Lumma Stealer toppled by globally coordinated takedown
Lumma Stealer, a widely used infostealer malware linked to cybercrime sprees and multiple high-profile attacks, was dismantled through a coordinated global operation meant to seize its core infrastructure. The infostealer's central command, malicious domains and marketplaces where the tool was sold to other cybercriminals have been seized or suspended, Steven Masada, assistant general counsel at Microsoft's Digital Crimes Unit, said in a blog post. READ MORE...
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
Marlboro-Chesterfield Pathology (MCP), a full service anatomic pathology lab in North Carolina, was recently targeted in a ransomware attack that resulted in many personal information records getting stolen. In a data breach notice published on its website, Marlboro-Chesterfield Pathology said it discovered unauthorized activity on some internal IT systems on January 16, 2025. An investigation revealed that the hackers had stolen some files. READ MORE...
Russia's Fancy Bear swipes a paw at logistics, transport orgs' email servers
Russian cyberspies have targeted "dozens" of Western and NATO-country logistics providers, tech companies, and government orgs providing transport and foreign assistance to Ukraine, according to a joint government announcement issued Wednesday. The orgs they attacked span "virtually all transportation modes: air, sea, and rail," the security advisory [PDF] warns. And it points the finger at the Russian General Staff Main Intelligence Directorate military unit 26165, aka APT28 or Fancy Bear. READ MORE...
Signal blocks Microsoft Recall from screenshotting conversations
Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening in the app. The new "Screen security" setting is enabled by default and can be easily disabled through privacy settings. Crucially, though, it's difficult to disable it by mistake. The warning doesn't mention the controversial Microsoft (Windows) Recall feature, which was first unveiled for testing in May 2024. READ MORE...
GitLab, Atlassian Patch High-Severity Vulnerabilities
GitLab and Atlassian this week announced the release of patches for over a dozen vulnerabilities across their product portfolios, including multiple high-severity bugs. On Tuesday, Atlassian published eight advisories detailing six high-severity flaws. All security defects were identified in third-party dependencies used by these products. Their exploitation could allow attackers to cause denial of service (DoS) conditions or elevate their privileges on a vulnerable system. READ MORE...
Unimicron, Presto Attacks Mark Industrial Ransomware Surge
Attacks on major organizations such as Unimicron, the South African Weather Service (SAWS), National Presto Industries, and Lee Enterprises signaled a surge in ransomware across critical infrastructure sectors in the first quarter of 2025 - a trend that was exacerbated by a growth in the variety and sophistication of the tactics used. That's according to security vendor Dragos, which noted in a report that ransomware is particularly rampant in the industrial and manufacturing sectors. READ MORE...
Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs
A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute remote scripts secretly. The extensions offer some of the promised functionality, but also connect to the threat actor's infrastructure to steal user information or receive commands to execute. READ MORE...
3AM ransomware uses spoofed IT calls, email bombing to breach networks
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. This tactic was previously linked to the Black Basta ransomware gang and later observed in FIN7 attacks, but its effectiveness has driven a wider adoption. Sophos reports seeing at least 55 attacks leveraging this technique between November 2024 and January 2025. READ MORE...
- ...in 1939, Italy and Germany sign the Pact of Steel, giving formal birth to WWII's Axis powers.
- ...in 1977, Janet Guthrie becomes the first female driver to qualify for the Indianapolis 500.
- ...in 1982, 8-time Olympic medalist speed skater Apolo Anton Ohno is born in Seattle, WA.
- ...in 2003, golfer Annika Sorenstam becomes the first woman to play in a PGA tour event since Babe Didrikson 58 years earlier.
