ICYMI: 2025-01-27
Latest Headlines
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks
DeepSeek’s Popular AI App Is Explicitly Sending US Data to China
Industry Moves for the week of January 27, 2025 - SecurityWeek
LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity
Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST
Building Automation Protocols Increasingly Targeted in OT Attacks: Report
Change Healthcare Data Breach Impact Grows to 190 Million Individuals
DeepSeek Hit by Large-Scale Cyber Attack, Temporarily Limits Registrations
New Attack Abusing Multicast Poisoning for PreAuthenticated Kerberos Relay
Xerox Workplace Suite Vulnerability Let Attackers Bypass API Security
New Phishing Attack Using zero-width Characters to Bypass Security Filters
New Malware Campaign Using 7z & UltraVNC Tool To Deploy Malware
New Phishing Framework Attacking Multiple Brands To Steal Customer Logins
Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
Threat Actors Weaponized XWorm RAT Builder To Attack Script Kiddies
Apache Solr For Windows Vulnerability Allows Arbitrary Path write-access
Bitwarden makes it harder to hack password vaults without MFA
Microsoft: January Windows security updates break audio playback
Apple fixes this year’s first actively exploited zero-day bug
EU sanctions Russian GRU hackers for cyberattacks against Estonia
Hackers steal $85 million worth of cryptocurrency from Phemex
Microsoft Teams phishing attack alerts coming to everyone next month
– MTZ