• Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
• TikTok videos + ClickFix tactic = Malware infection
• DanaBot botnet disrupted, QakBot leader indicted
• Law Enforcement Busts Initial Access Malware Used to Launch Ransomware
• Global Dark Web Sting Sees 270 Arrested
• DragonForce Engages in "Turf War" for Ransomware Dominance
• Is privacy becoming a luxury? A candid look at consumer data use
• Outsourcing cybersecurity: How SMBs can make smart moves
• Digital trust is cracking under the pressure of deepfakes, cybercrime
• Shift left strategy creates heavy burden for developers
• New infosec products of the week: May 23, 2025
• AI-Generated TikTok Videos Used to Distribute Infostealer Malware
• Unpatched Windows Server vulnerability allows full domain compromise
• Kettering Health Cyber-Attack Disrupts Services
• Coinbase Breach Affected Almost 70,000 Customers
• Critical Vulnerabilities Found in Versa Networks SD-WAN/SASE Platform
• Sensitive Personal Data Stolen in West Lothian Ransomware Attack
• Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
• Western Logistics and Tech Firms Targeted by Russia’s APT28
• #Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill
• Cybercriminals Mimic Kling AI to Distribute Infostealer Malware

CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that has been exploiting zero-days in edge network appliances since at least 2023, EcleticIQ researchers have shared. Among the entities targeted in this campaign were: a local government authority and healthcare organizations in the UK; a research institute, …