Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide 

In what security experts are calling one of the largest credential theft campaigns in history, sophisticated threat actors have successfully exfiltrated over 3.2 billion login credentials and compromised approximately 23 million devices across six continents. 

Source: https://cybersecuritynews.com/threat-actors-stolen-over-3-2-billion-login-credentials/
  

Facebook discloses FreeType 2 flaw exploited in attacks 

Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks. 

Source: https://www.bleepingcomputer.com/news/security/facebook-discloses-freetype-2-flaw-exploited-in-attacks/
  

Sperm donation giant California Cryobank warns of a data breach 

US sperm donor giant California Cryobank is warning customers it suffered a data breach that exposed customers’ personal information. 

Source: https://www.bleepingcomputer.com/news/security/sperm-donation-giant-california-cryobank-warns-of-a-data-breach/
  

GitHub Action hack likely led to another in cascading supply chain attack 

A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. 

Source: https://www.bleepingcomputer.com/news/security/github-action-hack-likely-led-to-another-in-cascading-supply-chain-attack/
  

Western Alliance Bank notifies 21,899 customers of data breach 

Arizona-based Western Alliance Bank is notifying nearly 22,000 customers their personal information was stolen in October after a third-party vendor’s secure file transfer software was breached. 

Source: https://www.bleepingcomputer.com/news/security/western-alliance-bank-notifies-21-899-customers-of-data-breach/
  

Critical RCE flaw in Apache Tomcat actively exploited in attacks 

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. 

Source: https://www.bleepingcomputer.com/news/security/critical-rce-flaw-in-apache-tomcat-actively-exploited-in-attacks/
  

China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation 

Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL. 

Source: https://thehackernews.com/2025/03/china-linked-mirrorface-deploys-anel.html
  

Malicious Android ‘Vapor’ apps on Google Play installed 60 million times 

Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information. 

Source: https://www.bleepingcomputer.com/news/security/malicious-android-vapor-apps-on-google-play-installed-60-million-times/
  

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions 

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions. 

Source: https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html
  

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts 

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. 

Source: https://www.bleepingcomputer.com/news/security/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts/   

 

  

Smarttech247