July 11, 2025 – Cyber Briefing

👉 What’s the latest in the cyber world today?

Fake CNN/BBC sites promote global crypto scams, SureForms WordPress flaw allows full site takeover, and Telegram malware campaign uses fake AI firms to steal wallets. GMX crypto exchange loses $40M in breach, Microsoft Outlook suffers 19-hour outage, and Avantic Medical Lab data leaked by Everest ransomware. UK arrests 4 in £440M retailer attack, U.S. Air Force worker leaks secrets via dating app, and Russian basketball player arrested over ransomware links.

🚨 Cyber Alerts

1. Fake Sites Push Investment Scams

Cybercriminals are creating over 17,000 fake CNN, BBC, and CNBC websites to promote fraudulent cryptocurrency investment schemes by featuring fabricated stories with prominent figures. These scams, spanning over 50 countries, lure victims through deceptive ads to sophisticated fake platforms, ultimately stealing money and personal data while hindering withdrawals.

2. Severe WordPress Flaw Puts 200K Sites at Risk

A critical vulnerability in the SureForms WordPress plugin allows unauthenticated attackers to delete arbitrary files, potentially leading to full site takeover for over 200,000 installations. This flaw, stemming from inadequate input validation, can be exploited by crafting malicious form submissions that, when deleted by an administrator, remove critical files like wp-config.php, paving the way for remote code execution.

3. Fake Firms Push Malware on Crypto Users

Cybercriminals are targeting cryptocurrency users with an ongoing social engineering campaign, creating fake AI, gaming, and Web3 companies to distribute malware that drains digital assets from both Windows and macOS systems. These elaborate scams leverage spoofed social media accounts and professional-looking project documentation on platforms like Notion and GitHub to trick victims into downloading malicious software.

💥 Cyber Incidents

4. Microsoft’s Outlook Long Outage

Microsoft’s Outlook service experienced a massive, 19-hour global outage, impacting millions of users and highlighting recurring issues within Microsoft 365 services. This disruption raises concerns about the resilience of hyperscale cloud platforms, especially given increasing complexity and data loads.

5. $40M+ Stolen from GMX Crypto Platform

Decentralized exchange GMX suffered an exploit resulting in over $40 million in cryptocurrency being stolen, leading to the disabling of trading on the platform. In an unusual move, GMX offered the hacker a 10% bounty for the return of 90% of the stolen funds within 48 hours,

6. Avantic Lab Affected By Ransomware

The Everest Group ransomware gang leaked 31 GB of patient data from Avantic Medical Lab on July 3rd, after an initial threat and countdown clock on June 10th. The stolen data, dating back to 2018 and including sensitive personal and medical information.

📢 Cyber News

7. Russian Pro-Player Arrested in Ransomware

Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States, accused of acting as a negotiator for a ransomware gang. He is currently awaiting extradition to the US to face charges, with his lawyer maintaining his innocence and attributing the allegations to a second-hand computer.

8. Four Arrested in £440M Cyber Attack

The U.K. National Crime Agency (NCA) has arrested four individuals in connection with cyber attacks on Marks & Spencer, Co-op, and Harrods, believed to be orchestrated by the notorious cybercrime group Scattered Spider, also known as DragonForce. These arrests, including two 19-year-olds, a 17-year-old, and a 20-year-old woman,

9. Lovestruck Airman Leaks Secrets on App

A US Air Force employee has pleaded guilty to conspiring to transmit confidential national defense information. He shared military secrets about the Russia-Ukraine war with a woman he met on a dating app.

For more news click here

Get Shield 360

💡 Cyber Tip

Watch Out for Fake News Sites Promoting Crypto Scam

Cybercriminals have created more than 17,000 fake news websites impersonating trusted outlets like CNN, BBC, and CNBC to promote fraudulent crypto investment platforms. These fake pages feature fabricated stories using well-known public figures to lure users into registering and depositing money on scam platforms. Victims are shown fake profits and manipulated dashboards to encourage further deposits, only to face delays and barriers when attempting to withdraw their funds.

✅ What you should do:

• Always verify the URL before trusting news content or clicking investment links.
• Avoid clicking on investment ads promoted through search engines or social media without independent verification.
• Be suspicious of any investment platform promising guaranteed returns or featuring public figures endorsing crypto schemes.
• Do not share personal documents or IDs unless you have confirmed the platform’s legitimacy.
• Report fake news sites or suspicious investment platforms to cybersecurity authorities or consumer protection agencies.

🔒 Why this matters:

These scams are global, professionally designed, and built to exploit trust in major brands and media outlets. Once you provide personal data or funds, recovering either can be extremely difficult. Staying skeptical and verifying sources is your best defense.

📚 Cyber Book

Financial Cybersecurity Risk Management by Paul Rohmeyer, Jennifer L. Bayuk

Get Book ➤https://amzn.to/3ZFdcgN

Click to See Events

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.