This cybersecurity roundup highlights recent incidents including the Yanluowang ransomware groupβs activities and a significant Windows Kerberos vulnerability. Key developments include targeted ransomware attacks, critical software patches, and innovative bug bounty programs. #Yanluowang #Pwn2Own #CVE-2025-60704
Keypoints
- A Russian man has pleaded guilty to involvement with the Yanluowang ransomware group, which extorted $1.5 million in total ransom payments.
- Asahi Brewerβs supply chain was severely impacted by a ransomware attack, leading to a shift to manual operations and reduced beer shipments.
- Synology and QNAP issued patches to fix vulnerabilities demonstrated at the Pwn2Own Ireland 2025 hacking competition.
- Amazon has launched a private AI bug bounty program to identify and resolve security flaws in its foundation models.
- A new Windows Kerberos delegation vulnerability (CVE-2025-60704) allows attackers with initial access to hijack full domain control.