Infosec bits for 2025 week 22

Zoya Vilakazi | May 30, 2025, 12:20 p.m.

Cyber Security News:

Integrating Threat Intelligence into Security Operations Centers [CISO Advisory, Cyber Security News]

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools [Ravie Lakshmanan, The Hacker News]

Attackers are mapping your attack surface—are you? [Sprocket Security, Bleeping Computer]

Street-Level QR Phishing: Cybercriminals Take Social Engineering to the Real World [Guru Baran, Cyber Security News]

Vulnerabilities and Patches:

Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching [Deeba Ahmed, HackRead]

Apache Tomcat CGI Servlet Vulnerability Allows Security Constraint Bypass [Guru Baran, Cyber Security News]

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability [Ryan Naraine, Security Week]

Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft [Anupriya, GB Hakers]

OneDrive File Picker Flaw Gives Apps Full Access to User Drives [WAQAS, HackRead]

Malware:

Fake Bitdefender website used to spread infostealer malware [Daryna Antoniuk, Recorded Future News]

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers [Ravie Lakshmanan, The Hacker News]

New PumaBot Hijacks IoT Devices by Brute Forcing SSH Credentials For Persistence [Tushar Subhra Dutta, Cyber Security News]

Breaches and Exploits:

LexisNexis Informs 360K+ Customers of Third-Party Data Leak [Kristina Beek, Dark Reading]