Sixty-four South Koreans were repatriated from Cambodia and are now under investigation for alleged involvement in large-scale online scam networks. Their return follows a scandal involving a student’s death, prompting Seoul to launch a crackdown on illicit recruitment and fraud operations.
Garden, a fast BTC bridge, was drained for roughly $11 million days after AML concerns surfaced about flows tied to prior thefts. Consequently, exchanges, market makers, and bridge integrators should validate exposure, add watchlists for tainted flows, and harden solver, deployer, and validator controls before operations resume.
GrayBravo’s modular loader, CastleLoader, now powers four distinct threat clusters targeting logistics, travel, and enterprise users a clear sign of rapid MaaS expansion and rising risk for global organizations.
APT37 used stolen Google credentials to access Find Hub, check Android device locations, and trigger remote factory resets. The tactic lives in the cloud, not on the handset, so identity controls matter most. Enforce phishing-resistant MFA, restrict console actions, and rehearse rapid re-enrollment.
China’s Ministry of State Security alleges that the U.S. National Security Agency breached its National Time Service Centre over multiple years. The event signals new exposure for timing infrastructure and escalates global cyber conflict.
A phishing vulnerability in vLex’s Vincent.ai exposed lawyers and law firms to AI-driven cyberattacks. Attackers manipulated the legal research tool to embed malicious links into AI-generated responses, creating a new avenue for targeted phishing in the legal sector.
CISA and NSA published a focused plan to harden Microsoft Exchange. Enforce modern authentication, cut exposure, enable Extended Protection, and lock down TLS to stop real-world attacks.
Huawei confirmed a data breach stemming from a compromised vendor system, exposing partner and employee records. Security experts warn of new supply-chain risks.
CISA has listed CVE-2025-4008, a remote code execution bug in MeteoBridge devices, signaling active exploitation and urging immediate patching.
A breakthrough hardware-based technique intercepts TPM communications over the SPI bus to unlock BitLocker volumes protected by TPM + PIN. This article analyses the method and its implications for enterprise encryption strategies.