IT Security Newsletter - 3/25/2025
Numotion Data Breach Impacts Nearly 500,000 People
Tennessee-based Numotion, which advertises itself as the largest provider of wheelchairs and other mobility solutions in the United States, has suffered a data breach impacting nearly 500,000 people. According to a data security notice posted on its website, Numotion (United Seating and Mobility) learned recently that some of its employees' email accounts were hacked into on several occasions between September 2, 2024, and November 18, 2024. READ MORE...
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish
Infosec veteran Troy Hunt of HaveIBeenPwned fame is notifying thousands of people after phishers scooped up his Mailchimp mailing list. He said the list comprises around 16,000 records and every active subscriber will be receiving a notification and apology email soon. Around half of these records pertain to individuals who had unsubscribed from the list. Hunt questioned why Mailchimp retained data on unsubscribed users and said he would investigate whether it was an issue on his end. READ MORE...
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
Cyber response firm Sygnia warns of a newly identified China-linked APT that relies on web shells for persistent access to telecommunications providers, for cyberespionage purposes. Tracked as Weaver Ant, the threat actor was uncovered during the investigation into the hacking of a telecom provider in Asia, after a compromised account that had been disabled during remediation was re-enabled from an internal server. READ MORE...
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors. The new ransomware operation was first documented by CYFIRMA late last week, while Check Point Research performed a more in-depth analysis. READ MORE...
"MyTerms" wants to become the new way we dictate our privacy on the web
Author, journalist, and long-time Internet freedom advocate Doc Searls wants us to stop asking for privacy from websites, services, and AI and start telling these things what we will and will not accept. Draft standard IEEE P7012, which Searls has nicknamed "MyTerms" (akin to "Wi-Fi"), is a Draft Standard for Machine Readable Personal Privacy Terms. Searls writes on his blog that MyTerms has been in the works since 2017, and a fully readable version should be ready later this year. READ MORE...
23andMe Bankruptcy Filing May Put Sensitive Data at Risk
Genetic testing company 23andMe quietly filed for bankruptcy over the weekend, and now security experts are worried about the fate of its highly sensitive genetic data, which could be weaponized by cyber adversaries if it falls into the wrong hands. The company, which had been struggling financially, released a press statement on March 23 announcing that it has started voluntary Chapter 11 proceedings in the US Bankruptcy Court for the Eastern District of Missouri. READ MORE...
Critical 'IngressNightmare' Vulns Imperil Kubernetes Environments
The maintainers of Kubernetes have released patches for four critical vulnerabilities in the Ingress NGINX Controller, affecting 6,500, or 41%, of all Internet-facing container orchestration clusters, including those used by several Fortune 500 companies. The vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands in affected environments and completely take over Kubernetes clusters, according to researchers at Wiz who discovered the flaws. READ MORE...
You know that generative AI browser assistant extension is probably beaming everything to the cloud, right?
Generative AI assistants packaged up as browser extensions harvest personal data with minimal safeguards, researchers warn. Some of these extensions may violate their own privacy commitments and potentially run afoul of US regulations, such as HIPAA and FERPA, by collecting and funneling away health and student data. What the academics found is not entirely surprising given the long history of privacy and security problems in the Chrome extension ecosystem. READ MORE...
Researchers raise alarm about critical Next.js vulnerability
Researchers warn that attackers could exploit a recently discovered critical vulnerability in the open-source JavaScript framework Next.js to bypass authorization in middleware and gain access to targeted systems. Vercel, the San Francisco-based company that created and maintains Next.js, released a patch for CVE-2025-29927 in Next.js 15.2.3 on March 18 and published a security advisory on March 21. Researchers Allam Rachid and Allam Yasser discovered the vulnerability. READ MORE...
- ...in 1655, Saturn's largest moon, Titan, is discovered by Dutch scientist Christiaan Huygens using only a 50 power refracting telescope of his own design.
- ...in 1807, British Parliament passes the Slave Trade Act, abolishing the slave trade in the British Empire.
- ...in 1969, John Lennon and Yoko Ono hold their first "Bed-In for Peace" at the Amsterdam Hilton, lasting for a full week.
- ...in 1995, computer programmer Ward Cunningham launches WikiWikiWeb, the world's first user-created "wiki" website community.