Cyber Briefing: 2025.05.12

AI misuse, info-stealing malware, and global cyberattacks reveal data leaks, smart contract exploits, and privacy violations across education, healthcare, crypto, and cloud platforms.

May 12, 2025

Listen to our podcast here!

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this?

👉 What's happening in cybersecurity today?

Get Help

🚨 Cyber Alerts

1.Microsoft Copilot AI Exposes Sensitive Data

Multiple vulnerabilities in Microsoft’s Copilot AI for SharePoint have been discovered. These flaws allow attackers to access sensitive corporate data, including passwords and confidential documents. Pen Test Partners found that attackers can bypass security measures using SharePoint’s AI assistants, both default and custom. The exploits operate undetected, leaving no digital footprint, and researchers recommend enhanced monitoring and access control practices to mitigate these risks.

2.PupkinStealer Targets Data Through Telegram

PupkinStealer is an information-stealing malware that targets browser credentials, files, and messaging sessions. Developed in C# and leveraging Telegram’s Bot API, it enables rapid and stealthy data exfiltration. This malware extracts passwords, session data, and screenshots from compromised systems, sending the stolen data to attackers. Experts recommend robust cybersecurity practices, including password managers and multi-factor authentication, to mitigate risks.

3. Fake AI Video Tools Spread Noodlophile

Fake AI-powered video generation tools, such as "Dream Machine," are being used to distribute the Noodlophile malware. Victims are tricked into downloading ZIP archives, which disguise an executable file posing as a video. Once executed, the malware targets sensitive information, such as browser credentials, session cookies, and cryptocurrency wallet files. Noodlophile then exfiltrates stolen data via Telegram bots, giving attackers real-time access to the compromised information.

For more alerts, click here!

Check Jobs

💥 Cyber Incidents

4. Mobius Token Exploit Drains $2.15 Million

A critical exploit targeting Mobius Token's smart contracts on the BNB Chain resulted in the theft of $2.15 million. The attack occurred on May 11, 2025, when the hacker deployed a malicious contract that drained 28.5 million MBU tokens from the victim’s wallet. These tokens were then converted into USDT, causing significant financial loss. The exploit was detected just minutes after the malicious contract was deployed, with Cyvers Alerts confirming the use of suspicious code and unusual transaction patterns.

5. Cyberattack Hits Università Roma Tre Website

On May 8, 2025, Università Roma Tre in Italy experienced a major cyberattack affecting its IT infrastructure. The attack led to the complete inaccessibility of university websites and services, prompting a swift response from national cybersecurity authorities. The university worked to restore vital administrative systems, including student services, research management, and accounting systems. While the full scope of the attack remains unclear, the university aims to fully restore operations by May 12, 2025.

6. Cyberattack Hits Public Agencies in Paraguay

A significant cyberattack targeted multiple government institutions in Paraguay on May 8, 2025, affecting 11 entities. Among those impacted, the Ministry of Health was notably hit, with concerns regarding the exposure of sensitive vaccination data. The attack has resulted in the leakage of personal information, including phone numbers and potentially other confidential details. MITIC, the Ministry of Information and Communications Technology, has initiated investigations and is working to enhance the country’s cybersecurity measures to prevent further breaches and mitigate the damage.

For more incidents, click here!

Report Incident

📢 Cyber News

7. UN New Cyberattack Assessment Framework

The United Nations has introduced the UNIDR Intrusion Path framework to enhance cyber defense. It aims to help stakeholders better understand malicious ICT activities and improve cyber diplomacy. The framework outlines three key layers: outside, on, and inside the network perimeter, focusing on activities by both attackers and defenders. It complements existing models like MITRE ATT&CK and the Cyber Kill Chain, contributing to a more secure digital environment.

8. Botnet Selling Hacked Routers Dismantled

Authorities recently dismantled a botnet that had infected thousands of routers worldwide over the past 20 years, forming two illegal proxy networks, Anyproxy and 5socks. These networks, operated by Russian and Kazakhstani nationals, allowed cybercriminals to conduct illicit activities by offering residential proxy services. The U.S. Justice Department, along with Dutch and Thai police forces, coordinated with analysts from Lumen Technologies' Black Lotus Labs to dismantle the operation.

9. Google Settles Privacy Lawsuits for $1.375B

Google has agreed to a $1.375 billion settlement with the state of Texas over two lawsuits accusing the company of unlawful tracking and data collection. The lawsuits, filed in 2022, focused on the unauthorized collection of user location data, including when Location History settings were disabled, and biometric data like facial recognition without user consent. This settlement dwarfs previous payments Google made to settle similar lawsuits with other U.S. states, including a $391 million payout in 2022 and smaller settlements with Indiana and California.

For more news, click here

📈Cyber Stocks

💡 Cyber Tip

Protect Against PupkinStealer Malware Using Strong Credential Hygiene

PupkinStealer is a stealthy infostealer that exfiltrates credentials and data via Telegram bots.

✅ Actions You Should Take:

Use a password manager – Avoid storing passwords in browsers where malware can extract them.
Enable multi-factor authentication (MFA) – Make stolen credentials less useful.
Block Telegram API at the firewall – Prevent outbound data exfiltration via Telegram bots.

Why it matters: Malware like PupkinStealer enables attackers to silently harvest sensitive data in real time.