Go to listing page

Daily Cybersecurity Roundup, June 06, 2025

Your smart devices might be binge-watching more than just your favorite shows! BADBOX 2.0 has wormed its way into over a million IoT gadgets, mostly Chinese-made Android TVs, tablets,  and other smart gadgets. At the same time, cybercriminals are leveraging the Paste[.]ee platform to spread malware strains like XWorm and AsyncRAT through phishing campaigns. In other news, threat actors linked to UNC1151 exploited a critical XSS vulnerability in the Roundcube webmail platform to steal login credentials from Polish organizations. Keep reading for more cybersecurity updates from the past 24 hours.

01

The BADBOX 2.0 malware has infected over one million IoT devices, primarily Chinese-manufactured Android-based smart TVs, tablets, and IoT devices, turning them into residential proxies for malicious activities.

02

Paste[.]ee is being misused by cybercriminals to distribute malware, including XWorm and AsyncRAT, via phishing emails.

03

A malware campaign named Operation DRAGONCLONE has been targeting the Chinese telecommunications industry, specifically China Mobile Tietong Co., Ltd., using VELETRIX and VShell malware.

04

A new wiper malware, PathWiper, attributed to a Russia-linked APT actor, is being used in a destructive attack on Ukrainian critical infrastructure.

05

Researchers discovered new Chaos RAT variants used in recent Linux and Windows attacks and identified a critical flaw in its web panel that enables RCE on the server.

06

Hackers linked to UNC1151 exploited a critical XSS vulnerability (CVE-2024-42009) in Roundcube webmail to steal credentials from Polish entities via a spearphishing campaign, using malicious JavaScript and Service Workers for persistence.

07

CISA added Google Chromium V8 flaw (CVE-2025-5419) to its KEV catalog. The flaw allows heap corruption via crafted HTML pages and has been actively exploited.

08

Multiple high-severity vulnerabilities (CVE-2025-37097, CVE-2025-37098, CVE-2025-37099) were found in HPE IRS software, allowing remote attackers to execute arbitrary code and access sensitive data.

09

Cellebrite, an Israel-based forensic investigation solutions provider, announced the acquisition of U.S-based virtualization software firm Corellium in a deal valued at $200 million.

10

Data loss prevention provider MIND secured $30 million in a Series A funding round led by Paladin Capital Group and Crosspoint Capital Partners, with support from Okta Ventures and YL Ventures.

Get the Daily Cybersecurity Roundup delivered to your email!