SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
NullPoint Stealer source code leak
The source code of the NullPoint Stealer infostealer malware has been leaked online. The malware is capable of stealing information such as passwords, browser data, screenshots, files, VPN data, and crypto wallets from compromised Windows devices.
4chan shares info on recent hack
4chan has shared some information on the recent hack. According to the controversial bulletin board, a hacker exploited an outdated software package on one of its servers to gain access to the system. This gave the attacker access to the site’s database and admin dashboard. The incident has been blamed on financial problems, which have prevented the site from carrying out its plan of updating infrastructure. The breached server has been replaced and the site is now back online.
WordPress users targeted in security-themed campaigns
WordPress security companies PatchStack and Defiant have warned users about two recent campaigns leveraging security-related themes. PatchStack warned about phishing attacks informing potential victims about vulnerabilities in their WooCommerce installation. Defiant has spotted an interesting WordPress malware disguised as an anti-malware plugin. The malware gives attackers admin access to the compromised website.
iPhone vulnerability earns researcher $17,500 bug bounty
Researcher Guilherme Rambo has shared details on CVE-2025-24091, an iOS vulnerability patched by Apple in March that could be used by an installed widget for DoS attacks. According to Rambo, the vulnerability can be exploited with a single line of code and it results in a “soft-bricked” device that needs to be erased and restored from backup to become functional again. The researcher says he earned a $17,500 bug bounty for his findings.
FBI seeking information on Salt Typhoon attacks
The FBI has asked the public to report information about attacks conducted by the Chinese threat group Salt Typhoon against telecom companies. The agency is hoping to obtain information about specific individuals involved in the campaign. The FBI also pointed out that such information may be eligible for a reward of up to $10 million offered by the State Department.
BreachForums blames shutdown on law enforcement and zero-day exploitation
BreachForums has been temporarily shut down and a message posted by its administrators claims the website was targeted through a MyBB zero-day exploit as part of a law enforcement action. They claim infrastructure and data have not been compromised, and no one has been arrested. They are now working on rewriting the forum backend.
SK Telecom replacing SIM cards following hack
South Korea’s largest telecom company SK Telecom is replacing customer SIM cards following a hacker attack that resulted in the exposure of information that may allow SIM card cloning. Customers can request SIM replacements, but most stores are currently out of stock. In the meantime, the company is also offering a free SIM protection service that should prevent abuse.
Scattered Spider hacker extradited to US
Tyler Robert Buchanan, a British national suspected of being a member of the notorious Scattered Spider cybercrime group, has been extradited from Spain to the United States. Buchanan was arrested in Spain in June 2024, more than one year after he fled the UK due to threats received from a rival cybercrime gang. Charges against him and other Scattered Spider members were announced by the US in November 2024.
Microsoft details macOS sandbox escape
Microsoft has shared details on CVE-2025-31191, a macOS vulnerability discovered by its researchers in April 2024. Apple released a patch in March 2025. According to Microsoft, the flaw allows “specially crafted codes to escape the App Sandbox and run unrestricted on the system”. The exploit involves security-scoped bookmarks and it does not require user interaction.
Related: In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged
Related: In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet
