Video Generators to Spread Malware

Krebs: Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Oregon Becomes Second State to Ban Sale of Precise Geolocation Data

Cybersecurity Provider Netskope Taps Morgan Stanley for U.S. IPO, Sources Say

AI Developers Should Be Philosophers as Much as Technologists

Why Take9 Won’t Improve Cybersecurity		LexisNexis Leaked Social Security Numbers and Other Personal Data of Over 364,000 People

More Than $12 Million Stolen From Crypto Platform Cork Protocol

Dark Partners Cybercrime Gang Fuels Large-Scale Crypto Heists

Interlock Ransomware Gang Deploys New NodeSnake RAT on Universities

Fake Bitdefender Site Spreads Trio of Malware Tools

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

Botnet Hacks 9,000+ ASUS Routers to Add Persistent SSH Backdoor

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

Ivanti Vulnerability Exploit Could Expose UK NHS Data

Microsoft OneDrive Flaw Exposes Users to Data Overreach Risks

5/27/2025

~ The Cyber Beat ~ Leave a comment
China, Taiwan Trade Accusations Over Cyberattacks

Russian Hackers Void Blizzard (aka Laundry Bear) Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages

CISA Cuts Could Sap U.S. Response to China, Insiders Say

U.S. Government Launches Audit of NIST’s National Vulnerability Database

Governments Urge Organizations to Prioritize SIEM/SOAR Adoption

Apple Says It Blocked $2 Billion in App Store Fraud Last Year

Iranian Pleads Guilty to RobbinHood Ransomware Attacks, Faces 30 Years		MATLAB Dev Confirms Ransomware Attack Behind Service Outage

Nearly 70,000 Impacted by Ransomware Attack on Sheboygan, Wisconsin

Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers

DragonForce Ransomware Leveraged in MSP Attack Using RMM Tool

Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Malicious Machine Learning Model Attack Discovered on PyPI

5/23-25/2025

~ The Cyber Beat ~ Leave a comment
Musk’s DOGE Expanding His Grok AI in U.S. Government, Raising Conflict Concerns

When 20,000 Devices Were Paralyzed by a Bad Update, a Georgia Health System Turned to Apple

Glitch to End App Hosting and User Profiles on July 8

Telegram ‘Surprised’ as Vietnam Orders Messaging App to Be Blocked

Law Enforcement Busts Initial Access Malware Used to Launch Ransomware

Remembering John Young, Co-founder of Web Archive Cryptome

Leak Suggests xAI is Getting Ready to Ship Grok 3.5

Vibe Coding Company Says Claude 4 Reduced Syntax Errors by 25%

Researchers Claim ChatGPT O3 Bypassed Shutdown in Controlled Test

ChatGPT Deep Research Can Now Pull Data From Dropbox and Box		Adidas Warns of Consumer Data Breach

Ransomware Scum Leaked Nova Scotia Power Customers’ Info

DragonForce Engages in “Turf War” for Ransomware Dominance

FBI Warns of Luna Moth Extortion Attacks Targeting Law Firms

Fake Zenmap. WinMRT Sites Target IT Staff with Bumblebee Malware

Dozens of Malicious Packages on NPM Collect Host and Network Data

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

Windows Zero-Day Bug Exploited for Browser-Led RCE

Commvault Clients Should Beware of Campaign Targeting Cloud Applications, CISA Says

5/22/2025

~ The Cyber Beat ~ Leave a comment
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

Krebs: Oops, DanaBot Malware Devs Infected Their Own PCs

FTC Finalizes Order Requiring GoDaddy to Secure Hosting Services

OpenAI, Google and xAI Battle for Superstar AI Talent, Shelling Out Millions

Russia Expected to Pass Experimental Law That Tracks Foreigners in Moscow via Smartphones

Police Arrests 270 Dark Web Vendors, Buyers in Global Crackdown

Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying

U.S. Indicts Leader of Qakbot Botnet Linked to Ransomware Attacks		Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

Sui Validators Freeze Majority of Stolen Funds in $220M Cetus Hack

AI-Generated TikTok Videos Used to Distribute Infostealer Malware

Blurring Lines Between Scattered Spider & Russian Cybercrime

Russian Hacker Group Killnet Returns With New Identity

Russian Threat Actor TAG-110 Goes Phishing in Tajikistan

Hackers Use Fake Ledger Apps to Steal Mac Users’ Seed Phrases

Following Data Breach, Multiple Stalkerware Apps Go Offline

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

Critical Zero-Days Found in Versa Networks SD-WAN/SASE Platform

5/21/2025

~ The Cyber Beat ~ Leave a comment
Western Intelligence Agencies Expose Russian Cyber Campaign Targeting Support for Ukraine

