Latest Security News Collection
01
Sophisticated Cyberattack Costs German Firms Six-Figure Sum
#CyberSecurity #EmailFraud #ManInTheMiddleAttack #BusinessRisk #DigitalThreats #InvoiceScam #BavariaNews #CorporateSecurity #CyberCrimeAlert #FinancialFraud
Two companies in the Bavarian districts of Passau and Rosenheim have fallen victim to a highly sophisticated cyberattack, resulting in financial losses exceeding six figures. Criminals intercepted email correspondence between the firms and manipulated invoice details by altering bank account information. The funds were then transferred to an account controlled by the perpetrators.
According to police, this was a classic “man-in-the-middle” attack, where hackers infiltrate ongoing email threads and impersonate one of the parties involved. In some cases, they used the original sender’s email address; in others, they created nearly identical addresses with subtle changes, such as swapped letters. Authorities are urging businesses to remain vigilant and verify payment details through secure channels before transferring funds.
→ Read more on security-insider.de
02
US-Registered Firm at Centre of $8.4 Billion Chinese Crypto Crime Network
#CryptoCrime #MoneyLaundering #XinbiGuarantee #TelegramScams #CyberSecurity #NorthKoreanHackers #FinancialCrime #EllipticResearch #USCompanyAbuse #DigitalUnderworld #cybercrime
A Colorado-registered company named Xinbi Guarantee has been exposed as a major hub for Chinese-speaking crypto scammers, facilitating over $8.4 billion in illicit transactions via Telegram before being shut down. According to research by crypto-tracing firm Elliptic, the platform offered services ranging from money laundering for North Korean hackers to harassment-for-hire and even suspected sex trafficking. Despite its operations being rooted in Chinese-language cybercrime, Xinbi Guarantee openly advertised its US registration.
This revelation follows a similar case involving Huione Guarantee, a Cambodia-based platform linked to $24 billion in crypto scams. The US Treasury has since labelled Huione’s parent company a known money laundering operation. These findings highlight the alarming scale and global reach of crypto-related cybercrime, and the ease with which such operations can exploit legal loopholes across jurisdictions.
→ Read more on wired.com
03
FBI Alerts Public to AI Voice Scams Impersonating Senior US Officials
#AIVoiceScams #FBIWarning #CyberSecurity #VoiceCloning #Smishing #Vishing #SocialEngineering #AIThreats #DigitalDeception #OnlineFraud #cybercrime
The FBI has issued a stark warning about a surge in AI-powered scams that use voice cloning and deceptive text messages to impersonate senior US government officials. Since April 2025, cybercriminals have been deploying “vishing” (voice phishing) and “smishing” (SMS phishing) tactics to trick victims into revealing sensitive information or clicking malicious links.
These AI-generated voice memos are alarmingly realistic, making it easier for attackers to build trust and manipulate targets. Once contact is established, victims are often redirected to fake secure platforms designed to steal credentials or install malware. The FBI warns that a single compromised account can trigger a chain reaction, enabling attackers to impersonate others and expand their reach. With a 442% rise in AI voice cloning incidents reported in late 2024, the threat is escalating rapidly. The public is urged to remain sceptical of unsolicited messages, even those appearing to come from trusted officials.
→ Read more on hackread.com
04
Critical SAP NetWeaver Flaw Exploited by Ransomware and State-Backed Hackers
#SAPNetWeaver #CyberSecurity #Ransomware #CVE202531324 #PatchNow #VulnerabilityAlert #ChineseHackers #CISA #WebShell #EnterpriseSecurity #cybercrime
A severe vulnerability in SAP’s NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by ransomware groups such as BianLian and RansomwEXX, as well as the Chinese state-linked actor Chaya_004. The flaw, rated 10.0 on the CVSS scale, allows unauthenticated attackers to upload malicious files via the Metadata Uploader component. First detected in April 2025, the vulnerability was quickly patched by SAP, but over 400 servers remain exposed online.
Security firms including Onapsis and WatchTowr have confirmed in-the-wild exploitation, with attackers deploying web shell backdoors on unpatched systems. The US Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its Known Exploited Vulnerabilities list. A related vulnerability, CVE-2025-42999, was also disclosed by SAP in May. These developments underscore the urgent need for organisations using SAP NetWeaver to apply patches and monitor for compromise indicators.
→ Read more on infosecurity-magazine.com
05
Adidas and Dior Confirm Customer Data Breaches Amid Rising Cyber Threats
#DataBreach #AdidasHack #DiorCyberAttack #CustomerPrivacy #CyberSecurity #IdentityTheft #PhishingRisk #DigitalThreats #PrivacyProtection #CyberAwareness
Adidas and Dior have both confirmed recent cyberattacks that compromised customer data. Adidas Korea has begun notifying affected individuals, revealing that attackers accessed personal information submitted to its customer centre in 2024 and earlier. The exposed data includes names, email addresses, phone numbers, and dates of birth—though no financial details were compromised. Similarly, Dior acknowledged that an unauthorised party accessed customer data, with its Korean branch confirming the breach occurred on 7 May.
While Dior also stated that no payment information was leaked, the incidents highlight the growing risk of identity theft and phishing attacks stemming from such breaches. Cybersecurity experts warn that attackers may exploit stolen data to impersonate trusted entities and extract further sensitive information. These high-profile breaches underscore the persistent threat of cybercrime in the digital age and the importance of robust data protection measures.
