Dark shadows lurking in code are stirring up a storm across the digital landscape. Over 1,000 WordPress sites have been laced with malicious JavaScript, embedding four backdoors for attackers to slip back in at will. Meanwhile, EncryptHub is carving a name for itself, hitting users of QQ Talk, WeChat, and Google Meet with slick multi-stage attacks. In Japan, threat actors are zeroing in on tech, telecom, and e-commerce targets, prying open Windows systems via a PHP-CGI flaw. Read on to know more.
01
Over 1,000 WordPress websites have been infected with malicious JavaScript code that creates four backdoors for attackers to gain multiple points of re-entry. The malicious code is served via cdn.csyndication[.]com.
02
EncryptHub is a rising cybercriminal entity that has been observed using multi-stage attack chains, targeting QQ Talk, WeChat, DingTalk, VooV Meeting, Google Meet, Microsoft Visual Studio 2022, and Palo Alto Global Protect users.
03
Medusa ransomware group has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024, and over 40 attacks in the first two months of 2025 alone, found Symantec.
04
A malicious JavaScript injection was discovered on a WordPress website, causing visitors to be redirected to unwanted third-party domains. At least 31 infected websites were identified.
05
The CISA disclosed a critical vulnerability (CVE-2025-1316) in Edimax IC-7100 IP cameras, which is being exploited by multiple botnets. The vulnerability allows RCE through specially crafted requests.
06
Threat actors have been targeting technology, telecommunications, entertainment, education, and e-commerce organizations in Japan, exploiting CVE-2024-4577 in PHP-CGI on Windows to gain initial access.
07
Enisa has issued a warning that six critical infrastructure sectors—IT service management, space, public administrations, maritime, health, and gas—are having difficulty meeting the requirements of the NIS2 directive.
08
The Akira ransomware gang was found using an unsecured webcam to launch encryption attacks on a victim's network, bypassing the EDR system that was blocking the encryptor in Windows.
09
Microsoft took down several GitHub repositories used in a large malvertising campaign that affected nearly one million devices worldwide.
10
A coalition of international law enforcement agencies, including the U.S. Secret Service, has shut down the Russian crypto exchange Garantex that was allegedly used by criminal groups for money laundering.