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Hacker Who Breached Communications App Used by Trump Aide Stole Data From Across U.S. Government

M&S Says Cyber Attack Was Result of Human Error, Declines to Comment on Ransom

M&S Cyberattack to Wipe out Nearly One-Third of Annual Profits

Authorities Carry out Elaborate Global Takedown of Infostealer Lumma Heavily Used by Cybercriminals

3 Teens Almost Got Away With Murder. Then Police Found Their Google Searches

EU Sanctions Target Individuals, Organizations Behind Russia’s Disinformation and Sabotage Operations

European Union Sanctions Stark Industries for Enabling Cyberattacks

“Microsoft Has Simply Given Us No Other Option,” Signal Says as It Blocks Windows Recall		Coinbase Confirms Insiders Handed over Data of 70K Users

Sensitive Data Stolen in West Lothian Cyber Attack

Bell Canada Restores Internet Service After Outage Hits Users in Quebec, Ontario

Cybercriminals Mimic Kling AI to Distribute Infostealer Malware

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

3AM Ransomware Uses Spoofed IT Calls, Email Bombing to Breach Networks

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

Data-stealing Chrome Extensions Impersonate Fortinet, YouTube, VPNs

Critical Samlify SSO Flaw Lets Attackers Log in as Admin

Flaw in Google Cloud Functions Sparks Broader Security Concerns

OpenAI Hints at a Big Upgrade for ChatGPT Operator Agent

Anthropic Web Config Hints at Claude Sonnet 4 and Opus 4

5/20/2025

~ The Cyber Beat ~ 1 Comment
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Dutch Government Passes Law to Criminalize Cyber-Espionage

Half of Consumers Targeted by Social Media Fraud Ads

Uncensored AI Tool Raises Cybersecurity Alarms

Cybersecurity Is in a Pivotal Moment With AI, Says Palo Alto Networks CEO

Mounting GenAI Cyber Risks Spur Investment in AI Security

PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme

Police Investigation Into UK Retail Hacks Focuses on English-Speaking Youths

Federal Charges Filed Against Dem Congresswoman Following Confrontation at ICE Facility

What to Expect When You’re Convicted

VanHelsing Ransomware Builder Leaked on Hacking Forum

Why Rigid Security Programs Keep Failing		Krebs: KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

Kettering Health Suffers System-Wide Tech Outage From Cyberattack, Cancels Elective Procedures

Supplier to Major Supermarkets Peter Green Chilled Hit by Cyber Attack

Mobile Carrier Cellcom Confirms Cyberattack Behind Extended Outages

SK Telecom Says Malware Breach Lasted 3 Years, Impacted 27 Million Numbers

Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

Premium WordPress ‘Motors’ Theme Vulnerable to Admin Takeover Attacks

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Freshly Discovered Bug in OpenPGP.js Undermines Whole Point of Encrypted Comms

5/19/2025

~ The Cyber Beat ~ Leave a comment
Russia-Linked Disinformation Floods Poland, Romania as Voters Cast Ballots

France Rejects Telegram CEO’s Accusations of Romanian Election Interference

Trump Signs Bill Cracking down on Explicit Deepfakes

GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn

Delta Can Sue CrowdStrike Over Computer Outage That Caused 7,000 Canceled Flights

23andMe Sold for $256 Million as Buyer Pledges to Comply With Existing Privacy Policies

SolarWinds Security Chief on the Risks and Rewards of Being a CISO

OpenAI Plans to Combine Multiple Models Into GPT-5

Microsoft Unveils Windows AI Foundry for AI-Powered PC Apps		UK Legal Aid Agency Admits Major Breach of Applicant Data

Breaches at Serviceaide, Nationwide Recovery Services Expose Medical Info of More Than 500,000 People

