Top 5 Cybersecurity News Stories May 30, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

Cybercriminals are exploiting the popularity of AI tools by distributing malware disguised as installers for platforms like ChatGPT and InVideo AI. Cisco Talos reports these campaigns deploy threats such as CyberLock ransomware, Lucky_Gh0$t (a Chaos variant), and Numero, a destructive malware that disrupts system interfaces.

Using fake websites and SEO poisoning (e.g., novaleadsai[.]com), attackers target professionals seeking free AI tools. CyberLock demands $50,000 in Monero, while Lucky_Gh0$t embeds legitimate Microsoft files to avoid detection. These incidents highlight the increasing cybersecurity risks associated with the adoption of AI tools. Users should download only from trusted, verified sources.

Source: The Hacker News

2. Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers

Cybercriminals are exploiting employees’ online searches for payroll portals by deploying SEO poisoning tactics. Malicious actors create deceptive websites that mimic legitimate payroll login pages, particularly targeting mobile devices. These counterfeit sites harvest user credentials, enabling attackers to access payroll systems and redirect paychecks to their own accounts.

The campaign utilizes compromised home routers and mobile networks to mask malicious traffic, complicating detection. By leveraging residential IP addresses and targeting less-secure mobile devices, attackers effectively bypass traditional security measures. Organizations are advised to enhance mobile security protocols and educate employees on verifying website authenticity.

Source: The Hacker News

3. Adidas warns of data breach after customer service provider hack

Adidas has disclosed a data breach resulting from a cyberattack on one of its third-party customer service providers. The breach exposed certain consumer data, specifically contact information of individuals who had previously engaged with Adidas’ customer service. Crucially, no payment-related information or passwords were compromised. Upon discovery, Adidas promptly initiated containment measures and launched a comprehensive investigation in collaboration with leading information security experts.

The company is in the process of notifying affected customers and has informed relevant data protection and law enforcement authorities, in accordance with applicable laws. Adidas has not disclosed the identity of the compromised service provider, the number of affected individuals, or whether its internal systems were impacted. This incident underscores the cybersecurity risks associated with third-party service providers and highlights the importance of robust vendor risk management practices.

Source: BleepingComputer

4. Victoria’s Secret takes down website after security incident

Victoria’s Secret has temporarily taken down its U.S. website and limited certain in-store services due to a security incident. The company has not disclosed specific details about the nature of the breach but has engaged third-party cybersecurity experts and activated its incident response protocols. While physical Victoria’s Secret and PINK stores remain operational, online order fulfillment, returns processing, and customer care services have been affected.

To accommodate impacted customers, the retailer is extending return windows and coupon validity. Internal operations have also been disrupted, with reports of employees losing access to email systems. The incident has led to a decline in the company’s stock price, reflecting investor concerns over the breach’s impact. This event underscores the vulnerabilities retailers face in the digital age and the importance of robust cybersecurity measures.

Source: BleepingComputer

5. US sanctions Philippines digital infrastructure provider linked to virtual currency scams

The U.S. Treasury has imposed sanctions on Funnull Technology Inc., a Philippines-based digital infrastructure provider, for allegedly facilitating large-scale virtual currency scams known as “pig butchering.” These schemes deceive individuals into investing in fraudulent cryptocurrency platforms. Funnull is accused of bulk-purchasing Internet Protocol addresses and reselling them to cybercriminals who operate deceptive websites.

Chinese national Liu Lizhi, identified as an administrator of Funnull, has also been sanctioned. Cybersecurity firm Silent Push and blockchain analytics company Chainalysis have linked Funnull to numerous scam, gambling, and money laundering websites. The proliferation of such scams, often orchestrated by organized crime groups and enhanced by generative algorithms, underscores the escalating cybersecurity threats associated with virtual currencies.

Source: Reuters

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!