BotNet News

Cyberthreat News is our weekly roundup of significant and noteworthy cybersecurity incidents from the past week. In this edition, most threats didn’t rely on new tricks—they simply required familiar systems behaving exactly as they were designed, but in the wrong hands. These stories trace how a little friction and misplaced trust opened doors that wouldn’t have been open otherwise.

January 2025: Suspected Russian hackers targeted Kazakh diplomatic entities with spearphishing campaigns that imbedded malware within diplomatic documents, primarily those related to trade and economic agreements. These attacks enabled attackers to obtain the necessary credentials for follow-on data theft, reconnaissance, and espionage activities.

February 2025: A pro-Russian hacking group claimed responsibility for a DDoS attack that knocked several major U.S. airports offline, impacting services and website availability. This is the first time that pro-Russian hackers have successfully disrupted public services in a country with a large population.

April 2025: Norway formally attributed an attack on the Bremanger Dam to Russia in retaliation for European support of Ukraine. The hackers seized control of the facility, sent a malicious signal that halted operations, and played a recording of the national anthem.

June 2025: Researchers uncovered a massive trove of Chinese data, including more than 4 billion user records on platforms like WeChat and Alipay. The data trove was allegedly collected by state-linked actors for mass profiling and surveillance.

November 2025: Researchers spotted a new ransomware strain called Osiris, which uses a method known as bring your own vulnerable driver to disable security software. It has been compared to the notorious Locky ransomware, but its authors have not been identified.