Arla Foods Confirms Cyberattack Disrupts Production, Causes Delays

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

Fake KeePass Password Manager Leads to ESXi Ransomware Attack

RCE Vulnerability Found in RomethemeKit For Elementor Plugin

O2 UK Patches Bug Leaking Mobile User Location From Call Metadata

Mozilla Fixes Firefox Zero-Days Exploited at Hacking Contest

Hackers Earn $1,078,750 for 28 Zero-Days at Pwn2Own Berlin

5/16-18/2025

~ The Cyber Beat ~ Leave a comment
Key Lawmaker Says Pause in Offensive Cyber Operations Against Russia Lasted One Day

Japan Enacts New Active Cyberdefense Law Allowing for Offensive Cyber Operations

Fired U.S. Gov’t Workers, Uncle XI Wants You! – To Apply for This Fake Consulting Gig

A Letter From the M&S Hackers Landed in My Inbox – This Is What Happened Next

Ex-NSA Bad-Guy Hunter Listened to Scattered Spider’s Fake Help-Desk Calls: ‘Those Guys Are Good’

How the Signal Knockoff App Telemessage Got Hacked in 20 Minutes

Boffins Devise Technique That Lets Users Prove Location Without Giving It Away

U.S. Charges 12 More Suspects Linked to $230 Million Crypto Theft

How a Band of Gamers Became a $263 Million Bitcoin Crime Syndicate

Israel Arrests New Suspect Behind Nomad Bridge $190M Crypto Hack

Hack of SEC Social Media Account Earns 14-Month Prison Sentence for Alabama Man		Russian Hospital Faces Multi-Day Shutdown as Pro-Ukraine Group Claims Cyberattack

UK National Health Service Suppliers Asked to Tackle ‘Endemic’ Ransomware Attacks

Broadcom Employee Data Stolen by Ransomware Crooks Following Hit on Payroll Provider

Printer Maker Procolored Offered Malware-Laced Drivers for Months

Ransomware Gangs Increasingly Use Skitnet Post-Exploitation Malware

Dynamic DNS Emerges as Go-to Cyberattack Facilitator

New ‘Defendnot’ Tool Tricks Windows Into Disabling Microsoft Defender

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

CISA Tags Recently Patched Chrome Bug as Actively Exploited

Hackers Exploit VMware ESXi, Microsoft SharePoint Zero-Days at Pwn2Own

ChatGPT Rolls Out Codex, an AI Tool for Software Programming

5/15/2025

~ The Cyber Beat ~ Leave a comment
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

UAE to Build Biggest AI Campus Outside U.S. in Trump Deal, Bypassing Past China Worries

Lawmakers Push for Reauthorization of Cyber Information Sharing Bill as Deadline Looms

House GOP Move to Block State AI Laws Sounds Cyber Alarms

FBI Warns of AI Voice Messages Impersonating Top U.S. Officials

Meet the Team Paid to Break Into Top-Secret Bases

Krebs: Breachforums Boss to Pay $700k in Healthcare Breach

UnitedHealth’s String of Setbacks, From Exec Murder to Cyber Attack

Cybersecurity Firm Proofpoint to Buy European Rival Hornetsecurity for Over $1 Billion as It Eyes IPO

Socket Buys Coana to Tell You Which Security Alerts You Can Ignore

Meta Is Delaying the Rollout of Its Flagship AI Model		Attack Claimed by Pro-Ukraine Hackers Reportedly Erases a Third of Russian Court Case Archive

Leading Crypto Firm Coinbase Faces up to $400M Hit From Cyber Attack

Coinbase Says ‘Rogue’ Support Agents Helped Steal Customer Data

Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack

PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Windows 11 and Red Hat Linux Hacked on First Day of Pwn2Own

Leak Confirms OpenAI’s ChatGPT Will Integrate MCP

ChatGPT Will Soon Record, Transcribe, and Summarize Your Meetings

New Tor Oniux Tool Anonymizes Any Linux App’s Network Traffic

5/14/2025

~ The Cyber Beat ~ Leave a comment
Russian Internet Shutdown That Disrupted Essential Services Condemned by Rights Groups

Australian Human Rights Commission Leaks Docs to Search Engines

New Leadership Picks for Cyber Command, NSA Coming Soon Amid Broader Decision on Structure

CISA Reverses Decision on Cybersecurity Advisory Changes

Google Chrome to Block Admin-Level Browser Launches for Better Security

89 Million Steam Accounts Allegedly Compromised in a Data Breach. Our Advice: Change Your Password Now

Xinbi Guarantee: The Internet’s Biggest-Ever Black Market Just Shut down Amid a Telegram Purge

