Critical industries globally are facing increased attacks from Russian and North Korean threat actors. The Russia-affiliated APT group Storm-2372 has been leveraging device code phishing tactics to evade MFA protocols. At the same time, a North Korean state-sponsored group known as Slow Pisces has been conducting targeted attacks against cryptocurrency developers. Adding to the growing list of cyber threats, Fortinet researchers have issued a warning about attackers exploiting known vulnerabilities in FortiGate devices to install persistent backdoors. Take a look at the 10 key cybersecurity news items from the past 24 hours.
01
The Russian APT group Storm-2372 has been utilizing device code phishing techniques to circumvent MFA protocols, targeting government, technology, finance, defense, and healthcare industries.
02
A North Korean state-sponsored group, Slow Pisces, has been found launching sophisticated cyberattacks on cryptocurrency developers through malware-laced coding challenges to steal data.
03
A new malware variant called ResolverRAT has been targeting healthcare and pharmaceutical organizations globally via phishing emails with tailored language and legal or copyright violation claims.
04
A China-linked APT group exploited two critical vulnerabilities, CVE-2025-0282 and CVE-2025-22457, in Ivanti Connect Secure VPN appliances, impacting nearly 20 industries across 12 countries.
05
Fortinet researchers warned against hackers exploiting known vulnerabilities in FortiGate devices to install backdoors that provide read-only access even after the vulnerabilities are patched.
06
A new RAT called GYware, marketed as the ‘best of 2025’ on hacker forums, has been alarming experts with its self-spreading capabilities, full undetectability, and remote control features via a web-based panel.
07
A high-severity flaw, tracked as CVE-2025-27520, has been discovered in the Python framework BentoML that could permit attackers to seize control of servers hosting AI services built and operated using BentoML.
08
A critical vulnerability, tracked as CVE-2025-32428, has been discovered in the Jupyter Remote Desktop Proxy. The flaw unintentionally exposes VNC services over the network when used with TigerVNC.
09
Cybersecurity firm Adaptive Security secured $43 million in Series A funding. The round was led by OpenAI's Startup Fund and Andreessen Horowitz, with participation from other investors.
10
Software supply chain security platform NetRise raised $10 million in a Series A funding round led by DNX Ventures, with participation from Miramar Digital Ventures, Squadra Ventures, and others.
