![Cybersecurity News | Daily Recap [15 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [15 Jul 2025]")
Louis Vuitton experiences data breaches across Turkey, South Korea, and the UK amid a surge in retail cyber incidents, while Belk faces ransomware attacks from DragonForce causing data leaks. Additionally, Dordt University reports a 2024 breach exposing sensitive data, linked to BianLian, highlighting ongoing threats in retail, education, and phishing campaigns targeting developers and organizations. #LouisVuitton #Belk #DordtUniversity #DragonForce #BianLian
Data Breaches & Ransomware
- Louis Vuitton suffered data breaches impacting customers in Turkey, South Korea, and the UK, amid a wave of retail brand incidents β Louis Vuitton Breach
- DragonForce ransomware attacked US retailer Belk, causing disruptions and leaking customer data without ransom payment β Belk Ransomware
- Dordt University notified over 34,000 people of a 2024 ransomware breach exposing SSNs and medical info, attributed to BianLian β Dordt University Breach
Malware & Phishing Campaigns
- North Korean hackers flooded npm registry with evolving malware loaders like XORIndex and tools such as BeaverTail targeting developers in the ongoing Contagious Interview campaign β XORIndex npm Attack
- New Android Konfety malware variant uses malformed APKs and obfuscation to evade detection while spreading through third-party stores β Konfety Malware
- Phishing campaigns exploit SVG files for browser-based redirection to evade detection, targeting B2B service providers with spoofed domains β SVG Phishing
- New PHP-based Interlock RAT variants employ advanced FileFix delivery and Cloudflare tunnels, increasing stealth and targeting multiple industries β Interlock RAT, FileFix Delivery
- A malicious VSCode extension disguised in Cursor IDE led to a $500K cryptocurrency theft, showing risks from open-source repos β VSCode Crypto Theft
- HazyBeacon malware campaign uses AWS Lambda and cloud services for covert espionage targeting Southeast Asian governments β HazyBeacon Espionage
Cybersecurity Alerts & Vulnerabilities
- CISA warns of actively exploited Wing FTP Server vulnerability risking total server compromise, affecting critical organizations including the US Air Force β Wing FTP Bug
- CISA issues urgent warning on critical CitrixBleed 2 flaw (CVE-2025-5777) allowing session hijacking, with many systems still unpatched β CitrixBleed 2 Warning
- Gigabyte motherboards vulnerable to UEFI firmware flaws enabling bootkit malware to bypass Secure Boot and persist undetected β Gigabyte UEFI Flaws
- A critical train brake control vulnerability posing derailment risks gains proper attention after 20 years, revealed by CISA β Train Control Flaw
- Exposed Git repositories continue to leak sensitive data, posing severe risks for unauthorized access and compliance failures β Git Repo Risks
- The UKβs NCSC launches the Vulnerability Research Initiative to collaborate with external experts for faster vulnerability discovery and mitigation β UK Vulnerability Program
Law Enforcement & Legal Actions
- Thirteen suspects arrested in Romania for a large phishing-driven UK tax fraud scheme involving stolen personal data and cross-border police cooperation β Romania Tax Fraud Arrests
- The FBI seized major piracy domains including NSW2U and PS4PKG, disrupting game piracy that caused estimated losses of $170 million globally β FBI Piracy Seizure, Piracy Sites Takedown
- A Maryland federal IT contractor, Hill ASC Inc., agreed to pay a $14.75 million fine for cyber fraud and false claims related to federal contracts, highlighting government scrutiny β Federal Contractor Fine, Cyber Fraud Settlement
- The top dark web marketplace Abacus Market reportedly shuttered in an exit scam following vendor withdrawal issues amid law enforcement pressure β Abacus Market Exit
Industry & Innovation
- The upcoming Cloud & Data Security Summit 2025 will address AI threats and securing exposed cloud attack surfaces with expert-led sessions β Cloud Security Summit
- Zip Security raised $13.5 million in Series A funding to grow its cybersecurity automation platform for mid-market and SME organizations β Zip Security Funding
- MITRE unveiled the AADAPT framework to address and mitigate cryptocurrency threats with guidance for secure digital asset payment systems β MITRE AADAPT Framework
Disinformation & Influence Operations
- A Russia-linked group Storm-1516 is spoofing European journalists to spread disinformation and fake news across multiple countries, targeting political stability β Storm-1516 Disinfo