US is yet to determine whose behind cyberattack and outage on Musk’s X
Weekly Cyber News Roundup
Stay ahead of the latest cyber threats with this week’s top stories. From record-breaking crypto heists to AI-powered scams and major data privacy shifts, here’s what’s happening in the digital world.
Threat of the Week
Lazarus Group Behind Historic $1.5 Billion Crypto Theft
The North Korean-linked Lazarus Group has orchestrated the largest cryptocurrency heist in history, stealing over $1.5 billion from Bybit’s cold wallet. The unauthorized activity was detected on February 21, 2025, during a routine Ethereum (ETH) transfer. This breach surpasses previous record-breaking attacks, including Ronin Network ($624 million) and Poly Network ($611 million).
Top Cybersecurity Headlines
OpenAI Cracks Down on Malicious ChatGPT Accounts
OpenAI has suspended multiple accounts engaged in harmful activities, including a China-linked network using ChatGPT to analyze social media content and create fake online narratives. Some accounts were also involved in romance scams and malware development.
Apple Withdraws iCloud’s Advanced Data Protection in the UK
Apple has removed its Advanced Data Protection (ADP) feature in the UK rather than comply with government demands for encryption backdoors. The move follows reports of UK authorities pushing for unrestricted access to iCloud user data.
Salt Typhoon Exploits Cisco Vulnerability for Cyber Attacks
The Chinese-backed hacking group Salt Typhoon is targeting U.S. telecom companies using a previously patched Cisco security flaw (CVE-2018-0171). They employ stealth tactics and a tool called JumbledPath to intercept network traffic undetected.
Russian Hackers Manipulate Signal’s Device-Linking Feature
Russian cybercriminals are using malicious QR codes to exploit Signal’s device-linking feature, gaining unauthorized access to user accounts and intercepting messages. Similar attacks have also been reported on WhatsApp.
Winnti APT41 Targets Japanese Industries with Stealth Malware
The Chinese hacking group Winnti has launched a malware campaign against Japanese companies in manufacturing, materials, and energy sectors. The malware, dubbed RevivalStone, allows attackers to infiltrate internal networks undetected.
- Trending Vulnerabilities (CVEs)
- Cyber threats evolve rapidly—stay secure by updating your software. This week’s notable vulnerabilities include:
- Microsoft Power Pages (CVE-2025-24989)
- OpenSSH (CVE-2025-26465, CVE-2025-26466)
- Cisco, Juniper Networks, and Atlassian vulnerabilities
- TP-Link and D-Link router security flaws
- WordPress plugins (MetaSlider, Chaty Pro) and more
Global Cybersecurity Updates
U.S. Soldier Pleads Guilty to AT&T & Verizon Hacks
Cameron John Wagenius, a 20-year-old U.S. Army soldier, admitted to stealing and selling confidential phone records. He faces up to 20 years in prison.
$577M Crypto Ponzi Scheme Leaders Convicted
Two Estonian nationals behind the HashFlare cryptocurrency mining scam have pleaded guilty, with over $400 million in assets seized. They face up to 20 years in prison each.
Thailand Rescues 7,000 Victims from Scam Call Centers
Thousands of people trapped in Myanmar’s illegal call centers have been rescued. Many were lured in by fake job offers, only to be forced into online scams.
Sanctioned Entities Drive $16 Billion in Illicit Crypto Transactions
Nearly 40% of all illicit crypto activity last year was linked to sanctioned entities, with Iran emerging as a key player in sanctions-related crypto movements.
U.S.-Russia Prisoner Swap Involves Cybercriminal Alexander Vinnik
The U.S. exchanged convicted Russian cybercriminal Alexander Vinnik for American teacher Marc Fogel. Vinnik was arrested for operating the illicit BTC-e crypto exchange.
Black Hat SEO Attacks Target Indian Government Websites
Indian government and financial websites have been compromised using SEO poisoning techniques to redirect visitors to fraudulent investment and gambling sites.
Italian Spyware Firm Tied to Malicious WhatsApp Clones
An Italian spyware company has been linked to malware-infected WhatsApp clones designed to steal personal data, including messages, call logs, and contacts.
CryptoBytes Group Launches UxCryptor Ransomware
Russian hacking group CryptoBytes is deploying UxCryptor ransomware, built using leaked tools, to encrypt victims’ data and demand cryptocurrency payments.
Cybercriminals Now Move from Initial Breach to Full Attack in Just 48 Minutes
A recent manufacturing sector cyberattack took just 48 minutes for hackers to escalate from initial access to widespread network compromise, highlighting the increasing speed of cyber threats.
Stay vigilant and keep your systems updated to stay protected against these evolving cyber threats.
