The vulnerability, tracked as CVE-2025-0927, a heap overflow in the HFS+ file system implementation, could allow an attacker to escalate local privileges on affected systems.

The attack disrupted online services, including the mobile app used for ticket purchases, but did not affect train schedules, Ukrzaliznytsia said. The railway operator is investigating the incident along with Ukraine’s security services.

A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of compromised Zyxel CPE routers.

In February 2025, Hunters International exploited CVE-2024-55591 in FortiOS to breach a retailer. They used VPN access, deceptive accounts, Rclone, and WinSCP for data exfiltration before deploying Rust-based ransomware and disabling recovery.

Law enforcement agencies in seven African countries arrested over 300 suspected cybercriminals involved in mobile banking, investment and messaging app scams, according to a statement on Monday by Interpol.

The malware is distributed via a DMG file named Installer_v2.7.8.dmg, leveraging a clever trick to bypass macOS Gatekeeper. Victims are instructed to right-click and select “Open,” sidestepping Apple’s verification mechanism.

After responsible disclosure, the vulnerabilities were fixed in Ingress NGINX Controller versions 1.12.1, 1.11.5, and 1.10.7. Users should update promptly and secure the admission webhook endpoint from external exposure.

To communicate demands, the threat actor left ransom notes or sent emails detailing exfiltrated databases and payment methods. In some cases, the actor would even directly threaten the victim’s customers.

The vulnerability, tracked as CVE-2025-29922 with a CVSS score of 9.6, allows for unauthorized creation and deletion of objects in arbitrary workspaces through the APIExport Virtual Workspace.

This phishing email warns recipients that their ad accounts have violated EU GDPR or Meta’s ad policies. They are encouraged to click a “Check More Details” button, which leads to a fake Meta page with a support chatbot.