North Korean threat actors are escalating cyber campaigns, deploying 67 malicious npm packages with the XORIndex loader—downloaded over 17,000 times—and simultaneously targeting crypto startups with fake Zoom invites to steal digital assets. Meanwhile, Cyble’s Q2 2025 report notes a rise in hacktivist attacks on ICS, data, and access points, now making up 31% of such activity, up from 29% in Q1. Keep reading further for more cybersecurity updates.
01
North Korean threat actors deployed 67 malicious npm packages using the XORIndex malware loader, with over 17,000 downloads in software supply chain attacks.
02
North Korean hackers are targeting crypto startups using fake Zoom invites in a spear-phishing campaign, leveraging social engineering and malicious scripts to breach devices and steal crypto assets.
03
A new state-backed cyber-espionage campaign targeting Southeast Asian governments employs the HazyBeacon malware, a Windows backdoor designed to collect sensitive data.
04
An Android malware campaign has been targeting Bengali-speaking users, particularly Bangladeshi expatriates, by impersonating popular financial apps like TapTap Send and AlimaPay to steal personal and financial data.
05
Threat actors are using malicious JavaScript hidden in SVG image files to redirect users to harmful sites, delivered via spoofed ‘Missed Call’ or ‘Payment Reminder’ emails that require no clicks or downloads to execute.
06
Cyble's Q2 2025 assessment reveals that ICS attacks, data breaches, and access-based intrusions now make up 31% of hacktivist activity, up from 29% in Q1.
07
Dozens of Gigabyte motherboard models are vulnerable to UEFI malware, allowing attackers to plant bootkit malware that bypasses Secure Boot and survives OS reinstalls.
08
A critical RCE vulnerability (CVE-2025-49127) has been discovered in Kafbat UI version 1.0.0 that allows unauthenticated users to execute arbitrary code on the server.
09
A critical vulnerability in ImageMagick's image processing library (CVE-2025-53101) allows RCE through malicious filename patterns.
10
Zip Security secured $13.5 million in a Series A funding round led by Ballistic Ventures, with participation from Silver Buckshot, Mantis VC, and others.