→ Read more on cybernews.com
06
Procolored Unknowingly Distributed Malware for Six Months via Official Website
#CyberSecurity #ProcoloredBreach #MalwareAlert #USBThreat #CryptoMalware #BackdoorAccess #SecurityNegligence #GDATA #SoftwareSupplyChain #DigitalSafety #CyberCrime
Printer manufacturer Procolored has admitted to unknowingly distributing malware through its official website for over six months. The issue came to light when a YouTuber from the channel Serial Hobbyism discovered malware on a USB stick bundled with a Procolored printer. Despite early customer warnings, the company initially dismissed the alerts as false positives. However, cybersecurity experts from G DATA CyberDefense later confirmed the presence of two serious threats: a backdoor enabling remote access and malware targeting cryptocurrency theft. The infection likely originated from a compromised USB stick used to upload the software to Procolored’s download portal.
Only after pressure from security professionals did the company remove the infected files. Experts have rejected Procolored’s suggestion that the Chinese language of the software caused false alarms, calling for greater vigilance in software distribution practices.
→ Read more on it-daily.net
07
Concerns Mount as English Hospitals Question Palantir’s NHS Data Platform
#CyberSecurity #NHSDataPlatform #PalantirFDP #DigitalHealth #HospitalIT #HealthTech #NHSConcerns #DataStrategy #HealthcareInnovation #TrustVsNational #PatientCare #CyberCrime
Several NHS trusts in England are expressing doubts about the utility of Palantir’s £330 million Federated Data Platform (FDP), with some warning it could reduce rather than enhance existing functionality. A letter from Leeds Teaching Hospitals Trust, which oversees seven hospitals, stated that adopting FDP would result in a loss of capabilities in areas like outpatient care coordination and discharge planning. Other trusts, including those in Greater Manchester and Berkshire, echoed similar concerns, noting that Palantir’s offerings do not surpass their current local systems.
Despite NHS England’s claim that over 120 trusts have signed up, fewer than a quarter were actively using the platform by the end of 2024. The rollout has sparked debate over the platform’s readiness and relevance, especially as some features remain under development. The situation highlights tensions between national digital strategies and local operational needs within the NHS.
→ Read more on theregister.com
08
Critical SonicWall SMA1000 Flaw Allows Remote Connection Manipulation
#CyberSecurity #SonicWall #CVE202540595 #RemoteAccess #SSRF #PatchNow #NetworkSecurity #ZeroTrust #ITAdminAlert #VulnerabilityDisclosurel #cybercrime
A serious vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 series has been identified, allowing attackers to redirect connection requests through a server-side request forgery (SSRF) attack. Tracked as CVE-2025-40595 and rated “high” in severity, the flaw enables unauthenticated remote attackers to reroute traffic to malicious servers. This poses a significant risk, especially for organisations relying on SMA1000 for secure remote access. Although no active exploitation has been reported yet, experts warn that the potential impact is considerable.
SonicWall has released a patch (version 12.4.3-02963) to address the issue and urges administrators to update immediately. The vulnerability stems from the Appliance Work-Place Interface, and its exploitation could lead to unauthorised access or data interception. Early customer warnings were initially dismissed, but external cybersecurity experts confirmed the threat, prompting SonicWall to act.
→ Read more on heise.de
09
Japan Approves Offensive Cyber Law to Counter Rising Digital Threats
#JapanCyberLaw #ActiveCyberdefence #CyberSecurity #DigitalDefence #PreemptiveCyberOps #NationalSecurity #CyberThreats #StateSponsoredAttacks #CyberLegislation #JapanSecurityPolicy #cybercrime
Japan has enacted a groundbreaking Active Cyberdefense Law, granting authorities the power to launch preemptive cyber operations against potential threats. The legislation, first proposed in 2022, marks a significant shift from Japan’s traditionally defensive cyber posture, aligning its capabilities with major Western powers. Under the new law, law enforcement can infiltrate and neutralise hostile servers before attacks occur, even if the activity falls below the threshold of an armed assault. The Self-Defence Forces will handle more complex cyber incidents. This move follows a surge in cyberattacks, including a major breach by suspected Chinese hackers in 2023 and a $2 billion stock market fraud disclosed last week. The law reflects Japan’s growing urgency to protect national infrastructure amid escalating state-sponsored and financially motivated cyber threats.
→ Read more on therecord.media
10
From 60 to 4,000: NATO’s Locked Shields Becomes World’s Largest Cyber Defence Exercise
#LockedShields2025 #CyberDefence #NATOExercise #CyberSecurity #QuantumComputing #AIInCyber #CriticalInfrastructure #MultinationalTeams #DigitalResilience #CyberWarfare #cybercrime
NATO’s Locked Shields 2025 has grown into the world’s most advanced cyber defence exercise, involving 4,000 experts from 41 nations. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, the event tested participants’ ability to defend critical infrastructure against over 8,000 simulated cyberattacks. What began in 2010 with just 60 participants from four countries now includes 17 multinational teams, 450 planners, and over 25 industry partners. This year’s edition introduced cloud-based infrastructure, quantum computing scenarios, and AI-driven narratives. Teams were challenged not only on technical defence but also on handling disinformation, legal dilemmas, and political pressure. Looking ahead, Locked Shields 2026 will expand its cloud capabilities and introduce new Critical Special Systems to further strengthen national cyber resilience.
→ Read more on securityweek.com
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.