1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2025 week 13

Maajied Moos | March 28, 2025, 3:03 p.m.

Cybersecurity News:

  • The hidden risk in SaaS: Why companies need a digital identity exit strategy [Jacob Ideskog, Help Net Security]
  • Hunting Rituals #5:Why hypothesis-based threat hunting is essential in cybersecurity [Yeo Zi Wei and Yiu Wai Leong, Group-IB]
  • Encrypted Messaging Apps Promise Privacy. Government Transparency Is Often the Price [Associated Press, Security Week]
  • New Android malware uses Microsoft’s .NET MAUI to evade detection [Bill Toulas, Bleeping Computer]
  • Vulnerabilities & Patches:

  • Critical 'IngressNightmare' Vulns Imperil Kubernetes Environments [Jai Vijayan, Dark Reading]
  • Critical flaw in Next.js lets hackers bypass authorization [Bill Toulas, Bleeping Computer]
  • CrushFTP warns users to patch unauthenticated access flaw immediately [Sergiu Gatlan, Bleeping Computer]
  • VMware Patches Authentication Bypass Flaw in Windows Tools Suite [SecurityWeek News, Security Week]
  • Attacks & Data Breaches:

  • Oracle Cloud says it's not true someone broke into its login servers and stole data [Jessica Lyons, The Register]
  • Oracle customers confirm data stolen in alleged cloud breach is valid [Lawrence Abrams, Bleeping Computer]
  • Malware:

  • Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed [Ravie Lakshmanan, The Hacker News]
  • Steam pulls game demo infecting Windows with info-stealing malware [Bill Toulas, Bleeping Computer]
  • Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft [Deeba Ahmed, Hack Read]
  • Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT [Beth Maundrill, Info-Security Magazine]
  • VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics [Ravie Lakshmanan, The Hacker News]
  • DeepSeek users targeted with fake sponsored Google ads that deliver malware [Pieter Arntz, Malware Bytes]
  • New Tooling:

  • Malwoverview: First response tool for threat hunting [Mirko Zorz, Help Net Security]