Go to listing page

Daily Cybersecurity Roundup, April 29, 2025

Cybercriminals are increasingly targeting high-impact sectors with tailored threats that rely on psychological manipulation to maximize impact. A prime example is ResolverRAT, which is actively attacking the global healthcare and pharmaceutical industries through fear-based phishing campaigns crafted in multiple languages. Security researchers have raised alarms over Darcula PhaaS, operated by the Smishing Triad cybercrime group, which is using AI to craft deceptive scam pages. A new Cloudflare report has highlighted a 358% YoY spike in DDoS attacks, including a 7% QoQ and 118% YoY rise in HTTP-based attacks. Continue reading for the cybersecurity news from the last 24 hours.

01

ResolverRAT has been targeting the healthcare and pharmaceutical sectors globally using fear-based phishing emails in multiple languages to maximize infection rates.

02

Researchers are warning about Darcula PhaaS, run by the Smishing Triad cybercrime group, which has been found leveraging AI to generate multilingual scam pages.

03

Cybercriminals were found targeting senior members of the World Uyghur Congress in a spear-phishing campaign to deliver a Windows-based malware, UyghurEdit++, via a trojanized Uyghur language software.

04

GreyNoise observed a significant spike in Git configuration file with nearly 4,800 unique IPs95% deemed malicious—primarily originating from Singapore.

05

Researchers identified 19 APT activities targeting government agencies (47%) across South Asia, East Asia, Eastern Europe, and South America, with spear-phishing accounting for 79% of intrusion methods.

06

A newly identified BEC threat actor, TA2900, is targeting rental payments in France and Canada by sending fraudulent emails in French claiming missed payments and directing victims to transfer funds to new bank accounts.

07

As per Cloudflare’s 2025 Q1 DDoS Threat Report, a 358% YoY surge in overall DDoS attacks has been observed, with HTTP DDoS attacks rising 7% QoQ and 118% YoY.

08

Apache has disclosed a high-severity vulnerability in Apache Tomcat, identified as CVE-2025-31650, which allows attackers to bypass security rules and trigger DoS conditions through manipulated HTTP priority headers.

09

Cybersecurity group Allurity announced the acquisition of Infigo IS, an information security and data analytics company.

10

Manifest, an SBOM and AIBOM platform, secured $15 million in a Series A funding round led by Ensemble VC, with backing from AE Ventures, First Round Capital, and others.

Get the Daily Cybersecurity Roundup delivered to your email!