svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief July 20, 2025

Jul 20, 2025

bulletproof VPN - stay anonymous

Singapore Faces Advanced Cyberattack by China-Linked Espionage Group

Singapore’s government reported a serious ongoing cyberattack on its critical infrastructure by UNC3886, an advanced persistent threat (APT) group with alleged ties to China. The attack threatens national security, though China denies involvement.

Source: France 24

Free Decryptor Released for Phobos and 8Base Ransomware

Japanese authorities and Europol released a free decryptor for victims of Phobos, 8Base, and related ransomware strains (e.g., .phobos, .faust). The tool, available via NoMoreRansom, requires malware removal first to avoid re-encryption.

Source: SecurityAffairs

PoisonSeed Phishing Campaign Bypasses FIDO2 MFA via Cross-Device Authentication

Attackers abuse WebAuthn’s cross-device sign-in to trick users into approving logins via QR codes, bypassing FIDO2 security keys. The AiTM attack mimics corporate portals (e.g., Okta, Microsoft 365) but exploits legitimate features rather than vulnerabilities.

Impact: Enables credential theft despite FIDO2 protections.
Mitigation: Enforce Bluetooth-based cross-device auth, monitor FIDO key registrations, and restrict geographic logins.

Source: BleepingComputer

UK Government Resists Compensation for Afghan Data Breach Victims

The UK MoD refuses to compensate 18,714 Afghans exposed in a 2022 leak of relocation program data, citing “hypothetical claims.” The breach risked Taliban reprisals and triggered a secret evacuation scheme.

Source: The Daily Mail

npm Linter Packages Hijacked via Phishing to Distribute Malware

Compromised versions of eslint-config-prettier (30M+ weekly downloads) and other packages delivered a Windows DLL trojan via postinstall scripts. The attacker used stolen credentials from a npm phishing email (npnjs[.]com domain).

Impact: Malware execution on Windows systems.
Mitigation: Avoid affected versions, audit CI/CD logs, and rotate exposed secrets.

Source: BleepingComputer

Missouri Enacts New Data Breach Notification Law for Insurers

Missouri’s Insurance Data Security Act mandates breach reporting and security standards for insurers by January 2026, aligning with other state laws.

Source: JDSupra

Share this brief: https://svo.bz/8s9N

If you want to support us, you can donate here: Donate