InfoSec Dot - Issue #83.⚠️ SK Telecom SIM Swap Alert | 📱 25M Customers Affected | 🛡️ Free Replacements Offered

In partnership with

Hello, Cybersecurity Enthusiasts!

A series of cybersecurity incidents are shaking industries worldwide, with organizations struggling to combat an increasing range of sophisticated attacks. From high-profile CEO arrests, such as the one of Veritaco's Jeffrey Bowie, to the exploitation of SAP zero-day vulnerabilities, the cybersecurity landscape is rapidly evolving. Recent breaches like the SK Telecom malware attack and ongoing threats targeting AirPlay devices are only a few examples, all reflecting an alarming trend of insider threats, ransomware, and advanced cyberattacks.

These events underline the urgent need for heightened security measures across all sectors, with enterprises urged to implement critical patches and improve defensive strategies. As AI technologies continue to integrate into corporate infrastructures, organizations must stay ahead of attackers looking to exploit every possible weakness, including bypassing multi-factor authentication and targeting AI models. With vulnerabilities becoming increasingly complex, businesses must invest in robust cybersecurity systems to protect their data, assets, and customer trust.

Stay ahead with these vital updates to fortify your security posture.

The news source that doesn’t cater to your beliefs. Or try to sell you theirs.

Instead, Ground News shows you how the left, center, and right cover the same story—so you can easily compare reporting and get a well-rounded perspective on the issues that matter to you.

Features like the Blindspot Feed, highlighting stories underreported by the left or the right, are crucial in the age of the algorithm, where what you don’t see can shape your perception just as much as what you do see.

Join hundreds of thousands of readers from all political persuasions who use Ground News to see the news, the world, and themselves a little clearer.

Start your free trial today

🗓️ What’s New

Cybersecurity CEO Arrested for Malware Attack on Hospital

Jeffrey Bowie, CEO of Veritaco, was arrested for allegedly planting malware on hospital systems to capture screenshots and transmit them externally. He now faces charges under Oklahoma’s Computer Crimes Act. Read More (3 min)

SAP Zero-Day Exploited by Initial Access Brokers

A critical SAP NetWeaver flaw (CVE-2025-31324) is being exploited to deploy webshells and gain remote access. Initial access brokers are suspected, and SAP urges urgent patching. Read More (3 min)

SK Telecom Offers Free SIM Replacements After USIM Data Breach

SK Telecom is providing free SIM card replacements to 25 million customers following a malware attack that compromised USIM data. Due to limited inventory, only 6 million SIMs are available through May. The company has enhanced its Fraud Detection System and SIM Protection Service to prevent unauthorized number ports. Read More (4 min)

Google Reports 75 Zero-Day Exploits in 2024, 44% Targeted Enterprise Products

Google's Threat Intelligence Group observed 75 zero-day vulnerabilities exploited in 2024, down from 98 in 2023. Notably, 44% targeted enterprise technologies, especially security and networking products, indicating a shift in attacker focus. ​Read More (4 min)

Account Takeovers Surge via Session Hijacking, Bypassing MFA

A new report from Flare reveals that over 100,000 accounts are exposed monthly across sectors like e-commerce and streaming, with a median takeover rate of 1.4%. Attackers increasingly use session hijacking to bypass MFA, leading to significant fraud and customer churn. Read More (5 min)

Palo Alto Launches Prisma AIRS to Secure Enterprise AI Ecosystems

Palo Alto Networks has introduced Prisma AIRS, an AI security platform designed to protect enterprise AI applications, models, and agents. Features include AI model scanning, posture management, red teaming, and runtime protection against threats like prompt injection and data leaks. The platform aims to provide comprehensive security as organizations increasingly adopt AI technologies. ​Read More (3 min)

AirBorne Flaws Expose Millions of AirPlay Devices to Remote Hijacking

A collection of vulnerabilities known as "AirBorne" has been discovered in Apple's AirPlay protocol, affecting millions of devices—including third-party gadgets like speakers, TVs, and CarPlay systems. Hackers on the same Wi-Fi network can exploit these flaws to execute malicious code, potentially hijacking devices, deploying malware, or conducting espionage. While Apple has patched its own devices, many third-party devices remain unpatched, posing ongoing security risks. ​Read More (4 min)

🔗 Quick Links

• Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities

• WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy

• DDoS attacks jump 358% compared to last year

• 4chan is back online says its been starved of money

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot