Cyber Briefing: 2025.04.21
Today's highlights include IC3 scam alerts, Google phishing flaw, NFC payment malware, Tokai ransomware, data breaches, DOGE restrictions, Nigeria’s reforms, and Linux 6.15 updates.
Listen to our podcast here!
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this?
👉 What's happening in cybersecurity today?
🚨 Cyber Alerts
1. FBI Warns of Scammers Posing as Employees
The FBI has warned of scammers impersonating IC3 employees offering fake assistance to fraud victims. Between December 2023 and February 2025, over 100 reports were made by individuals contacted through emails, calls, or social media. Scammers claim to have recovered victims' funds but instead use the opportunity to steal more financial information. The FBI advises against sharing sensitive details with strangers and reminds the public that IC3 employees never directly contact victims for payment or fund recovery.
2. Phishers Exploit Google DKIM to Steal Data
Hackers recently took advantage of a flaw in Google’s email system to carry out a sophisticated phishing attack. By leveraging Google’s infrastructure, they sent fake emails that seemed to come from Google, passing all security checks, including the DomainKeys Identified Mail (DKIM) verification. The fraudulent emails directed victims to a fake “support portal” that requested Google account credentials. This tactic made the phishing attempt look even more authentic since the messages appeared to be sent from Google’s legitimate email addresses.
3. SuperCard X Malware Targets NFC Payments
A new malware-as-a-service platform named SuperCard X has emerged, targeting Android users through NFC relay attacks. This malware is linked to Chinese-speaking threat actors and shares similarities with previous malware campaigns such as NFCGate and NGate. SuperCard X employs a novel technique that allows attackers to execute point-of-sale and ATM transactions using compromised payment card data by relaying NFC communications between devices. Its sophistication lies in its ability to bypass detection by using minimal permissions and operating under the radar of traditional security measures.
Click here for more alerts!
💥 Cyber Incidents
4. Ransomware Attack Disrupts Tokai University
On April 18, 2025, Tokai University in Hiratsuka City, Kanagawa Prefecture, experienced a ransomware attack that disrupted multiple campuses. The attack, first detected on April 17, caused significant system failures, including the unavailability of student portals and email services. Affected campuses include Shonan, Shizuoka, Sapporo, and Kumamoto, leading to the cancellation of some classes. To prevent further damage, university officials took precautionary steps by blocking internet connections, though medical facilities linked to the university were not impacted.
5. BHR Data Breach Affects Over 50K Individuals
Behavioral Health Resources (BHR) reported a data breach to the U.S. Department of Health and Human Services. The breach potentially exposed sensitive personal and medical data, including Social Security numbers, medical records, and biometric information. While BHR’s investigation had not confirmed whether any data was accessed or exfiltrated, they disclosed that 50,083 individuals would be notified by April 17. No ransomware group has claimed responsibility for the breach.
6. Prague Administration Hit by Cyberattack
A cyberattack on the Services Administration of the Capital City of Prague, Czech Republic, has caused significant disruptions. Hackers gained access to sensitive data, including towing records, vehicle license plates, and internal contracts, and have started leaking it online. The National Cyber and Information Security Agency and local police are investigating the breach, but the organization has not disclosed the full extent of the damage. This attack follows a similar ransomware incident just six months earlier, attributed to the new group Cicada3301, which now targets a broader range of organizations.
Click here for more incidents!
📢 Cyber News
7. DOGE Access to Social Security Data Limited
A federal judge has imposed new limitations on Elon Musk's Department of Government Efficiency (DOGE) after concerns about privacy violations. U.S. District Judge Ellen Hollander issued a preliminary injunction restricting DOGE’s access to sensitive Social Security data. The injunction mandates that DOGE staffers can only access anonymized data after undergoing training and background checks. Hollander emphasized that while addressing fraud and waste is important, the agency’s approach raised serious concerns about the protection of personal information.
8. Nigeria Strengthens Healthcare Data Security
The Nigeria Data Protection Commission (NDPC) has partnered with the Federal Ministry of Health to establish a comprehensive data protection framework within Nigeria’s healthcare sector. This collaboration, announced in Abuja, aims to safeguard sensitive patient information and prevent issues like misdiagnosis and discrimination. Dr. Vincent Olatunji, the NDPC’s National Commissioner, highlighted the increasing importance of data protection in today’s digital healthcare environment.
9. Linux 6.15 rc3 Released with Stability Fixes
Linus Torvalds announced the release of Linux 6.15-rc3, focusing on bug fixes and stability improvements. The release, which arrived on schedule after Easter, includes adjustments across various subsystems with an emphasis on reliability. The key update is a refinement of the ublk driver, improving flexibility and efficiency for user-space block drivers. While there are no major new features, Torvalds encouraged the community to test the release candidate, ensuring the platform continues its stable development ahead of the final Linux 6.15 release.
Click here for more news!
📈Cyber Stocks
💡 Cyber Tip
Watch Out for Phishing Emails That Pass Google’s Security Checks
Hackers are exploiting Google’s DKIM system to send phishing emails that appear legitimate, tricking users into giving up account credentials via fake support portals.
✅ Actions You Should Take:
Verify links – Always double-check URLs before clicking, even if the email looks like it’s from Google.
Use browser bookmarks – Access important accounts directly from saved bookmarks, not email links.
Enable 2FA – Add an extra layer of protection to your accounts with two-factor authentication.
Why it matters: These phishing emails pass standard security checks, making them harder to detect and more likely to deceive even cautious users.
📚 Cyber Book
The Executive’s Cybersecurity Advisor by Michael Gable
📊 Cyber Poll
Copyright © 2025 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.