Cut through the noise and focus on what matters. Our editorial team has compiled the week’s most essential reads to help you stay competitive and informed:
Oops: DanaBot Malware Devs Infected Their Own PCs
Source: Krebs on Security
Date: 2025-05-22
The U. S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.
3AM ransomware attack poses as a call from IT support to compromise networks
Source: Graham Cluley
Date: 2025-05-23
Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Find out how they do it in my article on the Tripwire State of Security blog.
Sophos Firewall v21.5: Streamlined management
Source: Sophos News
Date: 2025-05-21
How to make the most of the new features in Sophos Firewall v21. 5.
Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
Source: The Hacker News
Date: 2025-05-23
The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. “The ClickFix technique is particularly risky because it allows the malware to execute in memory rather than being written to disk,” Expel said in a report shared with The Hacker News. “This removes many opportunities for browsers or security.
Simplifying Zero Trust: How Cisco Security Suites Drive Value
Source: Cisco Security Blog
Date: 2025-05-20
Discover how Cisco Security Suites are helping organizations achieve zero trust while realizing significant cost savings, improved productivity, and a 110% ROI.
How to automate incident response for Amazon EKS on Amazon EC2
Source: AWS Security Blog
Date: 2025-05-20
Triaging and quickly responding to security events is important to minimize impact within an AWS environment. Acting in a standardized manner is equally important when it comes to capturing forensic evidence and quarantining resources. By implementing automated solutions, you can respond to security events quickly and in a repeatable manner. Before implementing automated security solutions, […].
Shifting AppSec to the Left Improves Security and Developer Experience
Source: Checkmarx Blog
Date: 2025-05-21
Every developer knows the frustration: You’re in the flow, crafting elegant code, when suddenly you’re pulled back to fix security vulnerabilities in work you thought was finished long ago. This constant context-switching isn’t just annoying; it’s expensive and risky. While enterprise developers understand the importance of application security (AppSec), it slows them down. Instead of […].
Operation RapTor led to the arrest of 270 dark web vendors and buyers
Source: Security Affairs
Date: 2025-05-23
Law enforcement operation codenamed ‘Operation RapTor’ led to the arrest of 270 dark web vendors and buyers across 10 countries. Police arrested 270 suspects following an international law enforcement action codenamed ‘Operation RapTor’ that targeted dark web vendors and customers from ten countries. The Operation RapTor has dismantled networks trafficking in drugs, weapons, and counterfeit […].
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats
Source: CyberHoot Blog
Date: 2025-05-15
Apple’s AirPlay protocol is under fire as newly discovered “AirBorne†vulnerabilities expose billions of devices to zero-click attacks, data theft, and network-spreading malware—highlighting urgent security gaps in both Apple and third-party ecosystems.
Cybersecurity and AI: Integrating and Building on Existing NIST Guidelines
Source: NIST Cybersecurity Insights
Date: 2025-05-22
What is NIST up to? On April 3, 2025, NIST hosted a Cybersecurity and AI Profile Workshop at our National Cybersecurity Center of Excellence (NCCoE) to hear feedback on our concept paper which presented opportunities to create profiles of the NIST Cybersecurity Framework (CSF) and the NIST AI Risk Management Framework (AI RMF). These would serve to support the cybersecurity community as they adopt AI for cybersecurity, need to defend against AI-enabled cybersecurity attacks, as well as protect AI systems as organizations adopt AI to support their business. Stay tuned for the soon to be.
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
Source: Krebs on Security
Date: 2025-05-20
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6. 3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace.
3 Critical Pillars of Cyber-Resilience
Source: Dark Reading
Date: 2025-05-23
Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.
Signal Blocks Windows Recall
Source: Bruce Schneier
Date: 2025-05-23
This article gives a good rundown of the security risks of Windows Recall, and the repurposed copyright protection took that Signal used to block the AI feature from scraping Signal data..
The industry never sleeps, and neither do we. Keep learning, keep growing, and keep pushing the boundaries of what’s possible. We’ll be back next week with another essential roundup of must-read content.