Summary: Recent cyber activity highlights the subtle ways attackers gain access to systems, often exploiting overlooked vulnerabilities and misconfigurations. Major findings include active exploitation of a Windows flaw and a phishing campaign targeting crypto developers. Organizations need to be vigilant against these evolving threats and ensure prompt patching of vulnerabilities.
Affected: Various organizations and systems, including Microsoft Windows, Apple iOS, and cryptocurrency developers.
Keypoints :
- A newly patched Windows NTLM flaw is actively exploited, allowing attackers to leak user passwords.
- North Korea targets crypto developers with malware disguised as Python coding challenges.
- China’s Mustang Panda and Russian APT29 continue to evolve their tactics against specific regions and sectors.
- Security flaws in Apple’s iOS have been weaponized, highlighting the sophistication of targeted attacks.
- Google improves user privacy in Chrome by enhancing the management of the “:visited” CSS attribute.
- A significant number of mobile apps fail basic security measures, exposing sensitive data.
- Cybercriminals are shifting towards exploiting NTLM relay attacks to compromise account security.
Source: https://thehackernews.com/2025/04/thn-weekly-recap-ios-zero-days-4chan.html