InfoSecBulletin Cybersecurity for mankind
RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions like UCLA and TU Delft.
Recorded Futureʼs Insikt Group identified the campaign targeted universities in various countries like Argentina, Indonesia, Malaysia, Mexico, the Netherlands, Thailand, the United States, and Vietnam.
AWS SNS misused for Data Exfiltration and Phishing
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
According to the report, RedMike possibly targeted the following universities to access research in areas related to telecommunications, engineering, and technology, particularly at institutions like UCLA and TU Delft.
● Islamic University of Technology (IUT) — Bangladesh
● University of California, Los Angeles (UCLA) — US
● California State University, Office of the Chancellor (CENIC) — US
● Loyola Marymount University — US
● Utah Tech University — US
● Universidad de La Punta — Argentina
● Universitas Sebelas Maret — Indonesia
● Universitas Negeri Malang — Indonesia
● University of Malaya — Malaysia
● Universidad Nacional Autonoma — Mexico
● Technische Universiteit Delft — The Netherlands
● Sripatum University — Thailand
● University of Medicine and Pharmacy at Ho Chi Minh City — Vietnam
On the other hand, a sophisticated malware campaign is targeting military and government entities in Bangladesh. It uses social engineering to deliver malicious files disguised as official documents, aiming to infiltrate secure networks, steal credentials, and access sensitive systems.
Threat Intelligence Community of Bangladesh warns that a malware campaign is exploiting the critical WinRAR vulnerability (CVE-2023-38831) in versions before 6.23. This vulnerability allows malicious files, like 508.rar, to execute arbitrary code on affected systems, which may lead to unauthorized access or malware installation.
This campaign emphasizes the ongoing cyber threats to Bangladesh’s critical sectors. Experts urges all entities to be more vigilant and take proactive security measures.
Malware campaign target Bangladeshi Government Entities: Report
