![Cybersecurity News | Daily Recap [24 May 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [24 May 2025]")
Cybersecurity updates yesterday highlight critical vulnerabilities in NETGEAR routers, Apple XNU kernels, and Versa SD-WAN devices, with patches addressing severe security flaws. Law enforcement successfully dismantled major cybercrime operations, including ransomware and dark web drug networks, while new threats target cloud SaaS applications and utilize social media platforms for malware distribution. #NETGEARFlaw #AppleKernelVulnerability #VersaSDWAN #RansomwareOperation #DarkWebArrest #SaaSThreats #TikTokMalware #NPMPackages #CetusHeist #OpenAI
Vulnerabilities & Patches
- A critical NETGEAR router flaw (CVE-2025-4978) allows attackers full admin access by bypassing authentication, risking IoT devices – NETGEAR Flaw
- Apple patched a high-severity XNU kernel vulnerability (CVE-2025-31219) enabling local privilege escalation across multiple OS versions – Apple Kernel Flaw
- Versa Networks fixed three Concerto SD-WAN vulnerabilities including a critical 10.0 severity remote code execution bug with no known exploits – Versa SD-WAN Patches
Cybercrime & Law Enforcement Actions
- Operation Endgame dismantled ransomware infrastructure and arrested suspects linked to DanaBot and other malware, disrupting major cybercrime networks across Europe and North America – Ransomware Crackdown
- Operation RapTor led to the arrest of 270 dark web drug traffickers and seizure of over $200 million in assets, showcasing effective international cooperation against cyber-enabled crime – Dark Web Bust
Cloud & SaaS Threats
- Commvault clients face targeted campaigns exploiting default configurations in Microsoft Azure cloud apps, with nation-state actors part of a broader SaaS threat landscape per CISA – Commvault Attack Warning, SaaS Campaign Alert
Malware & Attack Techniques
- Hackers use TikTok videos to spread Vidar and StealC malware via the advanced ClickFix technique enabling stealthy memory execution and theft – TikTok Malware Spread
- More than 60 malicious NPM packages have been found stealing host and network data by sending it to a Discord webhook, representing a significant risk despite no second-stage payloads – Malicious NPM Packages
Cryptocurrency & Blockchain Security
- A hacker stole $223 million from the Cetus Protocol on Sui and Aptos blockchains, prompting a $5 million bounty and ongoing blockchain analytics tracking – Cetus Protocol Heist
AI & Automation
- OpenAI improved its Operator Agent with the o3 model, boosting reasoning and accuracy for web automation tasks, currently available to paid users with plans to expand access – OpenAI Operator Upgrade