1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2025 week 11

Sicelo Ncekana | March 14, 2025, 2:14 p.m.

Cybersecurity News:

  • PowerSchool previously hacked in August, months before data breach [Bill Toulas, Bleeping Computer]
  • The cyber threats to watch in 2025, and other cybersecurity news to know this month [Akshay Joshi, World Economic Forum]
  • Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide [Ravie Lakshmanan, The Hacker Newa]
  • Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware [Kaaviya, GB Hackers]
  • Fake CAPTCHA websites hijack your clipboard to install information stealers [Pieter Arntz, Malwarebytes Labs]
  • Breaches & Leaks:

  • Japanese telco giant NTT Com says hackers accessed details of almost 18,000 organizations [TechCrunch, TechCrunch]
  • PowerSchool previously hacked in August, months before data breach [Bill Toulas, Bleeping Computer]
  • South African property giant hit by major data breach [Business Tech, Business Tech]
  • HDFC Life Data Leak News: ‘data theft incident…no material impact’ – Latest update from insurer [Sarmeeli Mallick, ET Now]
  • Vulnerabilities & Patches:

  • SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware [Kaaviya, Cybersecurity News]
  • Critical Windows Remote Desktop Services Vulnerability Lets Attackers Execute Malicious Code [Guru Baran, Cybersecurity News]
  • Critical PHP vulnerability under widespread cyberattack [Rob Wright, Cybersecurity Dive]
  • Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk [Ravie Lakshmanan, The Hacker Newa]
  • SAP patches severe vulnerabilities in NetWeaver and Commerce apps [John Leyden, CSO]
  • Update your iPhone now: Apple patches vulnerability used in “extremely sophisticated attacks” [Pieter Arntz, Malwarebytes Labs]
  • Malware

  • SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware [Kaaviya, Cybersecurity News]
  • New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions [Bill Toulas, Bleeping Computer]
  • Forescout details SuperBlack ransomware exploiting critical Fortinet vulnerabilities [Anna Ribeiro, Industrial Cyber]
  • Darktrace's Detection of State-Linked ShadowPad Malware [Dark Trace, Dark Trace]