CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
The notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims. This resurgence follows a relatively quieter 2024, during which CL0P listed only 27 victims compared to its infamous 2023 campaign with 384 breaches. In February alone, over 80 attacks have been attributed to CL0P, underscoring its renewed focus on large-scale campaigns. The group’s latest activities include exploiting vulnerabilities in widely used software platforms, such as Cleo products, to compromise organizations globally.
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations
An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country. Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. But it’s also providing “boutique” solutions in order to align with government initiatives and intelligence requirements, SentinelOne researchers Alex Delamotte and Aleksandar Milenkoski said in a report shared with The Hacker News.
North Korean hackers steal $1.5 billion from Bybit
North Korean hackers have stolen over $1.5 billion worth of crypto assets from Bybit, the world’s second-largest cryptocurrency exchange. The incident represents the largest crypto-heist in history (and the largest heist of any kind as well) and is almost 2.5 times larger than the previous leader—the theft of $625 million from the Ronin Network in April 2022. The hack took place on Friday, February 21, and is considered one of the most complex crypto-heists ever pulled. The attackers infiltrated Bybit’s network, studied the company’s internal procedures, identified, and then infected with malware all the employees who typically sign off on the movement of the company’s funds.
Russia warns financial sector of major IT service provider hack
Russia’s National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country’s credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. According to the bulletin, which was also published on the website of GosSOPKA (State System for Detection, Prevention, and Elimination of Consequences of Computer Attacks), the attack took place on February 21, 2025, and potentially impacted LLC LANTER and LLC LAN ATMservice, both part of the LANIT Group of Companies. LANIT Group is a significant and influential company in Russia’s information technology sector, considered the country’s largest system integrator.
Background Checks On 3 Million People Exposed In US Data Hack
A data breach at a U.S. employee screening company has caused the personal information of more than 3.3. million people to be leaked, it has been revealed. DISA Global Solutions, which performs background checks and drug tests for some of the biggest companies in the U.S., said that it was the victim of a “cyber incident” in which hackers gained access to the private information, including social security numbers, credit card numbers, and government identification, of more than 3 million people. Newsweek contacted DISA for more information on the incident via email.
Why Apple’s disabling of iCloud encryption in the UK is bad news for everyone
Apple has disabled its most advanced data security feature, Advanced Data Protection (ADP), for UK users following a government request for access to encrypted data. Apple, a staunch opponent of encryption backdoors, chose to disable Advanced Data Protection (ADP) for UK users last Friday. ADP, which provides end-to-end encryption to ensure only account holders can access their iCloud data, is no longer available in the country. Since its deactivation, any UK-based Apple user attempting to enable the feature is met with an error message.
