DEV Community

Cover image for Security news weekly round-up - 11th July 2025
Habdul Hazeez
Habdul Hazeez

Posted on

Security news weekly round-up - 11th July 2025

#security

Malware and vulnerabilities—the two ubiquitous threats that we have to deal with— do not appear to be a solved problem. It will be, because we humans can make mistakes, leading to a vulnerability. And some malware can exploit a vulnerability to wreak havoc on a computer or an organization's network.

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

Be careful what you click on in search results. If you need more convincing, it's this article. Here is what's going on: attackers created fake websites that show up in search results when users search for popular tools like PuTTY.

However, if you land on such a website, you'll be offered a trojanized version of PuTTY that can lead to a backdoor installation. Meanwhile, it's not just PuTTY, AI tools like OpenAI ChatGPT, DeepSeek, Cisco AnyConnect, and Google Drive are also used as bait.

There is no excerpt for this one, have fun reading the article.

eSIM Hack Allows for Cloning, Spying

There is no better summary of the article than the title itself. We can trace the article to 2019 when it was allegedly downplayed by Oracle and SIM card manufacturers at that time. Nonetheless, here we are again in 2025.

From the article:

Security Explorations, the research lab of Poland-based AG Security Research, has conducted an extensive analysis of eSIMs and eUICC and found vulnerabilities that could be exploited to clone a target’s eSIM and spy on their mobile communications.

Oracle does not seem very concerned about the latest research either, according to Security Explorations. However, the security firm believes the latest attack may have been prevented if Oracle had taken the 2019 bugs more seriously.

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

In this campaign, attackers leverage the user's trust in brands to lure them to download malware on their devices. What do they use? Social media platforms and platforms like Notion and GitHub.

Here is what's going on:

The elaborate social media scam has been for sometime now, with a previous iteration in December 2024 leveraging bogus videoconferencing platforms to dupe victims into joining a meeting under the pretext of discussing an investment opportunity after approaching them on messaging apps like Telegram.

Users who ended up downloading the purported meeting software were stealthily infected by stealer malware such as Realst.

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

In today's connected world, even cars are subject to hacking. Mind you, this is not new. Wired magazine detailed a similar attack in 2015.

From the article:

The PerfektBlue hack has been demonstrated against recent infotainment models shipped with Mercedes-Benz, Skoda, and Volkswagen cars, as well as products made by another, unnamed OEM that was only recently made aware of the findings.

In order to conduct an attack, the hacker needs to be in range and able to pair their laptop with the targeted infotainment system over Bluetooth. In some cases pairing is possible without any user interaction, while in others pairing requires user confirmation, or it may not be possible at all.

Credits

Cover photo by Debby Hudson on Unsplash.

That's it for this week, and I'll see you next time.

Top comments (0)