Go to listing page

Daily Cybersecurity Roundup, July 31, 2025

In a wave of escalating cyber threats, North Korea’s Lazarus Group launched a large-scale cyber-espionage campaign by planting over 200 malicious open-source packages on npm and PyPI. Meanwhile, the UNC2891 group attempted a stealthy attack on a bank’s ATM network using a 4G-equipped Raspberry Pi. Adding to the growing threat landscape, Zscaler’s 2025 Ransomware Report revealed a 145.9% YoY surge in ransomware attacks, with 238.5 TB of data stolen and public extortion cases soaring by 70.1%, targeting critical sectors like manufacturing, tech, healthcare, oil & gas, and government. Keep reading for more cybersecurity news.

01

North Korean Lazarus Group distributed over 200 malicious open-source packages in a cyber-espionage campaign, targeting npm and PyPI repositories, compromising up to 36,000 victims.

02

The UNC2891 (LightBasin) hacking group attempted a sophisticated attack on a bank's ATM network by hiding a 4G-enabled Raspberry Pi on the network switch, creating a secret backdoor into internal systems.

03

Hackers are phishing Python developers with fake PyPI emails, tricking them into clicking malicious links to steal their credentials.

04

A new USB attack called Choicejacking tricks phones into sharing data at public charging stations without user consent by using spoofed USB or Bluetooth inputs to simulate user actions and initiate data transfer in under 133 milliseconds.

05

As per Zscaler ThreatLabz 2025 Ransomware Report, ransomware attacks jumped 145.9% YoY, with 238.5 TB of data stolen and public extortion up 70.1%, as manufacturing, tech, healthcare, oil & gas, and government faced major spikes.

06

Multiple vulnerabilities have been discovered in Apple products, affecting iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, that could allow arbitrary code execution, letting attackers install programs, alter data, or access sensitive information.

07

Researchers found BIOS flaws in Lenovo IdeaCentre and Yoga desktops, including six CVEs, allowing firmware-level code execution via SMM exploits involving memory corruption and stack overflows.

08

Hackers are exploiting a critical unauthenticated arbitrary file upload vulnerability (CVE-2025-5394) in the WordPress theme 'Alone,' enabling remote code execution and site takeovers.

09

Wallarm, an API security firm, accrued $50 million in a Series C funding round led by Toba Capital.

10

Cybersecurity startup BlinkOps secured $50 million in a series B funding round led by O.G. Venture Partners, with participation from Vertex Growth, along with previous investors Lightspeed Venture Partners and Hetz Ventures.

Get the Daily Cybersecurity Roundup delivered to your email!