XStore Documentation

May 23, 2025 โ€“ Cyber Briefing

๐Ÿ‘‰ What are the latest cybersecurity alerts, incidents, and news?

Vidar spreads via TikTok videos, ZeroCrumb malware steals browser cookies, and a Commvault zero-day risks Microsoft 365 backups. Cetus loses $223M in a crypto hack, ransomware hits Marlboro-Chesterfield Pathology and United Food and Commercial Workers, and DanaBot operators face DOJ charges. The FTC probes Googleโ€™s AI chatbot for kids, the SEC charges Unicoin in a $110M fraud scheme, and Tor updates enhance privacy protections.

Listen to the full podcast


๐Ÿšจ Cyber Alerts

1. TikTok Videos Spread Vidar StealC Malware

Cybercriminals are using TikTok videos in ClickFix attacks to spread Vidar and StealC infostealer malware. These videos often AI generated trick users into running PowerShell commands for supposed software activation. The commands install malware like Vidar or StealC which steal credentials, crypto wallets and other data. Trend Micro reports this campaign uses TikTokโ€™s reach highlighting risks of social media based malware distribution.

2. New ZeroCrumb Malware Steals Browser Cookies

New ZeroCrumb infostealer malware distributed via GitHub targets popular browsersโ€™ cookies to steal authentication data. It bypasses User Account Control (UAC) alerts and standard security without admin rights to hijack web sessions and accounts. ZeroCrumb uses Transacted Hollowing and named pipes to decrypt keys and access encrypted cookie data. This malware mimics legitimate browser processes making detection difficult posing a significant widespread threat.

3. CISA Commvault ZeroDay Flaw Risks Secrets

CISA warned that threat actors accessed client secrets for Commvaultโ€™s Metallic Microsoft 365 backup solution. This breach by a nation state actor exploited a zero-day vulnerability in Commvaultโ€™s Web Server. Attackers gained unauthorized access to customersโ€™ Microsoft 365 environments though Commvault says no backup data was hit. CISA mandates federal patches and urges all users to implement its detailed mitigation guidance immediately.

For more alerts, click here!

๐Ÿ’ฅ Cyber Incidents

For more incidents, click here!

Click to See Tools

๐Ÿ“ข Cyber News

For more news, click here

๐Ÿ“ˆCyber Stocks

On May 22, 2025, cybersecurity stocks advanced: Zscaler gained 1.65% to $252.82, CrowdStrike rose 2.15% to $444.07, Palo Alto Networks increased 2.69% to $186.14, Fortinet added 0.76% to $103.62, and SentinelOne climbed 2.01% to $19.79.

๐Ÿ’ก Cyber Tip

Click to Check Events

Copyright ยฉ 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

SubstackLinkedInTwitterRedditInstagramFacebookYouTube, and Medium.

Get Help

Online Scam Prevention & Recovery

Schedule a free consultation

A free 15-min cybersecurity consultation