Palo Alto Networks tags new firewall bug as exploited in attacks
Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. The vendor first disclosed the authentication bypass vulnerability tracked as CVE-2025-0108 on February 12, 2025, releasing patches to fix the vulnerability. That same day, Assetnote researchers published a proof-of-concept exploit demonstrating how CVE-2025-0108 and CVE-2024-9474 could be chained together to gain root privileges on unpatched PAN-OS firewalls. A day later, network threat intel firm GreyNoise reported that threat actors had begun actively exploiting the flaws, with attempts coming from two IP addresses.
Torrents for Free Games Were Exploited to Launch Mass Malware Infection
Hackers spread malware to Windows PCs on New Year’s Eve via torrents for several pirated games. They circulated for about a month in a “one-shot campaign,” infecting both consumers and businesses with cryptocurrency mining malware, according to antivirus provider Kaspersky. The infections arrived through pirated games, including BeamNG.drive, Garry’s Mod, Dyson Sphere Program, Universe Sandbox, and Plutocracy. Kaspersky’s investigation found the hackers created and published the trojanized games in September, suggesting the cybercriminals spent months laying the groundwork for their malicious campaign.
US Army soldier pleads guilty to AT&T and Verizon hacks
Cameron John Wagenius pleaded guilty to hacking AT&T and Verizon and stealing a massive trove of phone records from the companies, according to court records filed on Wednesday. Wagenius, who was a U.S. Army soldier, pleaded guilty to two counts of “unlawful transfer of confidential phone records information” on an online forum and via an online communications platform. According to a document filed by Wagenius’ lawyer, he faces a maximum fine of $250,000 and prison time of up to 10 years for each of the two counts. Wagenius was arrested and indicted last year. In January, U.S. prosecutors confirmed that the charges brought against Wagenius were linked to the indictment of Connor Moucka and John Binns, two alleged hackers whom the U.S. government accused of several data breaches against cloud computing services company Snowflake, which were among the worst hacks of 2024.
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia’s re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.
Macs targeted by infostealers in new era of cyberthreats
The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. These are the dangers of “infostealers,” which have long plagued Windows devices but, in the past two years, have become a serious threat for Mac owners. And in 2024, one malicious program in particular is responsible for the lion’s share of infostealer activity—racking up 70% of known infostealer detections on Mac. These findings come from the 2025 State of Malware report. While many of the threats detailed in the report target companies and businesses, this latest wave of infostealers makes no distinction between Mac computers in an office and Mac computers at home.
Two arrested after pensioner scammed out of six-figure crypto nest egg
Two men are in police custody after being arrested in connection with a July cryptocurrency fraud involving a man in his seventies. The case was brought to Police Scotland in July 2024 after a 75-year-old from Aberdeen lost “a six-figure sum” worth of cryptocurrency. Officers from Police Scotland, assisted by England’s West Midlands and South Yorkshire Police, arrested two men aged 54 and 36 in Coventry and Mexborough respectively on Tuesday, February 18. Police Scotland said both men were charged with crypto fraud offenses and a report will be submitted to the Procurator Fiscal, a public prosecutor in Scotland.
