Infosec bits for 2025 week 21

Anele Siwela | May 23, 2025, 9:32 a.m.

Cybersecurity News:

Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals [Lily Hay Newman and Matt Burgess, Wired]

Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More [Ravie Lakshmanan, The hacker news]

New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory [Guru Baran, Cyber Security News]

Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager [Ravie Lakshmanan, The hacker news]

Hackers Attacking Mobile Users Leveraging PWA JavaScript & Browser Protections [Tushar Subhra Dutta, Cyber Security News]

Vulnerabilities and Patches:

May 2025 Patch Tuesday includes five zero-day vulnerabilities [Pieter Arntz, Threat down]

Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities [Ionut Arghire, Security Week]

SAP Patch Day May 2025: Key Security Updates in Focus [Jonathan Stross, Pathlock]

Malware:

Ransomware threat evolves with deceptive PDFs [dig watch, dig watch]

Malware-infected printer delivered something extra to Windows users [Danny Bradbury, Malwarebytes]

Microsoft says 394,000 Windows computers infected by Lumma malware globally [Jonathan Vanian, CNBC]