- Mycomputerspot Security Newsletter
- Posts
- Weekly One-Shot: April 13 – April 19, 2025
In partnership with
Before we dive in, I would like to thank all of you for supporting us with your subscription! My goal is to bring both actionable insights and easy-to-digest information regarding cybersecurity threats to non-tech and technical professionals alike. If this sounds like something that would help someone you know, please share the newsletter!
Stay up-to-date with AI
The Rundown is the most trusted AI newsletter in the world, with 1,000,000+ readers and exclusive interviews with AI leaders like Mark Zuckerberg, Demis Hassibis, Mustafa Suleyman, and more.
Their expert research team spends all day learning what’s new in AI and talking with industry experts, then distills the most important developments into one free email every morning.
Plus, complete the quiz after signing up and they’ll recommend the best AI tools, guides, and courses – tailored to your needs.
Attackers didn't take it easy this week, with critical exploits, sophisticated ransomware strikes, and alarming breaches highlighting vulnerabilities across industries.
Let's unpack these threats:
🔎 This Week in Cybersecurity
1. Apple Emergency Patches for Two Actively Exploited iOS Vulnerabilities
Urgent patches released for critical iOS flaws actively exploited in the wild. Immediate update recommended.
April 17 Newsletter
2. DaVita Kidney Dialysis Firm Hit by Ransomware Attack
Healthcare firm DaVita suffered a weekend ransomware strike, disrupting services and potentially exposing patient data.
April 17 Newsletter
3. Hackers Retain Access to Patched FortiGate VPNs Using Symlinks
Fortinet revealed threat actors maintaining persistent access to patched VPN appliances through sophisticated symlink abuse.
April 15 Newsletter
4. ResolverRAT Campaign Targets Healthcare and Pharma
Sophisticated phishing leveraging DLL side-loading techniques delivers ResolverRAT, specifically targeting healthcare and pharmaceutical sectors.
April 15 Newsletter
5. CISA Alert on Legacy Oracle Cloud Compromise Risks
CISA warns organizations about growing threats stemming from compromised legacy Oracle Cloud infrastructure.
April 17 Newsletter
6. Phishing Campaigns Validate Victim Emails Before Theft
Attackers now validate emails in real-time before stealing credentials, significantly increasing phishing effectiveness.
April 15 Newsletter
7. Google Adds Android Auto-Reboot to Block Unauthorized Data Extraction
New Android security feature introduced to prevent unauthorized forensic data extractions by periodically auto-rebooting devices.
April 17 Newsletter
8. AI-Hallucinated Code Dependencies Create Supply Chain Risks
AI-generated erroneous code dependencies present new risks to software supply chains, potentially leading to security weaknesses.
April 15 Newsletter
9. Hertz Confirms Customer Data Stolen in Breach
Hertz suffered a breach exposing sensitive customer information, including drivers' licenses and personal details.
April 15 Newsletter
10. State-Sponsored Hackers Using "ClickFix" Tactic
Nation-state attackers employ advanced "ClickFix" social engineering tactics, tricking users into compromising their accounts.
April 17 Newsletter
🔥 Biggest Threat This Week
Critical Erlang/OTP SSH Vulnerability Allows Remote Code Execution (CVSS 10.0)
A severe SSH vulnerability in Erlang/OTP could enable attackers to remotely execute code without authentication, putting countless servers at imminent risk of compromise. Given its maximum severity score (CVSS 10.0), immediate patching is vital.
Risk Level: Critical
MITRE Tactics: Initial Access, Execution, Lateral Movement
Action Steps: Immediately apply patches, monitor SSH traffic closely, and audit all potentially affected systems.
April 17 Newsletter
🛠️ Training Recommendation
Hack The Box - Infrastructure Penetration Testing
With threat actors targeting infrastructure vulnerabilities, mastering penetration testing techniques is critical. This hands-on training provides the skills needed to discover, exploit, and remediate infrastructure weaknesses, strengthening your defenses against attacks like COBALT MIRAGE.
Wrapping Up:
From critical remote exploits to evolving ransomware threats, the need for rapid response, robust patch management, and continuous training has never been clearer. Stay alert, patch diligently, and train consistently.
Stay secure,
J.W.
(P.S. Supporting our partners helps keep this newsletter running!)