IT Security Weekend Catch Up – May 18, 2025

Comments
close searching

18.05.2025 | 21:19

IT Security Weekend Catch Up – May 18, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – May 18, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Rogue communication devices found in Chinese solar power inverters
  2. Xinbi: The $8 billion Colorado-incorporated marketplace for pig-butchering scammers and North Korean hackers
  3. The Internet’s biggest-ever black market just shut down amid a Telegram purge
  4. Introducing oniux: Kernel-level Tor isolation for any Linux app
  5. The most persuasive “people” on a popular subreddit turned out to be a front for a secret AI experiment
  6. DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains
  7. Breachforums boss to pay $700k in healthcare breach
  8. Google to pay $1.38 billion over privacy violations

For the more technical

  1. The May 2025 security update review
  2. Apple updates everything: May 2025 edition
  3. Branch Privilege Injection: Compromising Spectre v2 hardware mitigations by exploiting branch predictor race conditions
  4. One-click RCE in ASUS’s preinstalled driver software
  5. Printer company provided infected software downloads for half a year
  6. Backdooring the IDE: Malicious npm packages hijack Cursor editor on macOS
  7. Sophisticated NPM attack leveraging Unicode steganography and Google Calendar C2
  8. Stealthy .NET malware: Hiding malicious payloads as bitmap resources
  9. A .NET multi-stage malware delivery system
  10. Technical analysis of TransferLoader
  11. New Noodlophile stealer distributes via fake AI video generation platforms
  12. Evolution of Tycoon 2FA defense evasion mechanisms: Analysis and timeline
  13. Lumma stealer, coming and going
  14. Sit, fetch, steal - Chihuahua stealer: A new breed of infostealer
  15. DarkCloud Stealer: Comprehensive analysis of a new attack chain that employs AutoIt
  16. Fileless execution: PowerShell based shellcode loader executes Remcos RAT
  17. APT36-style ClickFix attack spoofs Indian Ministry to target Windows & Linux
  18. Defending against UNC3944: Cybercrime hardening guidance from the frontlines
  19. Operation RoundPress
  20. TA406 pivots to the front
  21. Earth Ammit disrupts drone supply chains through coordinated multi-wave attacks in Taiwan
  22. Unveiling Swan Vector APT targeting Taiwan and Japan with varied DLL implants
  23. Marbled Dust leverages zero-day in Output Messenger for regional espionage
  24. Analysis of APT37 attack case disguised as a think tank for national security strategy in South Korea

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Rogue communication devices found in Chinese solar power inverters Xinbi: The $8 billion Colorado 2025-05-18T21:19:27+02:00

Comments