Threat Briefing: March 21, 2025

One way to counter cyber threats is by adopting emerging technologies like post-quantum cryptography. Cloudflare recently announced plans to implement this technology to enhance the security of its customers’ traffic.

Advances in technology often force cyber threat actors to adapt their tactics or shift their targets. For example, recent updates to certain browsers on Windows devices led threat actors to focus more on macOS users.

Both cyber attackers and defenders continually seek ways to leverage new technologies to gain an advantage in the evolving cybersecurity landscape.

• Cloudflare’s Quantum Leap in Cybersecurity – Cloudflare has strengthened its cloud security services by incorporating post-quantum cryptography into its Zero Trust Network Access solution. This enhancement safeguards data transmitted between web browsers and corporate applications, ensuring resilience against future quantum computing threats. By partnering with industries like banking, telecommunications, and government, Cloudflare is making advanced cryptographic protections accessible to all, offering them at no additional cost across its products. CyberScoop
• ClearFake Campaign Infects Over 9,300 Websites with Information-Stealing Malware – The ClearFake campaign has compromised more than 9,300 websites to spread information-stealing malware. Unsuspecting visitors are lured in by deceptive prompts, such as fake reCAPTCHA verifications, tricking them into downloading malicious software like Lumma Stealer and Vidar Stealer. This sophisticated operation leverages advanced techniques, including interactions with the Binance Smart Chain, to enhance its resilience and evade detection. The continuous evolution of ClearFake highlights the urgent need for users to stay cautious and for website administrators to strengthen their security defenses. The Hacker News
• Nearly 8,000 New WordPress Vulnerabilities Discovered in 2024 – In 2024, approximately 8,000 new vulnerabilities were uncovered in WordPress, with 96% found in plugins and 4% in themes. While many of these vulnerabilities were considered unlikely to be exploited, a notable portion posed real risks, particularly those that could be exploited without authentication. This increase underscores the need for plugin and theme developers to prioritize security and for website owners to stay proactive in updating and monitoring their platforms. SecurityWeek
• 300 Malicious ‘Vapor’ Apps on Google Play Accumulate 60 Million Downloads – Cybercriminals infiltrated the Google Play Store with over 300 malicious apps, racking up more than 60 million downloads. These apps, disguised as utilities, health, fitness, and lifestyle tools, initially appeared harmless but were later updated to overwhelm users with full-screen ads, severely affecting device performance. Some apps took it further, attempting to steal user credentials and credit card information through phishing attacks. This campaign highlights the need for users to stay vigilant, carefully review app permissions, and use trusted security solutions to protect their devices. SecurityWeek
• Scareware Campaign Shifts Focus to macOS Users – A scareware campaign that once targeted Windows users has now shifted its focus to macOS, using compromised websites to deceive victims into disclosing login credentials. By hosting phishing pages on trusted Microsoft Azure domains, attackers bypass conventional security measures. Detected by LayerX, the campaign specifically targets Safari users with sophisticated prompts that resemble legitimate security alerts. SecurityWeek