July 31, 2025 – Cyber Briefing

First time seeing this? Join us on Substack!

🚨 Cyber Alerts

1. Choicejacking Attack Steals Phone Data

A new cybersecurity threat called Choicejacking bypasses existing smartphone safeguards, tricking devices connected to public chargers into granting data access without the user’s knowledge. This attack happens faster than a person can blink, reinforcing expert advice to avoid using public USB ports for charging.

2. Hackers Exploit WordPress Theme Flaw

A critical vulnerability in the “Alone” WordPress theme, tracked as CVE-2025–5394, is being actively exploited by threat actors to take over websites. The flaw allows unauthenticated attackers to upload malicious files and execute code, so users must immediately update to theme version 7.8.5 to secure their sites.

3. Hackers Spread JSCEAL via Fake Crypto Apps

A new cybersecurity campaign uses fake cryptocurrency trading apps, promoted through thousands of Facebook ads, to distribute a malware called JSCEAL. This sophisticated malware, built from compiled JavaScript, steals sensitive data like credentials and crypto wallets while giving attackers extensive control over the victim’s computer.

💥 Cyber Incidents

4. GLOBAL GROUP Ransomware Hits Albavisión

The newly emerged GLOBAL GROUP ransomware gang claims to have attacked the Miami-based media giant Albavisión, stealing 400 GB of data and giving the company 15 days to negotiate. This group distinguishes itself by using AI-driven chatbots for negotiations and has rapidly targeted 29 victims across various sectors since its debut in June 2025.

5. Minnesota State Capital Under Cyberattack

The city of St. Paul, Minnesota, has shut down its government networks in response to a significant cyberattack, prompting the governor to activate the National Guard to aid in recovery. This deliberate attack by a sophisticated external actor has disrupted numerous city services, though officials state 911 remains operational and their primary concern is protecting employee data.

6. SafePay Ransomware Threatens Ingram Micro

The SafePay ransomware gang is threatening to release 3.5TB of data allegedly exfiltrated from the systems of IT giant Ingram Micro. While Ingram Micro swiftly recovered from the operational outage caused by the attack, it has not officially confirmed the data breach or the identity of the attackers.

📢 Cyber News

7. Chinese Firms Tied to Silk Typhoon Patents

Chinese companies connected to the state-sponsored hacking group Silk Typhoon (Hafnium) have filed more than fifteen patents for sophisticated cyber espionage tools. This research exposes a state-contracted ecosystem where private firms develop offensive capabilities, such as encrypted data collection and remote device access, for China’s Ministry of State Security.

8. FunkSec Ransomware Decryptor Released

Cybersecurity experts at Gen Digital have released a free decryptor for the FunkSec ransomware, allowing its victims to recover their files. The ransomware is now considered defunct, having shown no activity since March 2025, after claiming 172 victims primarily in the technology, government, and education sectors.

9. UNC2891 Hackers Breach ATMs

A financially motivated threat group, UNC2891, breached a bank’s ATM network by physically attaching a Raspberry Pi with a 4G modem to an internal switch, creating a persistent backdoor. They used sophisticated evasion tactics, including Linux bind mounts to hide their processes, and aimed to install a rootkit for fraudulent cash withdrawals before being detected through advanced forensic analysis.

For more news click here

Get Shield 360

💡 Cyber Tip

 Avoid Public USB Charging Ports to Block Choicejacking Attacks

Cybersecurity researchers have identified a new attack called Choicejacking, which allows malicious public chargers to trick smartphones into granting data access without the user’s consent. Unlike older juice jacking methods, this attack fakes user input to bypass security prompts in under 133 milliseconds. Once access is granted, attackers can steal data, view messages, and install malware..

✅ What you should do:

• Avoid using public USB charging stations at airports, hotels, cafés, or malls
• Carry your own charger and plug into a power outlet, not a public USB port
• Use a USB data blocker (USB condom) to prevent data transfer while charging
• Disable USB debugging mode and ensure device lock screens are secure
• Keep your OS and firmware up to date to patch known vulnerabilities

🔒 Why this matters:

Choicejacking bypasses the very safeguards users rely on to control data access. It turns public charging ports into silent attack vectors that exploit trust and speed. Protecting your phone means taking control of how and where you charge.

📚 Cyber Book

Secure Connections(2024) by William Q Miller

Get Book ➤https://amzn.to/3IV8Cr2

Click to See Events

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.