The White House urges agencies to retain cybersecurity teams amid budget cuts, warning of national security risks. GitHub uncovered high-severity ruby-saml flaws enabling account takeovers. A critical WordPress plugin vulnerability threatens 5M+ sites. Microsoft patched a zero-day exploited since 2023, while Apple released an emergency iOS update for a WebKit flaw. Australia introduced strict cybersecurity laws, and IDRBT launched an AI-driven banking security platform. MSRC continues to lead global cyber defense.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

China-linked UNC3886 hacked Juniper routers using custom backdoors, while Microsoft patched six actively exploited zero-days, including a ChatGPT-trojan exploit. Apple fixed a WebKit flaw targeting iPhones, and the Ballista botnet exploited TP-Link routers. CISA cut $10M in cyber funding, and OKX denied Bybit hack allegations. Ledger helped Trezor fix a security flaw, and a critical FreeType vulnerability is under active attack. Cyber risks are rising—stay updated!

Reference:https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Apple patched a WebKit zero-day (CVE-2025-24201) exploited in targeted attacks. CISA cut election security funding, citing cost savings. EU regulators probed OKX after Bybit’s $1.5B hack. The University of South Florida received $40M for a cybersecurity-focused college. A mass-exploited PHP flaw fueled global cyberattacks. Trump nominated Sean Plankey to lead CISA. Kerala’s lottery server faced 150 hacking attempts. SAP patched high-severity vulnerabilities, and CISOs faced burnout challenges.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Iran-linked hackers leaked Israeli gun owners’ data, while the Trump administration cut $10M in election cybersecurity funding. X (formerly Twitter) faced a large-scale cyberattack, and PHP vulnerability CVE-2024-4577 is being mass-exploited worldwide. Nova Scotia Power proposed $6.8M in cybersecurity upgrades, and CISA added new exploited flaws to its KEV list. The OPM is reviewing security risks from DOGE, while the ESP32 Bluetooth backdoor claim was debunked.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

North Korea’s Lazarus Group laundered $300M from the ByBit hack, while Ripple’s Chris Larsen lost $661M in an XRP theft linked to a LastPass breach. A Python library vulnerability exposed 43M installations, and India faced a surge in hacktivist attacks. AI-driven cybersecurity advances with Getvisibility’s acquisition, and Mphasis partners with SecPod for vulnerability management. DeFi remains under attack, as the 1inch hack exposes risks in smart contracts. The cybersecurity arms race continues.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Broadcom patches actively exploited VMware flaws, while Windows KDC Proxy RCE threatens remote takeovers. Bybit’s $1.4B hack linked to North Korea’s Lazarus Group, with 77% of funds still traceable. Google’s March Android update fixes 40+ vulnerabilities, and Samsung patches 58 bugs. Lloyds Bank patents AI-driven security tech, and a survey ranks cybersecurity & AI as top risks. The Pentagon denies halting cyber ops, and CISA mandates urgent patching for critical threats.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Cybersecurity hiring is tightening, prioritizing generalists over specialists. Opus Security’s AI-driven platform automates vulnerability management, while hackers exploit a Paragon Partition Manager zero-day for ransomware. CISA denies refocusing away from Russian threats, and the EU’s new liability law forces stricter cybersecurity compliance. Trump’s cyber policy remains unclear. Verizon and Accenture team up for security, and a new Windows Hyper-V exploit threatens systems.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/

Verizon & Accenture joined forces to tackle cyber threats, while the U.S. allegedly eased pressure on Russia in cybersecurity policies. Poland’s space agency was hacked, with fingers pointing at Russia. BlackBerry sold its Cylance security assets to Arctic Wolf but remains a player in critical cybersecurity. Meanwhile, a wrongful arrest in an Australian hacking case raises concerns. Lastly, the cybersecurity market is set to hit $423.8B by 2033, driven by AI and Zero Trust strategies.

Reference: https://www.linkedin.com/newsletters/hacker-hacks-7126276864670670848/