Cyber Briefing: 2025.02.03

👉 What’s happening in cybersecurity today?

GitHub, Trusted Infrastructure, Lumma Stealer Malware, Arm, Critical Vulnerabilities, Mali GPU Drivers, AWS, Azure, Infrastructure Laundering, WantToCry Ransomware, Server Message Block Services, Fake Google Ads Campaign, Microsoft Advertisers, Login Credentials, Meta, WhatsApp, Zero-Click, Spyware Attack, Journalists, Activists, Casio UK, Double-Entry Skimming Attack, Community Health Center, Kenya, Business Registration Services, Yazoo Valley Electric, Texas, DeepSeek RedNote, Lemon8, Security Risks, Poland, Former Justice Minister, Spyware Investigation, U.S., Dutch Agencies, Pakistan, Cybercrime Network, Linus Torvalds, Linux 6.14-rc1, PyPI, Project Archival, Security, Transparency.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

🚨 Cyber Alerts

1. Lumma Stealer Exploits GitHub Repositories

Cybersecurity researchers have uncovered a sophisticated campaign exploiting GitHub’s trusted infrastructure to distribute the Lumma Stealer malware. The malware, which targets sensitive data such as credentials and cryptocurrency wallets, is distributed through files disguised as legitimate software. Once downloaded, Lumma Stealer initiates malicious activities, including data exfiltration, the deployment of additional malware payloads, and the establishment of persistence mechanisms.

2. Arm Discloses Critical Flaws in Mali GPUs

Arm has disclosed critical security vulnerabilities affecting its Mali GPU kernel drivers and firmware, impacting multiple GPU architectures, including Bifrost, Valhall, and the 5th Gen. One of these vulnerabilities, CVE-2024–4610, has been exploited in the wild, raising urgency for users to update their systems. Arm recommends immediate updates to the latest driver versions, as these flaws could lead to system crashes, information…