IT Security Weekend Catch Up – April 27, 2025

Comments
close searching

27.04.2025 | 12:59

IT Security Weekend Catch Up – April 27, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – April 27, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Gmail’s new encrypted messages feature opens a door for scams
  2. Microsoft now pays up to $30,000 for some AI vulnerabilities
  3. Blue Shield of California shared the private health data of millions with Google for years
  4. Whistleblower: DOGE siphoned NLRB case data
  5. DOGE worker’s code supports NLRB whistleblower
  6. EU fines Apple €500M and Meta €200M for breaking Europe’s digital rules
  7. End of 10 campaign: Windows 10 support ends, replace it with Linux
  8. Why are companies lining up to buy Chrome?
  9. Saying ‘please’ and ‘thank you’ to ChatGPT is costing millions of dollars
  10. Russia attempting cyber sabotage attacks against Dutch critical infrastructure
  11. Russian army targeted by new Android malware hidden in mapping app

For the more technical

  1. VoIP penetration tests
  2. Case study: IOMobileFramebuffer NULL pointer dereference
  3. European Vulnerability Database (EUVD)
  4. How I made $64k from deleted files - a bug bounty story
  5. Github scam investigation: Thousands of "mods" and "cracks" stealing your data
  6. Critical Erlang/OTP SSH pre-auth RCE is 'surprisingly easy' to exploit, patch now
  7. io_uring is back, this time as a rootkit
  8. M-Trends 2025: Data, insights, and recommendations from the frontlines
  9. A deep dive into the latest version of Lumma infostealer with code flow obfuscation
  10. Detecting multi-stage infection chains madness
  11. SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation
  12. Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
  13. A deep dive into Strela stealer and how it targets European countries
  14. BrickStorm backdoor analysis. A persistent espionage threat to European industries
  15. Around the world in 90 days: State-sponsored actors try ClickFix
  16. Phishing for codes: Russian threat actors target Microsoft 365 OAuth workflows
  17. The data chase: Understanding Chinese espionage strategies
  18. Contagious Interview (DPRK) launches a new campaign creating three front companies to deliver a trio of malware: BeaverTail, InvisibleFerret, and OtterCookie
  19. Proton66 part 1: Mass scanning and exploit campaigns
  20. Proton66 part 2: Compromised WordPress pages and malware campaigns

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Gmail’s new encrypted messages feature opens a door for scams Microsoft now pays up to $30,000 fo 2025-04-27T12:59:06+02:00

Comments