Top 5 Cybersecurity News Stories March 07, 2025

By Editorial Team | March 7, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Germany fined €34 million for late whistleblower protection

The European Court of Justice (ECJ) has fined Germany €34 million for failing to implement the EU’s whistleblower protection directive on time. The directive, designed to safeguard whistleblowers from reprisals, was to be adopted by the end of 2021.

Germany’s Whistleblower Protection Act only came into force in July 2023. The Czech Republic, Hungary, Luxembourg, and Estonia were also fined for similar delays.

2. EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The threat actor EncryptHub has been linked to sophisticated phishing campaigns deploying ransomware and information stealers, while also developing a new tool, EncryptRAT. Active since June 2024, EncryptHub uses trojanized apps, SMS, and voice phishing to target over 618 organizations.

The group also employs Pay-Per-Install services to expand its reach. Their tactics highlight the need for robust security strategies.

3. U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations

The U.S. Department of Justice has charged 12 Chinese nationals for a global cyberespionage campaign targeting critics of the Chinese government. The accused include officers from China’s Ministry of Public Security and employees of Anxun Information Technology (i-Soon).

Using advanced hacking tools, they infiltrated organizations worldwide, stealing data and suppressing dissent. The DoJ also seized domains linked to the group and offered rewards for information.

4. Cybercrime ‘crew’ stole $635,000 in Taylor Swift concert tickets

Two former employees of Sutherland Global Services, Tyrone Rose and Shamara Simmons, have been charged for stealing nearly 1,000 tickets worth $635,000 from StubHub. Most tickets were for Taylor Swift’s Eras Tour, with others for Ed Sheeran, Adele, NBA games, and the US Open.

The duo exploited a loophole to redirect ticket links. They face charges including grand larceny and computer tampering.

5. Malicious Chrome extensions can spoof password managers in new attack

Researchers at SquareX Labs have uncovered a “polymorphic” attack that lets malicious Chrome extensions disguise themselves as other extensions, including password managers and banking apps, to steal data.

The attack exploits the ‘chrome.management’ API to detect and disable legitimate extensions, replacing them with phishing copies. SquareX has alerted Google but no defenses are in place yet.