This week’s roundup compiles a range of cybersecurity developments, from massive GDPR fines and law enforcement actions to newly disclosed exploit techniques and product security advisories. Highlights include Mandiant’s Net-NTLMv1 rainbow tables release, an Interpol Red Notice for Black Basta leader Oleg Nefedov, Cloudflare WAF bypasses, Snap Store account hijacks, and major data breaches like MnCHOICES. #BlackBasta #Net-NTLMv1
Keypoints
- European authorities levied about €1.2 billion in GDPR fines in 2025, with Ireland leading enforcement.
- Mandiant published Net-NTLMv1 rainbow tables showing password hashes can be recovered in under 12 hours.
- Interpol issued a Red Notice for Oleg Evgenievich Nefedov, alleged leader of the Black Basta ransomware gang.
- A Cloudflare WAF bypass via ACME challenge paths was discovered and patched after exposing origin servers.
- Exposed cloud training apps and hijacked Snap Store publisher accounts are being abused to deploy crypto-miners and wallet‑draining malware.