ICYMI: 2025-05-08
Latest Headlines
38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
Security Tools Alone Don’t Protect You — Control Effectiveness Does
SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root
Qilin Ransomware Ranked Highest in April 2025 with Over 45 Data Leak Disclosures
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
US Customs and Border Protection Quietly Revokes Protections for Pregnant Women and Infants
Valarian Bags $20M Seed Capital for ‘Isolation-First’ Infrastructure Tech
Russia-Linked APT Star Blizzard Uses ClickFix to Deploy New LostKeys Malware, Google Warns
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet
North Korean’s OtterCookie Malware Upgraded With New Features for Windows, Linux & macOS
New Spam Campaign Abuses Remote Monitoring Tools to Attack Organizations
New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users
The Invisible Storm: Why Cloud Malware Is Your Business’s New Weather Emergency
470 Ransomware Attacking in 2025, Qilin Remains Dominant Followed by Silent & Crypto24
New DOGE Big Balls Ransomware Using Open-Source Tools & Custom Scripts to Infect Victim Machines
IXON VPN Client Vulnerability Let Attackers Escalate Privileges
Ubiquiti UniFi Protect Camera Vulnerability Allows Remote Code Execution
Radware Cloud Web App Firewall Vulnerability Let Attackers Bypass Filters
FBI: End-of-life routers hacked for cybercrime proxy networks
Cisco fixes max severity IOS XE flaw letting attackers hijack devices
Education giant Pearson hit by cyberattack exposing customer data
Supply chain attack hits npm package with 45,000 weekly downloads
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
Kickidler employee monitoring software abused in ransomware attacks
VC giant Insight Partners confirms investor data stolen in breach
Google links new LostKeys data theft malware to Russian cyberspies
SonicWall urges admins to patch VPN flaw exploited in attacks
– MTZ