Top News

• Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

"Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems."

Link

TLP¹ : Green

• Browser extensions turn nearly 1 million browsers into website-scraping bots

"Extensions load unknown sites into invisible Windows. What could go wrong?"

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Russian pro basketball player arrested for alleged role in ransomware attacks

"Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang."

Link

TLP¹ : Green

• Four arrested in UK over M&S, Co-op, Harrods cyberattacks

"The UK's National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods."

Link

TLP¹ : Green

• MPs Warn of “Significant” Iranian Cyber-Threat to UK

"Iranian threat actors pose a major threat to the UK, especially its petrochemical, utilities and finance sectors, a new parliamentary report has warned."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Pierce County, WA libraries notify 336K people of data breach

"The Pierce County Library System this week confirmed it notified 336,826 people of an April 2025 data breach that compromised names and dates of birth."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Asus and Adobe vulnerabilities

"Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products."

Link

TLP¹ : Green

• AMD warns of new Meltdown, Spectre-like bugs affecting CPUs

"Low-severity bugs but infosec pros claim they are a 'critical' overall threat – patch accordingly"

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Anatomy of a Scattered Spider attack: A growing ransomware threat evolves

"The cybercriminal group has broadened its attack scope across several new industries, bringing valid credentials to bear on help desks before leveraging its new learnings of cloud intrusion tradecraft to set the stage for ransomware."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques

"In late 2024, we discovered a malware variant related to the SLOW#TEMPEST campaign. In this research article, we explore the obfuscation techniques employed by the malware authors. We deep dive into these malware samples and highlight methods and code that can be used to detect and defeat the obfuscation techniques."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp