InfoSec Dot - Issue #57. 🔒 TorNet Backdoor Exposes Infostealers 🕵️‍♂️ | Apple iPhone Hack Alert 🚨 | USPS Fraud via Malicious PDFs 📑

In partnership with

Hello, Cybersecurity Enthusiasts!

Welcome to today’s edition of InfoSec Dot, where we bring you the latest cybersecurity updates. In this issue, we cover the emergence of TorNet, a new Tor-based backdoor malware that stealthily deploys infostealers, causing significant concern among security experts.

We also highlight other alarming developments like Apple's zero-day exploit targeting iPhone users, malicious PDFs posing as USPS in phishing scams, and DeepSeek’s ongoing cyberattack fallout.

Stay informed with these crucial updates to strengthen your cybersecurity defenses against evolving threats.

Cut Through Noise with The Flyover!

The Flyover offers a refreshing alternative to traditional news.

We deliver quick-to-read, informative content across sports, business, tech, science, and more that cuts through the noise of mainstream media.

The Flyover's talented team of editors meticulously collects the day's most important news, ensuring you stay informed on top stories and equipped to win your day.

Join over 950,000 savvy readers and leaders who trust The Flyover to provide unbiased insights, sourced from hundreds of outlets!

Subscribe with One Click!

🗓️ What’s New

SLAP & FLOP Attacks Expose Apple M-Series Chips
Newly discovered SLAP and FLOP attacks exploit vulnerabilities in Apple’s M-series chips, potentially allowing attackers to extract sensitive data. These side-channel attacks highlight emerging threats to modern chip security. Read More (4 Mins)

Apple's First Zero-Day of 2025 Hits iPhone Users
Hackers are actively exploiting Apple's first zero-day vulnerability of 2025, targeting iPhone users. Apple has released emergency patches to mitigate the threat, urging users to update their devices immediately. Read More (3 Mins)

DeepSeek Disrupted by Cyberattack as New Vulnerabilities Surface
AI research group DeepSeek has blamed a recent service disruption on a cyberattack, as researchers uncover new security vulnerabilities. The incident raises concerns about the security of AI platforms and their susceptibility to emerging threats. Read More (2 Mins)

Hackers Use Malicious PDFs to Impersonate USPS in Mobile Phishing Scam
Cybercriminals are leveraging fake USPS delivery notifications embedded in malicious PDFs to trick mobile users into revealing sensitive information. This phishing campaign highlights the growing sophistication of mobile-targeted cyber threats. Read More (3 Mins)

OpenAI Investigates DeepSeek Over Potential AI Model Theft
OpenAI has launched an investigation into DeepSeek for allegedly using its proprietary AI models without authorization. This probe raises concerns about intellectual property risks in the AI industry and the security of foundational models. Read More (7 Mins)

Dealing with 'Humanless' SOC Challenges
Security Operations Centers (SOCs) increasingly rely on automation, but poorly designed processes can lead to inefficiencies and missed threats. This guide explores strategies to handle flawed SOC automation and improve cybersecurity response. Read More (5 Mins)

🔗 Quick Links

• Hundreds of fake Reddit sites push Lumma Stealer malware

• Europeans targeted with new Tor-using backdoor and infostealers

• Azure Security Best Practices for Small to Medium-Sized Businesses

• Network security tool defects are endemic, eroding enterprise defense

• New ransomware group Funksec is quickly gaining traction

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot