InfoSecBulletin Cybersecurity for mankind
Ransomware groups claimed the highest number of attacks in May, but experts believe the claims might be exaggerated.
Last month, ransomware gangs posted 450 victims to their extortion sites, which is an increase compared to the 328 victims in April. The highest number of attacks ever recorded was 484, posted by groups in July 2023.
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
CISA Adds 3 Ivanti Endpoint Manager Bugs to KEV
Ransomware Attacks Set Records in February: New Data Shows
Cyber attack at Japanese telecom leader NTT hits 18,000 companies
Cyber heist: Pune losses Rs 6007 crore in cyber scam
Over a third of last month’s attacks were linked to LockBit, a group that had its website seized by law enforcement in February. Some leaders of the group claim that the takedown did not completely stop their activities, and LockBit is still operating.
LockBit has claimed to have attacked many organizations lately. However, cybersecurity experts doubt these claims and believe it’s a public relations strategy to reassure partners that their operations are running smoothly.
Allan Liska, a ransomware expert from Recorded Future, tracks and analyzes data from extortion sites, government agencies, news reports, and hacking forums. Many attacks listed on the site seem to be duplicates or old attacks that were never posted on the extortion site to begin with.
“The problem is that it is often difficult to determine what is real and what is made up as a way for LockBit to save face… Criminals are, to put it gently, unreliable narrators when it comes to victim reporting.”
