Recent research from IBM highlights a significant “AI oversight gap” among organizations that have experienced data breaches. According to findings from the company’s Cost of a Data Breach Report, an alarming 97% of these organizations reported a lack of adequate AI access controls, underscoring potential vulnerabilities in their cybersecurity frameworks.…
FBI and Europol Take Down Lumma Stealer Malware Network Responsible for 10 Million Infections
May 22, 2025
Malware / Cybercrime
A major crackdown by international law enforcement agencies and private sector partners has successfully dismantled the infrastructure behind Lumma Stealer (also known as LummaC or LummaC2), resulting in the seizure of 2,300 domains that served as command-and-control hubs for compromised Windows systems. According to the U.S. Department of Justice (DoJ), “Malware like LummaC2 is utilized to extract sensitive information, such as user login credentials, from millions of victims, enabling a range of criminal activities including fraudulent bank transactions and cryptocurrency theft.” Since its emergence in late 2022, Lumma Stealer has been linked to approximately 1.7 million incidents involving the theft of data, including browser information, autofill details, login credentials, and cryptocurrency seed phrases.
FBI and Europol Take Down Lumma Stealer Malware Network, Impacting Millions of Users May 22, 2025 — A significant joint operation led by the FBI in collaboration with Europol and private sector partners has successfully disrupted the infrastructure of Lumma Stealer, a highly active commodity information stealing malware. This operation…
FBI and Europol Take Down Lumma Stealer Malware Network Responsible for 10 Million Infections
May 22, 2025
Malware / Cybercrime
A major crackdown by international law enforcement agencies and private sector partners has successfully dismantled the infrastructure behind Lumma Stealer (also known as LummaC or LummaC2), resulting in the seizure of 2,300 domains that served as command-and-control hubs for compromised Windows systems. According to the U.S. Department of Justice (DoJ), “Malware like LummaC2 is utilized to extract sensitive information, such as user login credentials, from millions of victims, enabling a range of criminal activities including fraudulent bank transactions and cryptocurrency theft.” Since its emergence in late 2022, Lumma Stealer has been linked to approximately 1.7 million incidents involving the theft of data, including browser information, autofill details, login credentials, and cryptocurrency seed phrases.
State Settles for $2 Million with Dental Insurer Over Cybersecurity Breaches In a significant development within the realm of cybersecurity compliance, a settlement has been reached between state authorities and a dental insurance provider concerning serious violations of data security protocols. The agreement, totaling $2 million, highlights the legal and…
Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks
May 22, 2025
Enterprise Security / Malware
A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.
Chinese Cyber Actors Target Global Enterprises Through Ivanti EPMM Vulnerabilities May 22, 2025 – Enterprise Security / Malware Recent developments in the cybersecurity landscape have revealed that a pair of vulnerabilities within Ivanti Endpoint Manager Mobile (EPMM) software, identified as CVE-2025-4427 and CVE-2025-4428, have been exploited by a China-based threat…
Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks
May 22, 2025
Enterprise Security / Malware
A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.
Explore topics in Governance & Risk Management, Operational Technology (OT), and Video. Insights from Space Policy and Technology Director Paul Liias on Satellite Security Challenges By Tony Morbin (@tonymorbin) • August 15, 2025 Paul Liias, Head of Space Policy and Tech, Estonia The potential disruption of civil and military satellite…
Major Cybersecurity Concerns: Data Exposure and Vulnerabilities on the Rise In the latest developments in cybersecurity, various incidents have highlighted growing vulnerabilities in digital infrastructures. Notably, social security numbers (SSNs) are increasingly becoming compromised, with significant amounts of personal data leaking online. The rise of artificial intelligence is exacerbating this…
The second Trump administration faces its first major incident in federal cybersecurity. A recent breach of the U.S. federal judiciary’s electronic case filing system, uncovered around July 4, has forced several courts to revert to backup paper-filing procedures. The hack compromised sealed court records and may have endangered the identities…
Account Takeover Fraud, Fraud Management & Cybercrime, Litigation Zelle Provider Enabled $1 Billion in Fraudulent Transactions, Court Documents Reveal David Perera (@daveperera) • August 13, 2025 Image: PJ McDonnell/Shutterstock The New York Attorney General’s office has filed a lawsuit against Early Warning Services (EWS), the operator of the Zelle money…
Jul 07, 2025
Cybersecurity / Hacking
In the realm of cybersecurity, everything may seem secure—until an overlooked detail lets danger in. Even robust systems can fail due to a simple oversight or a trusted tool’s misuse. Most threats don’t announce their presence; they creep in through overlooked vulnerabilities. A minor bug, a recycled password, a silent connection—these small oversights can lead to substantial risks.
Staying secure isn’t just about quick responses; it’s about identifying early indicators before they escalate into major issues. This week’s updates underscore their importance. From subtle strategies to unexpected intrusion points, the highlights below reveal how swiftly threats can proliferate—and what proactive teams are doing to stay ahead. Let’s get started.
U.S. Disrupts North Korean IT Worker Scheme
— Authorities have revealed that North Korean IT personnel infiltrated over 100 U.S. firms using fake or stolen identities. They not only collected salaries but also siphoned sensitive information and misappropriated virtual currency, with one incident involving over $900,000 targeting an unnamed blockchain company.
Weekly Cybersecurity Recap: Chrome 0-Day Exploit, Ivanti Vulnerabilities, MacOS Data Theft, and Cryptocurrency Heists Date: July 7, 2025 In the realm of cybersecurity, a false sense of security can be perilous. Even the most robust systems are vulnerable if a small detail is overlooked or a typically secure tool is…
Jul 07, 2025
Cybersecurity / Hacking
In the realm of cybersecurity, everything may seem secure—until an overlooked detail lets danger in. Even robust systems can fail due to a simple oversight or a trusted tool’s misuse. Most threats don’t announce their presence; they creep in through overlooked vulnerabilities. A minor bug, a recycled password, a silent connection—these small oversights can lead to substantial risks.
Staying secure isn’t just about quick responses; it’s about identifying early indicators before they escalate into major issues. This week’s updates underscore their importance. From subtle strategies to unexpected intrusion points, the highlights below reveal how swiftly threats can proliferate—and what proactive teams are doing to stay ahead. Let’s get started.
U.S. Disrupts North Korean IT Worker Scheme
— Authorities have revealed that North Korean IT personnel infiltrated over 100 U.S. firms using fake or stolen identities. They not only collected salaries but also siphoned sensitive information and misappropriated virtual currency, with one incident involving over $900,000 targeting an unnamed blockchain company.