European Police Bust €3m Investment Fraud Ring

CFPB Quietly Kills Rule to Shield Americans From Data Brokers

Meta’s Still Violating GDPR Rules With Latest Plan to Train AI on EU User Data, Says NOYB

British Retailer M&S Reportedly Set to Claim £100 Million From Insurers After Cyberattack		Russian Military Cadet Reportedly Arrested for Selling Hacking Tool to FSB Agent

Nova Scotia Power Says Customer Banking Details May Have Been Stolen by Hackers

Steel Giant Nucor Corporation Facing Disruptions After Cyberattack

Fashion Giant Dior Discloses Cyberattack, Warns of Data Breach

Google Says Hackers That Hit UK Retailers Now Targeting American Stores

CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails

New ‘Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Krebs: Patch Tuesday, May 2025 Edition

5/13/2025

~ The Cyber Beat ~ Leave a comment
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

South Korean Researchers Uncover Another APT37 Cyber-Espionage Campaign From the North

CISA Shifts Alert Distribution Strategy to Email, Social Media

European Vulnerability Database Launches Amid U.S. CVE Chaos

Google Introduces Advanced Protection Mode for Its Most At-Risk Android Users

Microsoft Will Update Office Apps on Windows 10 Until 2028

An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado

States Push WeChat for Answers Over Money Laundering Allegations

U.S. Extradites Kosovo National Charged in Operating Illegal Online Marketplace		Chinese-Speaking Hackers Disrupt Drone Supply Chains in Taiwan, Researchers Say

M&S Confirms Customer Data Stolen in Cyber-Attack

Over 100K Impacted by Andy Frain Breach

Twilio Denies Breach Following Leak of Alleged Steam 2FA Codes

Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

Intel’s Data-Leaking Spectre Defenses Scared off Yet Again

Ivanti Warns of Critical Neurons for ITSM Auth Bypass Flaw

Ivanti Fixes EPMM Zero-Days Chained in Code Execution Attacks

Fortinet Fixes Critical Zero-Day Exploited in FortiVoice Attacks

SAP Patches Second Zero-Day Flaw Exploited in Recent Attacks

Microsoft May 2025 Patch Tuesday Fixes 5 Exploited Zero-Days, 72 Flaws

5/12/2025

~ The Cyber Beat ~ Leave a comment
Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

Inside the Misinformation Tsunami Around India-Pakistan Cyber Threats

South African Influencers-For-Hire Target Ukraine’s President in Influence Campaign, Researchers Say

Poland to Shut Russian Consulate After Blaming Kremlin Spies for Arson Attack on Warsaw Mall

Russia’s ‘Outsourced’ Bulgarian Spy Ring Sentenced to More Than 50 Years in UK

Moldova Arrests Suspect Linked to DoppelPaymer Ransomware Attacks

Theom, a Data-Security Startup, Nabs $20 Million

You Can File a Claim for Part of 23andMe’s $30 Million Data Breach Settlement Right Now		Airline Carrying out Deportation Flights Confirms Cyberattack to SEC

Fears ‘Hackers Still in the System’ Leave Co-op Shelves Running Empty Across UK

Alabama Investigating Cybersecurity ‘Event’ on State Network

Hackers Now Testing ClickFix Attacks Against Linux Targets

Deepfakes, Scams, and the Age of Paranoia

Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals

Output Messenger Flaw Exploited as Zero-Day in Espionage Attacks

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

EU Launches Free Entry-Level Cyber Training Program

5/9-11/2025

~ The Cyber Beat ~ Leave a comment

Celebrating 5 years of The Cyber Beat!

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

The Myth of the Genius Hacker

FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers

U.S. Federal Agencies Alert on “Unsophisticated” Operational Technology (OT) Cyber-Threats

BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation

Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data

UN Launches New Cyber-Attack Assessment Framework

Captain of Ship That Damaged Baltic Sea Cable Arrested and Jailed in Hong Kong

U.S. Customs and Border Protection Plans to Photograph Everyone Exiting the U.S. by Car

U.S. Surveillance Watchdog Says Expanded Use of Facial Recognition at Airports Should Be Voluntary

Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection

ChatGPT is Finally Adding Download as PDF for Deep Research		DOGE Software Engineer’s Computer Infected by Malware, Stolen Data Leaked Online

Hackers Hijack Japanese Financial Accounts to Conduct Nearly $2 Billion in Trades

Ascension Says Recent Data Breach Affects Over 430,000 Patients

Iowa County (WI) Computer Network Outage Caused by Ransomware

Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities

Fake AI Video Generators Drop New Noodlophile Infostealer Malware

iClicker Site Hack Targeted Students with Malware via Fake CAPTCHA

Google Deploys On-Device AI to Thwart Scams on Chrome and Android

Bluetooth 6.1 Enhances Privacy with Randomized RPA Timing

Microsoft Teams Will Soon Block Screen Capture During Meetings

5/8/2025

~ The Cyber Beat ~ Leave a comment
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware

Japan Orgs Targeted by CoGUI Phishing Kit Impersonating Amazon, Rakuten

Hack Exposed Data in Catholic Church Sex-Abuse Cases

LockBit Ransomware Hacked, Insider Secrets Exposed

UK Launches New Cybersecurity Assessment Initiatives to Drive Secure by Design

Life Without CVEs? It’s Time to Act

Customs and Border Protection Confirms Its Use of Hacked Signal Clone TeleMessage

The Company Behind the Signal Clone Mike Waltz Used Has Direct Access to User Chats

Krebs: Pakistani Firm Shipped Fentanyl Analogs, Scams to U.S.		Education Giant Pearson Hit by Cyberattack Exposing Customer Data

VC Giant Insight Partners Confirms Investor Data Stolen in Breach

Toronto School District Says Data Not Deleted After Ransom Was Paid to Hacker

38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases

Kickidler Employee Monitoring Software Abused in Ransomware Attacks

Supply Chain Attack Hits npm Package With 45,000 Weekly Downloads

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

5/7/2025

~ The Cyber Beat ~ Leave a comment
Poland Accuses Russia of ‘Unprecedented’ Interference Ahead of Presidential Election

Google Identifies New Malware LOSTKEYS Linked to Russia-Based Hacking Group Cold River

UK Spies See ‘Direct Connection’ Between Russian Cyberattacks and Sabotage Plots

Britain Warns That China Is Becoming a ‘Cyber Superpower’

“Nationally Significant” Cyber-Attacks Have Doubled, UK’s NCSC Reports

CISA Warns of Hackers Targeting Critical Oil Infrastructure

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Companies Want the Government to Go After Hackers. Washington Might be Willing.

Meta Awarded $167.25 Million Over Pegasus Spyware Attack

Open Source Project Curl Is Sick of Users Submitting “AI Slop” Vulnerabilities

DDoS-for-Hire Network Dismantled in International Operation

Delta Air Lines Class Action Cleared for Takeoff Over CrowdStrike Chaos		Russians Face Massive Mobile Internet Restrictions Ahead of Victory Day Parade

PowerSchool Paid Ransom to Hackers After Breach

PowerSchool Hacker Now Extorting Individual School Districts

M&S, Co-op Cyberattackers Duped IT Help Desks Into Resetting Passwords, Says Report

South African Airways Says Cyberattack Disrupted Operational Systems

Medical Device Maker Masimo Warns of Cyberattack, Manufacturing Delays

Oettinger Brewery Gets Hit by Ransomware Attack

Inferno Drainer Returns, Stealing Millions from Crypto Wallets

CoGUI Phishing Platform Sent 580 million Emails to Steal Credentials

Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

5/6/2025

~ The Cyber Beat ~ Leave a comment
Peru Denies It Was Hit by Ransomware Attack Following Rhysida Claims

New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims

Smishing Triad Upgrades Tools and Tactics for Global Attacks

New “Bring Your Own Installer” EDR Bypass Used in Ransomware Attack

U.S. Border Agents Are Asking for Help Taking Photos of Everyone Entering the Country by Car

OpenAI Abandons Planned For-Profit Conversion

Pentagon Declares War on ‘Outdated’ Software Buying

NSA to Cut Up to 2,000 Civilian Roles as Part of Intel Community Downsizing

California Fines Clothing Retailer, Orders Changes in Privacy Business Practices

How to Prevent AI Agents From Becoming the Bad Guys

Addressing the Top Cyber-Risks in Higher Education		UK Legal Aid Agency Investigates Cybersecurity Incident

Alvin Independent School District (TX) Notifies Over 47,000 People of Major Data Breach

West Lothian Schools Hit by Ransomware Cyberattack

Archdiocese of New Orleans Says Cyberattack Might Have Compromised Sex Abuse Survivors’ Data

Multiple iHeartRadio Stations Breached in December

Luna Moth Extortion Hackers Pose as IT Help Desks to Breach U.S. Firms

Linux Wiper Malware Hidden in Malicious Go Modules on GitHub

Apache Parquet Exploit Tool Detect Servers Vulnerable to Critical Flaw

Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet

Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence

Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

5/5/2025

~ The Cyber Beat ~ Leave a comment
Russian Hackers Target Romanian State Websites on Election Day

Security Researchers Warn a Widely Used Open Source Tool Easyjson Poses a ‘Persistent’ Risk to the U.S.

