{"uuid": "772a090b-97a8-4275-924c-030ae14acc5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4427", "type": "exploited", "source": "https://t.me/CyberUnderworlds/7", "content": "\ud83c\udf11 @CyberUnderworlds | Shadows of the Digital Realm \ud83c\udf11\nMay 27, 2025 \u2013 In the silent pulse of cyberspace, threats weave their intricate dance. Here\u2019s the latest from the frontlines of the digital underworld:\n\n\ud83d\udd0d China\u2019s Silent Strike: The UNC5221 group exploits Ivanti Endpoint Manager flaws (CVE-2025-4427, CVE-2025-4428), infiltrating critical sectors across Europe, North America, and Asia-Pacific. Espionage executed with surgical precision.\n\n\ud83c\uddf7\ud83c\uddfa APT28\u2019s Shadow Play: Russian hackers target NATO-aligned logistics and tech firms aiding Ukraine, wielding malware, phishing, and seven CVEs to spy on vital aid routes.\n\n\ud83d\udc89 Lumma\u2019s Global Plague: 394,000 Windows devices fall to Lumma malware. From Booking.com phishing scams to crypto wallet heists, this digital scourge spares no one.\n\n\ud83c\uddec\ud83c\udde7 UK Retail Under Siege: Scattered Spider is suspected in attacks on Marks & Spencer, Co-op, and Harrods. Customer data stolen, though payment details and passwords remain secure\u2014for now.\n\n\ud83d\udcb0 Coinbase\u2019s Costly Breach: Hackers bribed rogue support agents, siphoning customer data and causing $45M in losses with $400M in damages. Coinbase rejected a $20M ransom, offering a bounty instead.\n\n\ud83e\udd16 AI Ascends as Top Threat: Arctic Wolf\u2019s 2025 Trends Report crowns AI, including LLMs, as the new king of cybersecurity fears, dethroning ransomware.\n\n\u26a0\ufe0f Critical Exploits: Firefox (CVE-2025-4918, CVE-2025-4919) and Chrome (CVE-2025-4664) vulnerabilities are actively exploited for data theft and remote code execution. Patch now, or pay the price later.\n\n@CyberUnderworlds \u2013 #CyberUnderworlds", "creation_timestamp": "2025-05-27T05:05:05.000000Z"}