Mar 03, 2025Ravie Lakshmanan

This week, a 23-year-old Serbian activist was targeted by a sophisticated zero-day exploit, which turned their Android device into a vulnerability. Meanwhile, Microsoft exposed a scheme where cybercriminals leveraged AI tools for malicious purposes, and a massive trove of live secrets was discovered, highlighting the risks associated with hard-coded credentials.

We have analyzed a range of cyber threats, from phishing scams to malware attacks, and broken them down in simple terms. Get ready to dive into the details, understand the risks, and learn how to protect yourself in an increasingly complex online world.

⚡ Threat of the Week

Serbian Youth Activist Targeted by Android 0-Day Exploit Chain — A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit chain developed by Cellebrite to unlock the device and likely deploy an Android spyware called NoviSpy. The flaws combined CVE-2024-53104 with CVE-2024-53197 and CVE-2024-50302 to escalate privileges and achieve code execution.

🔔 Top News

• Microsoft Unmasks People Behind LLMjacking Scheme — Microsoft revealed the identities of four individuals who it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services to produce offensive and harmful content.
• Common Crawl Dataset Contains Nearly 12,000 Live Secrets — An analysis of a December 2024 archive from Common Crawl has uncovered nearly 12,000 live secrets, highlighting the severe security risk posed by hard-coded credentials.
• Silver Fox APT Uses Winos 4.0 to Target Taiwanese Orgs — Taiwanese companies have been targeted via phishing emails that masquerade as the country’s National Taxation Bureau with an aim to deliver the Winos 4.0 (aka ValleyRAT) malware.
• Australia Bans Kaspersky Products from Government Networks — Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing “unacceptable security risk to Australian Government, networks and data.”
• Bybit Hack Formally Attributed to Lazarus Group — The North Korea-linked Lazarus Group has been implicated in the record-breaking hack of crypto exchange Bybit that led to the theft of $1.5 billion in digital assets.

‎️‍🔥 Trending CVEs

Your go-to software could be hiding dangerous security flaws—don’t wait until it’s too late! Update now and stay ahead of the threats before they catch you off guard.

This week’s list includes — CVE-2025-27364 (MITRE Caldera), CVE-2025-24752 (Essential Addons for Elementor plugin), and many more.

📰 Around the Cyber World

• Qualcomm and Google Announce Security Partnership — Chipmaker Qualcomm announced a partnership with Google with an aim to enable device manufacturers to provide up to eight years of software and security updates.
• Microsoft Removes 2 Malicious VSCode Extensions — Microsoft has taken down two popular VSCode extensions, ‘Material Theme – Free’ and ‘Material Theme Icons – Free,’ from the Visual Studio Marketplace for allegedly containing malicious code.
• Over 49,000 Misconfigured Access Management Systems Flagged — New research has uncovered more than 49,000 misconfigured access management systems (AMS) across the world, specifically in construction, healthcare, education, manufacturing, oil, and government sectors.
• Telegram Remains the Top Platform for Cybercriminals — Despite new commitments from Telegram, the messaging app continues to remain a hub for cybercriminal activity.
• OpenSSF Releases Best Practices for Open-Source Projects — The Open Source Security Foundation (OpenSSF) released the Open Source Project Security Baseline (OSPS Baseline), a three-tiered set of requirements that aims to improve the security posture of open source software projects.

🎥 Expert Webinar

• Webinar 1: Discover How ASPM Bridges Critical Gaps in AppSec Before It’s Too Late — Join our free webinar to learn how ASPM is changing app security.
• Webinar 2: Transform Your Code Security with One Smart Engine — Join this next webinar to learn how to stop identity-based attacks like phishing and MFA bypass.

P.S. Know someone who could use these? Share it.

🔧 Cybersecurity Tools

• MEDUSA — It is a powerful, FRIDA-powered tool designed for dynamic analysis of Android and iOS apps.
• Galah — It is an AI-driven web honeypot designed to lure and study cyber attackers.

🔒 Tip of the Week

The Hidden Dangers of Copy-Paste: How to Secure Your Clipboard from Cyber Threats — Clipboard security is often overlooked, yet it’s a prime target for attackers. Malware can hijack your clipboard to steal sensitive data, swap cryptocurrency addresses, or execute malicious commands without your knowledge.

Conclusion

As we close this week’s update, remember that staying informed is the first step to protecting yourself online. Every incident—from targeted exploits to AI misuse—shows that cyber threats are real and constantly changing.

Thank you for reading. Stay alert, update your systems, and use these insights to make smarter choices in your digital life. Stay safe until next week.