Listen to this Post
Introduction
The world of cybersecurity is ever-evolving, and May 2025 is already shaping up to be one of the most intense periods in recent memory. In this week’s SecurityAffairs international roundup, we dive into some of the most alarming developments globally — from crypto crimes and ransomware takedowns to espionage and critical infrastructure threats. Whether you’re a cybersecurity professional, a journalist, or simply curious about digital threats, this summary provides a comprehensive snapshot of the most pressing cyber issues worldwide.
This Week’s Cybersecurity Roundup
The latest SecurityAffairs newsletter provides a powerful overview of recent cybercrime cases, law enforcement actions, malware outbreaks, and national security developments.
The crypto-swapping platform eXch has been taken down, hinting at increased pressure on cryptocurrency-related crimes.
Moldovan police made headlines by arresting a suspect tied to a €4.5 million ransomware attack on a Dutch research center.
The Interlock ransomware strain is evolving stealthily, posing serious risks to the Defense Industrial Base (DIB) supply chain.
A dark web marketplace admin was extradited from Kosovo to the U.S., demonstrating ongoing international cooperation against cybercrime.
In a dramatic twist, Coinbase refused to pay a \$20M ransom after rogue insiders were bribed to leak customer data — an inside threat scenario becoming more common.
UNC3944, a cybercrime gang, was the focus of new frontline hardening guidance, highlighting defense techniques against advanced persistent threats (APTs).
Senior U.S. officials were impersonated in a phishing campaign, showing a trend in politically motivated cyber intrusions.
Malware threats surged this week:
PupkinStealer, a .NET-based info-stealer, is gaining momentum.
HTTPBot, a new botnet family, is expanding fast and poses a significant risk to Windows systems.
Interlock ransomware is getting more complex and avoiding detection.
Shockingly, Procolored, a printer brand, distributed malware-laced drivers for months, targeting unsuspecting users.
Fileless malware attacks via PowerShell-based loaders are spreading the Remcos RAT, a persistent remote access trojan.
Hacking news revealed:
A one-click remote code execution (RCE) flaw was found in ASUS’s preinstalled driver software.
The identities of some of the world’s most dangerous hackers were unmasked in a breakthrough investigation.
Espionage and intelligence updates:
A group called Marbled Dust exploited a zero-day in Output Messenger for targeted regional surveillance.
ReliaQuest uncovered a critical vulnerability in SAP NetWeaver, potentially impacting enterprise systems.
Military-grade tech, such as machine vision and robot soldiers, is transforming warfare.
Hidden Chinese kill switches were found in U.S. solar farms — a chilling sign of embedded espionage.
Cybersecurity policies and legal updates:
Google will pay \$1.4 billion to Texas in a major privacy lawsuit.
May’s Security Update Review rolled out critical patches.
Nova Scotia Power confirmed a data breach involving customer information.
A quick-thinking Co-op team cut off their own systems to prevent a wider cyber attack.
A staggering AI-powered phishing attack trend is emerging — a new threat is detected every 42 seconds.
Japan passed a new Active Cyberdefense Law, allowing for offensive cyber ops — a rare move signaling a shift in global cyber policy.
What Undercode Say:
This week’s developments reflect the growing sophistication and geopolitical reach of cyber threats. Let’s break down some of the key takeaways and what they mean for the broader digital security ecosystem.
The crackdown on crypto-enabled crime is gaining traction. From the shutdown of eXch to Coinbase’s bold move against extortion, it’s clear law enforcement and major platforms are less willing to bow to ransom demands. This also speaks to maturing internal controls in high-risk sectors like crypto.
Ransomware gangs are not just targeting hospitals and schools anymore—they’re now hitting research institutions and defense contractors. The Interlock ransomware’s stealth upgrades mean organizations must evolve beyond signature-based detection methods.
Insider threats are on the rise, as the Coinbase case reveals. Human factors remain one of the weakest links in the security chain, and robust internal monitoring is more important than ever.
The ASUS RCE vulnerability and malware-laced printer drivers demonstrate how even trusted vendors can be entry points for attackers. This reinforces the need for regular third-party audits and software supply chain scrutiny.
On a larger scale, cyber espionage operations are evolving with AI, neural networks, and embedded hardware backdoors. The discovery of Chinese kill switches in U.S. infrastructure isn’t just a red flag—it’s a siren. Countries must now consider cybersecurity not only a national defense issue but a critical infrastructure matter.
Japan’s new active cyberdefense law could set a precedent. This aggressive stance marks a philosophical shift toward cyber offense as defense, reflecting the urgency of countering increasingly bold and state-sponsored threats.
In short, the battlefield is digital, and both governments and corporations must act with urgency. Prevention is no longer enough — resilience and rapid response are now critical.
🕵️ Fact Checker Results:
✅ Coinbase confirmed its refusal to pay a \$20M ransom and exposed insider bribery.
✅ The Moldovan Police did arrest a suspect involved in a ransomware attack on a Dutch agency.
✅ Malware-laced printer drivers from Procolored were available for months, verified by malware analysts.
🔮 Prediction:
Expect more legislative moves toward cyber offense, especially in countries feeling the heat of foreign digital espionage.
We’ll likely see a surge in AI-enhanced phishing kits, making traditional detection methods obsolete.
By Q3 2025, supply chain attacks via trusted vendors will become one of the top 3 global cyber threats.
References:
Reported By: securityaffairs.com
Extra Source Hub:
https://www.facebook.com
Wikipedia
Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
