IT Security Weekend Catch Up – March 16, 2025

Comments
close searching

16.03.2025 | 12:13

IT Security Weekend Catch Up – March 16, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – March 16, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. What happened during ByBit heist, where $1.5 billion has been stolen from a crypto exchange
  2. A well-funded Moscow-based global ‘news’ network has infected Western artificial intelligence tools worldwide with Russian propaganda
  3. ICANN moves to retire Soviet-era .SU country domain name
  4. What really happened with the DDoS attacks that took down X
  5. ClickFix: How to infect your PC in three easy steps
  6. Android devices track you before you even sign in
  7. Cellebrite is using AI to summarize chat logs and audio from seized mobile phones
  8. FTC will send $25.5 million to victims of tech support scams
  9. Alleged co-founder of Garantex arrested in India
  10. Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court

For the more technical

  1. History of NULL pointer dereferences on macOS
  2. Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks
  3. Mozilla warns users to update Firefox before certificate expires
  4. Microsoft Patch Tuesday: March 2025
  5. Microsoft apologizes for removing VSCode extensions used by millions
  6. Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
  7. Sanitization and validation and escaping, oh my!
  8. The ESP32 "backdoor" that wasn't
  9. DeepSeek deep dive: Creating malware, including keyloggers and ransomware
  10. Ghost in the router: China-nexus espionage actor UNC3886 targets Juniper routers
  11. Lazarus strikes npm again with new wave of malicious packages
  12. Phishing campaign impersonates Booking.com, delivers a suite of credential-stealing malware
  13. Lookout discovers new spyware by North Korean APT37
  14. CISA: More than 300 critical infrastructure orgs attacked by Medusa ransomware
  15. SocGholish’s intrusion techniques facilitate distribution of RansomHub ransomware
  16. Decrypting encrypted files from Akira ransomware (Linux/ESXI variant 2024) using a bunch of GPUs
  17. New ransomware operator exploits Fortinet vulnerability duo
  18. Inside Bruted: Black Basta (RaaS) members used automated brute forcing framework to target edge network devices
  19. 2025 Cyber Threat Landscape for the Nordic Financial Sector
  20. Captain MassJacker Sparrow: Uncovering the malware’s buried treasure
  21. AI-assisted fake GitHub repositories fuel SmartLoader and LummaStealer distribution
  22. Unpatched Edimax IP camera flaw actively exploited in botnet attacks
  23. Ballista – new IoT botnet targeting thousands of TP-Link Archer routers

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical What happened during ByBit heist, where $1.5 billion has been stolen from a crypto exchange A wel 2025-03-16T12:13:10+01:00

Comments