☕️ Good Morning Security Gang!
Welcome to another exciting episode of the CyberHub Podcast. It’s Wednesday, May 28, 2025, and this week has been moving at lightning speed.
With so much cyber news unfolding globally, host James Azar wastes no time diving into key stories—from ransomware in small-town America to Chinese espionage in Europe, Apple’s massive fraud prevention efforts, and the continuing consolidation of cybersecurity giants.
🏙 Ransomware Strikes Sheboygan, Wisconsin
The charmingly named city of Sheboygan, WI, was the victim of a ransomware attack back in October 2024, with new forensic updates now confirming that 68,000 residents were affected—up from the initial estimate of 50,000. The threat group Cohort claimed responsibility, releasing screenshots and ransom demands. In response, the city is offering one year of identity protection services to impacted residents.
📉 MathWorks Hit by Ransomware, Services Disrupted
MathWorks, known for MATLAB and Simulink software used by millions worldwide, confirmed a ransomware attack that caused widespread outages to critical services like Cloud Center and License Center. The breach began on May 18 and knocked services offline for several days. Although many services have now resumed, the identity of the attackers remains unknown.
🐼 China’s APT31 Blamed for Espionage in Czech Republic
Czech intelligence agencies officially attributed a cyber campaign against a critical government network to China’s APT31, aka Judgment Panda. The activity, which began in 2022, targeted the Foreign Ministry’s unclassified networks. The Czech government’s bold attribution underscores rising tensions with China and highlights ongoing information warfare within the EU.
🇺🇦 Over 200 Cyberattacks Target Ukrainian Media
Ukraine’s State Service for Special Communications and Information Protection (SSSCIP) released a report tallying more than 200 cyberattacks on Ukrainian media since the start of the Russia-Ukraine war. These attacks have included DDoS campaigns, deepfakes, content wiping, and fake surrender videos aimed at eroding public trust. The hybrid war continues, fueled by Russia’s strategic use of cyber operations.
🇮🇷 DOJ Nails RobinHood Ransomware Operator
The U.S. Department of Justice announced that Iranian national Sina Golandish pleaded guilty to wire and computer fraud for his role in the Robin Hood ransomware operation that crippled Baltimore in 2019. The gang targeted dozens of entities, racked up millions in damages, and operated a ransomware-as-a-service model, hitting other states including New York, Oregon, and California.
🇮🇳 India Cracks Down on Fake Tech Support Scam
In Andhra Pradesh, India, police dismantled a cybercrime syndicate operating Amazon-style fake tech support call centers. The operation mimicked Cambodia- and Myanmar-style scam factories, recruiting English-speaking locals to defraud Westerners. Over 100 people were questioned and 33 arrested in what marks a significant blow to one node in a much broader scam network.
🧰 MSP Breach: DragonForce Exploits Unpatched RMM
The DragonForce ransomware gang exploited three known vulnerabilities in SimpleHelp, a remote monitoring and management (RMM) tool, to breach a Managed Service Provider (MSP) and launch ransomware across downstream clients. Sophos identified CVEs 2024-57727, 57728, and 57726 as the attack vectors. This breach is another reminder to rigorously vet MSPs’ patching practices and internal security hygiene.
🍏 Apple Blocks $9B in App Store Fraud Over Five Years
Apple revealed in its App Store fraud report that it blocked over $2 billion in fraudulent transactions in 2024 alone and $9 billion since 2020. Nearly 4.7 million stolen credit cards were blocked, and over 1.6 million accounts were banned. The company rejected nearly 1.9 million apps for privacy violations or impersonation attempts. This report showcases Apple’s commitment to App Store integrity and is a benchmark for other platforms.
🛠 Patch Now: Firefox and Chrome Fix High-Severity Bugs
Mozilla and Google pushed out new browser versions—Firefox 139 and Chrome 137—patching a combined 21 vulnerabilities. Chrome addressed 11 security issues, paying out $7,500 in bounties. Firefox patched 10 bugs, including a serious double-free flaw in libVPX. Users should update immediately to avoid exploitation.
🧩 Zscaler Acquires Red Canary in MDR Expansion
Zscaler has acquired managed detection and response (MDR) provider Red Canary, continuing a trend of major cybersecurity consolidation. Red Canary, which raised $135M in venture capital, strengthens Zscaler’s portfolio following its earlier acquisition of Avalor. With budget cuts across industries, cybersecurity giants are positioning themselves as all-in-one platforms to secure wider portions of customer spend.
✅ Action List for Cybersecurity Professionals
🔒 If you're a Sheboygan resident or city partner, enroll in the offered identity protection immediately.
🚨 Patch your RMM tools now—especially SimpleHelp—to prevent downstream ransomware deployment.
🛡 Evaluate your MSP/MSSP’s internal security policies and ask to meet their security lead.
🔁 Update to the latest Firefox and Chrome versions to mitigate high-risk browser vulnerabilities.
🌐 Monitor Chinese and Russian cyber tactics—especially if your organization is critical infrastructure or media-related.
🧬 Stay informed about deepfake technology risks in propaganda and influence operations.
📉 Reassess SaaS vendor security following the MathWorks outage—verify their incident response plans.
📲 For app developers: study Apple’s App Store enforcement standards to ensure your software complies with fraud and privacy rules.
🤝 If evaluating cybersecurity platforms, consider whether your vendor has a prevention-first or detection-first strategy—and how it aligns with your risk posture.
That’s a wrap for today’s show. We’ll be back live tomorrow at 9:00 AM Eastern with all the latest and greatest in cyber.
Until then—thank you for tuning in, and most importantly, stay cyber safe.
✅ Story Links:
https://therecord.media/ransomware-sheboygan-breach-notice
https://therecord.media/czechia-accuses-china-cyber-espionage-apt31
https://therecord.media/ukraine-media-cyberattacks-russia-ssscip-report
https://www.securityweek.com/iranian-man-pleads-guilty-to-role-in-baltimore-ransomware-attack/
https://www.securityweek.com/chrome-137-firefox-139-patch-high-severity-vulnerabilities/
https://www.securityweek.com/zscaler-to-acquire-mdr-specialist-red-canary/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
🚨 Important Links to Follow:
👉Website:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
🤝 For Business Inquiries: info@cyberhubpodcast.com
=============================
🚀 About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post