IT Security Weekend Catch Up – February 16, 2025

Comments
close searching

16.02.2025 | 13:22

IT Security Weekend Catch Up – February 16, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – February 16, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Rise of cryptocurrency loans in Australia spark concerns about financial 'contagion'
  2. Oracle billionaire encourages world leaders to funnel all of their data to AI (and maybe his data centers)
  3. 20 million OpenAI accounts offered for sale
  4. No, OpenAI wasn’t breached—The real threat comes from infostealers
  5. Trolling scammers trend could be 'dangerous'
  6. An Italian journalist speaks about being targeted with Paragon spyware
  7. Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
  8. Key figures behind Phobos and 8Base ransomware arrested in international cybercrime crackdown + more information
  9. US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap

For the more technical

  1. NFC Relay = Criminal “commercialization” of the NFCGate research project
  2. Microsoft February 2025 Patch Tuesday
  3. First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200)
  4. More than 1,000 GitHub repositories at risk: how to detect RepoJacking vulnerabilities
  5. Nginx/Apache path confusion to auth bypass in PAN-OS (CVE-2025-0108)
  6. Leaking the email of any YouTube user for $10,000
  7. Everyone knows your location: tracking myself down through in-app ads
  8. Smuggling arbitrary data through an emoji
  9. RATatouille: Cooking up chaos in the I2P kitchen
  10. Further insights into Ivanti CSA 4.6 vulnerabilities exploitation
  11. Malicious ML models discovered on Hugging Face platform
  12. whoAMI: A cloud image name confusion attack
  13. Xelera ransomware campaign: Fake food corporation of India job offers targeting tech aspirants
  14. Storm-2372 conducts device code phishing campaign
  15. Multiple Russian threat actors targeting Microsoft device code authentication
  16. Sandworm APT targets Ukrainian users with trojanized Microsoft KMS activation tools in cyber espionage campaigns
  17. Cybercrime: A multifaceted national security threat
  18. RedMike (Salt Typhoon) exploits vulnerable Cisco devices of global telecommunications providers
  19. From South America to Southeast Asia: The fragile web of REF7707
  20. You've got malware: Finaldraft hides in your drafts
  21. The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
  22. XE group: From credit card skimming to exploiting zero-days
  23. Chinese-speaking group manipulates SEO with BadIIS

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Rise of cryptocurrency loans in Australia spark concerns about financial ‘contagion’ Oracle billi 2025-02-16T13:22:47+01:00

Comments