Dec 03, 2025

Email 1 Summary:

Subject: European authorities dismantle the Cryptomixer service that laundered illicit Bitcoins

– Europol and Swiss/German police dismantled Cryptomixer, a cryptocurrency mixing service used by cybercriminals to launder over €1.3 billion since 2016.

– Operation Olympia led to seizure of €25 million in bitcoin, servers, domain, and data.

– Cryptomixer was used for laundering proceeds from drug trafficking, ransomware, weapons sales, and payment-card fraud.

– India orders smartphone makers to preload a government security app “Sanchar Saathi” on new phones, which cannot be deleted, raising privacy concerns.

– Indian telecom also mandates messaging apps to link user accounts to SIM cards within 90 days.

– South Korea launches investigation into massive Coupang data breach compromising 34 million users, with potential punitive damages.

– DPRK hackers target South Koreans with fake tax invoice malware disguised as PDFs.

– A campaign dubbed “ShadyPanda” infected millions of Chrome/Edge users via malicious browser extensions over years.

– Iranian nation-state MuddyWater group deploying malware disguised as Snake game to evade detection.

– Google patches two actively exploited Android zero-day vulnerabilities.

– Several cybersecurity startups raised funding rounds.

– ICO scrutinizes 10 mobile games for privacy law violations.

– South Korea’s Coupang criticized for removing apology after massive breach.

Email 2 Summary:

Subject: Risky Bulletin: India orders IM apps to link user accounts to SIM cards

– India mandates all online messaging apps to link accounts to SIM cards within 90 days, classifying them as Telecommunication Identifier User Entities (TIUEs).

– India also orders smartphone manufacturers to preinstall government cyber security app Sanchar Saathi on all new devices without option to disable.

– In South Korea, Coupang data breach exposed personal info of 33.7 million customers, with hackers threatening to expose breach unless security improves; no ransom demanded.

– Multiple cyber incidents reported: OpenAI data exposure via Mixpanel breach, French Football Federation hacked, ransomware on London councils.

– EU proposes “voluntary” approach to Chat Control CSAM scanning; social media ban proposed for under-16s without parental consent.

– New US bills proposed to deter cyber fraud and improve federal response to state-sponsored cyberattacks.

– Arrests: Australian “evil twin” WiFi hacker sentenced 7 years for phishing attacks; South Korean CCTV hackers detained; Russian hacker arrested in Poland.

– Cryptomixer cryptocurrency mixer seized by Europol; €25 million in assets confiscated.

– Numerous malware and APT updates, including MuddyWater targeting Israel/Egypt telecom and energy, and new Android malware called Albiriox.

– Various reports and tools released to bolster SMB cybersecurity and AI security.

Email 3 Summary:

Subject: Safely Adopt GenAI with Zero Trust + AIs

– Generative AI adoption increases enterprise productivity but introduces significant risks, including data leaks and AI-powered cyberattacks.

– Reported 1.3 million social security numbers leaked to AI apps; ChatGPT and Microsoft Copilot saw nearly 3.2 million data violations.

– Advocates rethinking AI security with Zero Trust architecture combined with AI threat protection.

– Zscaler offers Zero Trust + AI platform to reduce AI data loss risks and protect against AI attacks, ensuring productivity and compliance.

– Related resources and reports published by Zscaler to educate on secure AI adoption.

Email 4 Summary:

Subject: Malicious browser extensions waited years before infecting users

– Koi Security discovered a cybercriminal campaign dubbed “ShadyPanda” that infected 4.3 million Chrome and Edge users via malicious browser extensions over a 7-year period.

– Extensions initially appeared legitimate and built trust before turning malicious in mid-2024.

– Malicious extensions executed hourly remote code execution, monitored browsing, exfiltrated encrypted history, and collected browser fingerprints.

– Extensions removed from stores, but already infected users remain vulnerable.

– New “Albiriox” Android malware-as-a-service targets 400+ banking and crypto apps using VNC and overlay attacks.

– Iranian group MuddyWater targets government, telecom, energy sectors in Israel and Egypt; delivering RMM tools via spear-phishing.

– MuddyWater may act as initial access broker for other Iranian groups.

– Sponsored webinars on AI security and tokenization announced.

Email 5 Summary:

Subject: Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors

– Recent news highlights include:

– $29 million worth of Bitcoin seized in Cryptomixer takedown.

– Chrome and Edge browser extensions involved in tracking users, creating backdoors.

– Android zero-day vulnerabilities patched in December 2025 update.

– New Android malware “Albiriox” by Russian cybercriminals targets banking and crypto apps.

– Security breaches include theft of 33.7 million records from South Korean retailer Coupang.

– Discussion of infosec challenges such as AI-driven phishing, identity fraud, and disjointed communication in cybersecurity teams.

– Articles analyze behavioral detection methods, AI’s role in phishing, and boardroom cybersecurity integration.

– Various major recent cybersecurity incidents and updates reported.

– SecurityWeek offers expert insights and event lineups related to cybersecurity trends and practices.

Stay Well!