DJBSEC's CyberNews 3-25-25

Created in March 25, 2025

2025   ·   CyberNews   ·   News

Story 1. 11 Ways Cybercriminals Are Making Phishing More Potent Than Ever

Cybercriminals are evolving their phishing techniques by using AI-generated messages, deepfakes, and adaptive lures tailored to specific targets. They’re also exploiting trusted platforms, like LinkedIn and Microsoft Teams, to appear legitimate while deploying malware or stealing credentials. Advanced spoofing methods and real-time phishing kits make these scams harder to detect. Security professionals urge organizations to train employees continuously and use layered email security tools.
Read more here

Story 2. Chinese Espionage Hacker Group “iSoon” APT Operation Exposed

A leak has revealed extensive details about a Chinese state-sponsored hacker group known as iSoon (APT), involved in espionage and cyber intrusions across Asia, Africa, and the Middle East. The group has targeted foreign governments, telecoms, and key infrastructure using custom malware and persistent backdoors. The leak includes internal documents and chat logs, offering rare insight into how state-backed APTs operate. Security analysts are calling this one of the most significant exposures of China’s cyber activities.
Read more here

Story 3. New VanHelsing Ransomware Targets Windows, ARM, and ESXi Systems

A new ransomware strain named VanHelsing is making headlines for its ability to infect Windows, ARM-based devices, and VMware ESXi servers. This cross-platform malware uses PowerShell scripts and exploits known vulnerabilities to spread rapidly within networks. Security researchers warn that its versatility makes it a growing threat in mixed enterprise environments. Businesses are urged to patch systems, secure hypervisors, and isolate backup infrastructure.
Read more here

Story 4. Critical Ingress NGINX Controller Flaw Could Lead to Cluster Takeover

A critical vulnerability has been discovered in the Ingress NGINX controller for Kubernetes, allowing attackers to potentially gain full control over entire Kubernetes clusters. The flaw enables privilege escalation and unauthorized access through misconfigured annotations. If exploited, it could result in data breaches or total infrastructure compromise. Patches have been released, and organizations are urged to update immediately.
Read more here

Story 5. Cyberattack Disrupts Ukrainian State Railways’ Online Services

Ukraine’s state railway service fell victim to a cyberattack that took down its online ticketing and customer service systems. The incident disrupted public transportation services and delayed digital operations, although physical train services remained operational. Authorities are investigating the origin of the attack, suspected to be politically motivated. This attack highlights the ongoing targeting of Ukraine’s infrastructure amid geopolitical tensions.
Read more here

Story 6. Police Arrest 300 Suspects Linked to African Cybercrime Rings

International law enforcement agencies have arrested over 300 individuals tied to African-based cybercrime groups involved in business email compromise (BEC) and romance scams. The operation, coordinated by Interpol, also led to the seizure of millions in assets and digital evidence. These cybercrime rings have defrauded victims globally by posing as businesses or romantic partners to steal funds. Authorities emphasize the growing global reach of financially motivated threat actors.
Read more here

Story 7. Microsoft Unveils AI-Powered Security Copilot Agents and New Protections

Microsoft has introduced Security Copilot Agents—AI-powered assistants designed to automate threat detection, response, and investigation tasks. These agents integrate with Microsoft 365 Defender and Sentinel to provide real-time security insights and recommendations. The update includes advanced AI protections to defend against prompt injection, data leakage, and manipulation in AI-based systems. It reflects Microsoft’s growing focus on securing both traditional IT and AI-driven environments.
Read more here

Story 8. Microsoft Adds Inline Data Protection for Copilot and AI Features

Microsoft is enhancing its Copilot AI platform with new inline data protection tools to help prevent sensitive information leakage. These features offer real-time alerts and restrictions when users attempt to share confidential data via AI-driven workflows. The update also enables security teams to create customized policies for AI data usage. It’s part of a broader push to balance AI innovation with enterprise-grade data governance.
Read more here

Story 9. Chinese “Weaver Ant” Hackers Spied on Telecom Networks for Four Years

A Chinese APT group dubbed “Weaver Ant” has been quietly infiltrating telecom networks across Southeast Asia for the past four years. The attackers used custom malware and compromised routers to intercept communications and extract intelligence. The campaign remained undetected due to the group’s stealthy techniques and use of legitimate credentials. Security researchers call this a textbook example of long-term cyber-espionage targeting critical infrastructure.
Read more here

Story 10. DrayTek Routers Worldwide Affected by Mysterious Reboot Loop Bug

DrayTek routers globally experienced mass reboot loops over the weekend, causing widespread internet disruptions for businesses and individuals. The issue appears to be linked to a firmware bug or a time-based system error, though no official cause has been confirmed yet. DrayTek has released a temporary workaround and is working on a permanent fix. Users are advised to monitor device updates and apply firmware patches as soon as they’re released.
Read more here



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2025-07-11
  • DJBSEC's CyberNews 2025-07-10
  • DJBSEC's CyberNews 2025-07-09
  • DJBSEC's CyberNews 2025-07-08
  • DJBSEC's CyberNews 2025-07-07