Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp

Source: The Hacker News

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.

Link to article 

Phishing emails delivering infostealers surge 84%

Source: Help Net Security

Cybercriminals continued to shift to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined, according to IBM. Researchers observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks.

Link to article

Cyberattack Knocks Texas City’s Systems Offline

Source: Security Week

The city of Abilene, Texas, says it has been working on restoring systems that were taken offline to contain a cyberattack. The assault started on April 18, when some of the systems in the city’s internal network were reported as unresponsive, and prompted the immediate activation of the incident response plan.

Link to article

Verizon Reports Surge in Breaches Tied to Edge Devices

Source: Data Breach Today

Hackers targeting victims' networks last year primarily wielded stolen credentials, exploits for known and zero-day vulnerabilities in edge and VPN devices and phishing attacks to gain initial access, according to Verizon's 2025 Data Breach Investigations Report.

Link to article

NFC-Powered Android Malware Enables Instant Cash-Outs

Source: Dark Reading

A novel form of malware has enabled a threat actor to use a mobile device's NFC capabilities (used to enable tap to pay) to immediately cash out a victim's bank funds.

Link to article