![Cybersecurity News | Daily Recap [27 May 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [27 May 2025]")
Cybersecurity recap highlights attacks involving DragonForce ransomware exploiting SimpleHelp vulnerabilities and the silent activities of the Silent Ransom Group targeting US law firms. It also covers Russian-affiliated groups like Void Blizzard and Laundry Bear breaching organizations and the exposure of open-source supply chain threats through malicious npm packages. #DragonForce #SilentRansomGroup #VoidBlizzard #LaundryBear #NPM
Ransomware & Extortion Attacks
- A DragonForce ransomware campaign exploited SimpleHelp vulnerabilities in MSP environments for double extortion attacks, with some defenses successfully blocking intrusions. β DragonForce Ransomware, DragonForce MSP Attack
- The FBI alerts US law firms of the stealthy Silent Ransom Group using social engineering calls and remote access tools to steal data and demand ransoms. β Silent Ransom Group, Luna Moth Phishing
- MathWorks confirmed a ransomware attack that disrupted online services globally, though the ransomware group remains unidentified. β MathWorks Ransomware
Russian State-Linked Espionage
- The Russia-affiliated groups Void Blizzard and Laundry Bear have been caught buying stolen passwords and breaching multiple NATO, Ukrainian, and European organizations using phishing and credential theft techniques. β Russian Hackers Passwords, Void Blizzard NGO Attacks, Laundry Bear Dutch Police
- TAG-110, a Russia-linked threat actor, targets Tajikistanβs government with weaponized Word documents in spear-phishing campaigns focused on regional cyber espionage. β TAG-110 Spear-Phishing
Open-Source Supply Chain & Developer Threats
- Over 130 malicious npm and VS Code packages have been uncovered stealing data and crypto assets via supply chain attacks, targeting developers across platforms. β Malicious npm Packages, NPM Data Theft Campaign
- A critical GitHub MCP server flaw exposes private repositories through malicious issues, emphasizing risks in coding integrations. β GitHub MCP Flaw
- Hudson Rockβs Enki AI agent simplifies infostealer malware analysis, offering faster, actionable intelligence for security teams. β Enki AI for Infostealers
Vulnerabilities & Patches
- An emergency Windows Server update fixes Hyper-V VM freezing and restart issues affecting Azure confidential VMs, requiring manual installation. β Hyper-V Fix
- A critical Arm Mali GPU vulnerability (CVE-2025-0072) allows bypass of memory tagging extensions and arbitrary kernel code execution on Pixel 7, 8, and 9 devices. β Arm Mali Vulnerability
- An unauthenticated remote code execution flaw was patched in MeteoBridge firmware, discovered via static code analysis. β MeteoBridge RCE
- An Oracle TNS protocol vulnerability exposing system memory was fixed, stressing the need for timely updates in database systems. β Oracle TNS Flaw
- D-Link DIR-605L and DIR-816L routers have a hardcoded Telnet credential vulnerability (CVE-2025-46176), currently unpatched and enabling remote command execution. β D-Link Telnet Flaw
- Critical HTTP/2 vulnerabilities let attackers bypass Same-Origin Policy and launch arbitrary cross-site scripting attacks on major browsers and websites. β HTTP/2 XSS Flaw
Cybersecurity Trends & Analysis
- Over 40,000 CVEs were disclosed in 2024, but focusing on exploitable vulnerabilities through exposure validation improves prioritization over traditional scoring systems. β Focus on Exploitable CVEs
- AI-driven growth in non-human identities raises security risks; strong governance and secrets management are critical to prevent leaks and abuse. β AI & Non-Human IDs
- A new SEO poisoning campaign tricks employees searching payroll portals into sending paychecks to hackers using fake login sites, proxy botnets, and residential IPs to evade detection. β Payroll SEO Poisoning
- The SilverRAT remote access Trojan source code leak on GitHub exposes malware capabilities, escalating risks of misuse by cybercriminals. β SilverRAT Source Leak