![Cybersecurity News | Daily Recap [31 May 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [31 May 2025]")
Recent cybersecurity updates include Linux core dump flaws enabling local password hash theft and law enforcement seizing domains supporting malware evasion tools. Major threat actor activity includes Conti and TrickBot gang revelations, regional social engineering campaigns by Bitter APT, and high-profile breaches like TikTok user data sale claims. #LinuxVulnerabilities #Conti #BitterAPT #TikTokData breach
Linux Vulnerabilities
- Two race condition flaws in Linux core dump handlers (apport and systemd-coredump) across multiple distributions enable local attackers to steal password hashes β Linux Flaws
Law Enforcement Actions
- The U.S. DOJ and international partners seized 4 domains supporting cybercrime crypting services like AvCheck, disrupting malware evasion tools β Domain Seizures, AvCheck Takedown
Ransomware & Threat Actors
- Germany disclosed Vitaly Kovalev as leader of the Conti and TrickBot gangs responsible for widespread infections, though he remains at large in Russia β Conti Ringleader
- The Bitter APT group targeted Pakistanβs telecom sector with spear phishing and a WmRAT malware amid regional tensions β Bitter APT Attack
- Sens. urge U.S. DHS to reinstate the Cyber Safety Review Board vital for investigating major incidents like Salt Typhoon, especially against China-linked cyber threats to U.S. telecom β CSRB Reinstate
- A U.S. military IT specialist was arrested for allegedly attempting to leak classified data to a foreign government, highlighting ongoing insider threats β Insider Arrest
Malware & Exploits
- Hackers used Gh0st RAT and T-Rex CoinMiner to hijack management software in South Korean internet cafΓ©s for crypto mining, linked to sophisticated China-related threat actors β Gh0st RAT Mining
- Critical vBulletin forum software flaws (CVE-2025-48827, CVE-2025-48828) are being actively exploited for remote code execution on PHP 8.1+, urging urgent patching to version 6.1.1 β vBulletin Exploits
- A threat actor named Often9 claims to have breached TikTok, putting 428 million user records for sale, though data authenticity remains questionable β TikTok Breach
Healthcare Security
- Cyberattack on three hospitals run by Covenant Health in Maine and New Hampshire forced service limits and system shutdowns amid rising healthcare-targeted incidents, possibly related to BlackBasta ransomware β Hospital Cyberattack
Industry Insights
- Report from 500 CISOs highlights that exposure management must prioritize high-risk web-facing assets and address significant API security gaps to better mitigate threats β Exposure Management
Microsoft Updates
- Microsoft is testing Markdown-style text formatting in the Windows 11 Notepad app, complementing new features like dark mode, tabs, spell check, and AI enhancements β Notepad Formatting