IT Security Weekend Catch Up – May 11, 2025

Comments
close searching

11.05.2025 | 11:43

IT Security Weekend Catch Up – May 11, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – May 11, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Windscribe wins legal battle in Greece due to no-logs policy
  2. TikTok: Covert influence operations
  3. APT29: Inside Russia's most dangerous hacking group
  4. The Signal clone the Trump admin uses was hacked
  5. Court clash between Meta and NSO ends in $168 million defeat for spyware firm
  6. Windows RDP lets you log in using revoked passwords. Microsoft is OK with that
  7. xAI dev leaks API key for private SpaceX, Tesla LLMs
  8. Yemeni man charged in federal indictment alleging he sent ‘Black Kingdom’ malware to extort businesses, schools, and medical clinics
  9. Santa Clarita man agrees to plead guilty to hacking Disney employee’s computer, downloading confidential data from company

For the more technical

  1. Android Security Bulletin—May 2025
  2. SQL Injection in the age of ORM: Risks, mitigations, and best practices
  3. Samsung MagicINFO 9 remains vulnerable to ongoing exploitation
  4. Using trusted protocols against you: Gmail as a C2 mechanism
  5. Backdoor found in popular ecommerce components
  6. wget to wipeout: Malicious Go modules fetch destructive payload
  7. Novel universal bypass for all major LLMs
  8. Trust me, I’m local: Chrome extensions, MCP, and the sandbox escape
  9. Targeted by 20.5 million DDoS attacks, up 358% year-over-year: Cloudflare’s 2025 Q1 DDoS Threat Report
  10. Exposing Darcula: a rare look behind the scenes of a global Phishing-as-a-Service operation
  11. Agenda ransomware group adds SmokeLoader and NETXLOADER to their arsenal
  12. IP cluster linking ransomware activity and Eye Pyramid C2
  13. Mamona: Technical analysis of a new ransomware strain
  14. Operation Deceptive Prospect: RomCom targeting UK organisations through customer feedback portals
  15. Multilayered email attack: How a PDF invoice and geo-fencing led to RAT malware
  16. CoGUI phish kit targets Japan with millions of messages
  17. Detailed analysis of BPFDoor targeting South Korean company
  18. Lampion is back with ClickFix lures
  19. Telegram tango: A pig butchering investigation
  20. COLDRIVER using new malware to steal documents from western targets and NGOs
  21. Pahalgam Attack themed decoys used by APT36 to target the Indian Government
  22. Intrusion into Middle East critical national infrastructure

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Windscribe wins legal battle in Greece due to no-logs policy TikTok: Covert influence operations 2025-05-11T11:43:24+02:00

Comments