Date: 2.3.25

---

🚨 Top Headlines

Cyber Insights 2025: Quantum and the Threat to Encryption

Summary: SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect with Quantum computing and the threat to encryption

Source: Security Week

Globe Life Ransomware Attack – 850,000+ Users Personal & Health Data Exposed

Summary: Globe Life Inc. has become the latest victim of a high-profile cybersecurity incident, with a threat actor claiming access to sensitive personal and health data of over 850,000 individuals. 

The attack, while not involving traditional ransomware, appears to be an extortion attempt that poses significant risks to the Company’s reputation and its customers’ security.

Source: Cybersecurity News

From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts

Summary: A cybercriminal organization that has been operating for over a decade has moved from credit-card skimming to exploiting zero-day vulnerabilities, according to a joint investigation by cybersecurity firms Solis Security and Intezer. The group, tracked as XE Group, now poses heightened risks to global supply chains, particularly in manufacturing and distribution sectors, by leveraging stealthier tactics and long-term system access.

Source: CyberScoop

Hackers Abusing AWS & Microsoft Azure To Launch Large-Scale Cyber Attacks

Summary: Hackers are increasingly leveraging cloud platforms like Amazon Web Services (AWS) and Microsoft Azure to orchestrate large-scale cyber attacks. These platforms, which host critical infrastructure for businesses worldwide, are being exploited through sophisticated methods, including fraudulent account setups, API key theft, and infrastructure laundering.

Source: Cybersecurity News

---

🔍 Emerging Threats and Indicators

Malware Campaigns

Zero-click WhatsApp spyware targeted 90 journalists, says Meta

Summary: A zero-click WhatsApp spyware attack was made against 90 journalists and other “civil society members,” said Meta, which managed to detect the incident.

A zero-click attack means that victims don’t need to tap on a link or take any action in order for their devices to be compromised – simply receiving the message is enough …

Source: 9to5 Mac

Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions

Summary: Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. “Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,” Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week.

Source: The Hacker News

Hackers Hijack JFK File Release: Malware & Phishing Surge

Summary: Veriti Research has uncovered a potentially growing cyber threat campaign surrounding the release of the declassified JFK, RFK, and MLK files. Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit attempts. Our research indicates that cybercriminals are quick to react to major public events, and this case is no exception. 

Source: Security Boulevard

Phishing Campaigns

New Phishing Attack Hijacking High-Profile X Accounts To Promote Phishing Sites

Summary: A sophisticated phishing campaign has emerged, targeting high-profile X (formerly Twitter) accounts to promote fraudulent cryptocurrency schemes. The attack exploits the credibility of verified accounts, leveraging their reach to deceive users into visiting phishing sites.

Source: Cybersecurity News

---

Artificial intelligence Threats: 

DeepSeek R1 has taken the world by storm, but security experts claim it has ‘critical safety flaws’ that you need to know about

Summary: DeepSeek R1, the new frontier reasoning model that shook up the AI industry, is vulnerable to a wide range of jailbreaking techniques, according to new research. A new report from Cisco warns that although DeepSeek’s R1 frontier reasoning model has been able to compete with state-of-the-art models from OpenAI or Anthropic, it has been found to have “critical safety flaws”.

Source: IT Pro

Government sets out cyber security practice code to stoke AI growth

Summary: The government has set out an artificial intelligence (AI)-focused cyber security code of practice for UK businesses, which it describes it as a “world first”. The Department for Science, Innovation and Technology said the standard will protect AI systems from cyber attack, boost productivity and set up a global coalition to tackle a worldwide cyber skills shortage.

Source: Computer Weekly

---

Prepared by: Krypt3ia
For inquiries, contact: [email protected]

---

Disclaimer: This digest is for informational purposes only. Use provided intelligence responsibly and validate all IOCs before implementing network or system changes.