Weekly Cyber Update – May 19–25, 2025: Ransomware Takedowns, Malware Scams & Supply Chain Risks
This week’s update covers May 19–25, 2025, with 20 key cybersecurity stories. For everyone, we’ve got ransomware busts, TikTok scams, and easy safety tips. For pros, explore supply chain attacks, zero-days, and botnet disruptions with technical insights. Plus, tools and questions to spark discussion—let’s jump in!
Cybersecurity for Everyone
Your digital world’s under fire this week! Global ransomware gets crushed, fake TikTok videos push malware, and Coinbase leaks hit thousands. Protect yourself with our simple, actionable advice.
Top Stories
1. Global Ransomware Cracked by Operation ENDGAME 
- Summary: Police shut down 300 servers and grabbed €21.2 million in crypto, smashing ransomware networks worldwide.
- Why it matters: Ransomware locks your files for cash. Back up your stuff and skip shady links to stay safe.
Read more
2. TikTok Videos Trick Users into Malware Downloads 
- Summary: Scammers use TikTok to push fake AI video tools that install data-stealing malware.
- Why it matters: Clicking random links can ruin your device. Stick to trusted sites and double-check before downloading.
Read more
3. Fake VPNs and Browser Apps Spread Malware 
- Summary: Bogus installers for tools like LetsVPN drop Winos 4.0 malware to steal your info.
- Why it matters: Only get apps from official stores—fake ones can swipe your passwords or bank details.
Read more
4. Coinbase Breach Leaks 69,461 Users’ Data 
- Summary: Rogue staff sold customer info; hackers demanded $20 million to keep it quiet.
- Why it matters: If you use Coinbase, watch for weird account activity and beef up your password game.
Read more
5. AI Voice Scams Target Ex-Government Workers 
- Summary: The Federal Bureau of Investigation (FBI) warns scammers use AI voices to trick former staff into sharing info.
- Why it matters: Don’t trust unexpected calls—verify who’s on the line before spilling anything personal.
Read more
6. Lumma Stealer Operation Busted, 2,300 Domains Down 
- Summary: Cops seized domains behind Lumma Stealer, a malware nabbing passwords and more.
- Why it matters: Strong, unique passwords and two-factor authentication keep thieves out of your accounts.
Read more
7. Fake Chrome Extensions Steal Data, Push Ads 
- Summary: Over 100 shady Chrome add-ons mimic legit tools to grab data and spam ads.
- Why it matters: Check your extensions—only install from trusted sources to avoid trouble.
Read more
8. Signal Stops Windows Recall from Snooping Chats 
- Summary: Signal’s update blocks Windows Recall from screenshotting your private messages.
- Why it matters: Use apps with solid privacy settings to keep your chats yours alone.
Read more
9. Oversharing Online Puts You at Risk 
- Summary: Posting too much on social media makes you a scam or theft target.
- Why it matters: Lock down your privacy settings and share less to stay off crooks’ radar.
Read more
10. Phone Theft Spikes: Protect Your Device 
- Summary: Thieves snag phones—even locked ones—for parts, and it’s getting worse.
- Why it matters: Use a tough passcode and tracking features to keep your phone secure.
Read more
Pro Insights: Advanced Cyber Threats (Advanced)
Tech pros, it’s a wild week! Supply chain flaws, zero-days, and botnets target logistics, governments, and drones. Dig into the details and level up your defenses.
Top Technical Updates
1. Chinese Solar Devices Hide Shutdown Risk 
- Summary: Cellular radios in Chinese-made solar inverters could let attackers remotely crash power grids.
- Why it matters: Supply chain backdoors are sneaky—audit hardware to catch hidden threats.
Read more
2. ViciousTrap Turns 5,300 Devices into Honeypot 
- Summary: A Cisco flaw (CVE-2023-20118) helped ViciousTrap build a global honeypot network.
- Why it matters: Patch edge devices fast—unfixed flaws can turn your gear into bait.
Read more
3. DanaBot Botnet Smashed, 16 Charged 
- Summary: Law enforcement took down DanaBot, a 300,000-device botnet causing $50 million in damage.
- Why it matters: Botnets fuel DDoS and theft—secure networks and monitor traffic spikes.
Read more
4. Chinese Hackers Hit U.S. Governments via Cityworks 
- Summary: A Trimble Cityworks zero-day (CVE-2025-0994) let hackers drop Cobalt Strike and VShell.
- Why it matters: Zero-days (new flaws hackers exploit) need quick patches and active monitoring.
Read more
5. Ivanti Flaws Fuel Chinese Espionage 
- Summary: Chinese hackers chained Ivanti bugs (CVE-2025-4427/4428) to breach critical sectors.
- Why it matters: Update software and add multi-factor authentication to block these chains.
Read more
6. Versa Concerto Bugs Risk Host Takeover 
- Summary: Unpatched flaws in Versa Concerto allow authentication bypass and remote code execution (RCE).
- Why it matters: Secure containers and watch for odd access to stop escalation.
Read more
7. GitLab Duo Flaw Exposes Code to Attackers 
- Summary: A prompt injection bug in GitLab Duo let attackers steal code via AI responses.
- Why it matters: Lock down AI tools—monitor outputs to prevent leaks or malware.
Read more
8. HTTPBot Slams Gaming and Tech with DDoS 
- Summary: HTTPBot botnet launched DDoS attacks on China’s gaming and tech industries.
- Why it matters: Boost DDoS protection—watch for traffic anomalies to stay online.
Read more
9. Dynamic DNS Hides Malicious Sites 
- Summary: Attackers use dynamic DNS to dodge blacklists and host phishing or malware pages.
- Why it matters: Threat intel helps—block sketchy domains before they hit users.
Read more
10. Earth Ammit Targets Drone Makers 
- Summary: China-linked Earth Ammit hit drone supply chains via software flaws.
- Why it matters: Patch fast and vet vendors—supply chain attacks are relentless.
Read more
Takeaway
Ransomware, scams, and supply chain threats are surging—don’t get caught off guard!
Use strong passwords and two-factor authentication everywhere.
Stick to official app stores and trusted downloads.
Double-check calls, links, and emails to dodge fakes.
Tools of the Week
- Have I Been Pwned (Everyone) — See if your email or phone’s been leaked in a breach.
- Nmap (Pros) — Scan networks for devices and vulnerabilities.
Community Questions
- Everyone: Spotted any fishy TikTok links or scam calls lately? What’s your go-to safety trick?
- Pros: How do you tackle supply chain risks like those Chinese solar devices? Share your approach!
Stay Connected and Secure
Craving more? Join the Crushing Security newsletter for fresh news and tips: Sign up here.
Drop your thoughts below—let’s keep the chat going!
Suggestions
Got ideas to tweak these updates? Comment below, hit the feedback page, or ping Steve.