Beware Phony IT Calls After Co-op and M&S Hacks, Says UK cyber Centre

Myanmar Militia Leader Sanctioned by U.S. Over Cyber Scam Connections

Ukraine Detains Alleged FSB Agent Recruited via TikTok for Spying on Military

The Modified Signal App Used by Mike Waltz Was Reportedly Hacked

Trump Promises Protection for TikTok, for Which He Has a ‘Warm Spot in My Heart’

Cybersecurity Companies Want to Go Public. The Market Isn’t Letting Them.		Azerbaijan Blames Russian State Hackers for Cyberattacks on Local Media

Hackers Launch ‘Serious’ Attacks Against Georgia School District, New Mexico University

UK Shares Security Tips After Major Retail Cyberattacks

Data Breach Hits Online Ticket Resale Platform Ticket to Cash

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Darcula PhaaS Steals 884,000 Credit Cards via Phishing Texts

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

Microsoft Finds Default Kubernetes Helm Charts Can Expose Data

5/2-4/2025

~ The Cyber Beat ~ Leave a comment
White House Warns China of Cyber Retaliation Over Infrastructure Hacks

Mike Waltz Out as National Security Adviser, but Trump Says He’ll Be Ambassador to U.N.

Krebs: xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Third of Online Users Hit by Account Hacks Due to Weak Passwords

Microsoft Makes All New Accounts Passwordless by Default

IT Warning After Hackers Close 160-Year-Old Firm Knights of Old in 2023

Beyond Real ID Deadline Panic, National Identity Document Plan Raises New Privacy Questions

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

U.S. Wants to Cut Off Key Player in Southeast Asian Cybercrime Industry: Huione Group

Three Brits Charged Over ‘Active Shooter Threats’ Swattings in U.S., Canada

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

Hacker ‘NullBulge’ Pleads Guilty to Stealing Disney’s Slack Data

Generative AI Makes Fraud Fluent – From Phishing Lures to Fake Lovers

OpenAI Document Explains When to Use Each ChatGPT Model		Blackouts In Europe Continue to Raise Cyber Alarms

Co-Op Confirms Data Theft After DragonForce Ransomware Claims Attack

UK NCSC: Cyberattacks Impacting UK Retailers Are a Wake-up Call

Magento Supply Chain Attack Compromises Hundreds of E-Stores

Dating App Raw Exposed Users’ Location Data and Personal Information

Patients Left in the Dark Months After Cybercriminals Leak Synnovis Testing Lab Data

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

Cobb County (GA) Confirms Data Breach Was Ransom Attack

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

StealC Malware Enhanced With Stealth Upgrades and Data Theft Tools

Microsoft Fixes Exchange Online Bug Flagging Gmail Emails as Spam

Microsoft Ends Authenticator Password Autofill, Moves Users to Edge

Cut CISA and Everyone Pays for It

5/1/2025

~ The Cyber Beat ~ Leave a comment
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

Your Favorite New Coworker Is an AI-Enhanced Operative From North Korea

Claude Chatbot Used for Automated Political Messaging

Think Twice Before Creating That ChatGPT Action Figure

UK and Canadian Regulators Demand Robust Data Protection Amid 23andMe Bankruptcy

Krebs: Alleged ‘Scattered Spider’ Member Extradited to U.S.

Ukrainian Extradited to U.S. for Nefilim Ransomware Attacks		Pro-Russia Hacktivists Bombard Dutch Public Orgs With DDoS Attacks

Poland’s State Registry Temporarily Blocked by Cyber Incident

Harrods the Next UK Retailer Targeted in a Cyberattack

Texas Health Agency Data Breach Now Impacts 94,000

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Mystery Box Scams Deployed to Steal Credit Card Data

Malicious PyPI Packages Abuse Gmail, Websockets to Hijack Systems