At a glance.
- Law enforcement disrupts scam operations across Asia.
- Stealth Falcon APT exploited Windows zero-day.
- Erie Insurance confirms cyberattack.
Law enforcement disrupts scam operations across Asia.
An international law enforcement operation led by the Singapore Police Force (SPF) resulted in the arrest of 1,800 individuals suspected of involvement in scam operations, the Record reports. The SPF stated, "The subjects, aged between 14 and 81, are believed to be involved in more than 9,200 scam cases, comprising mainly government official impersonation scams, investment scams, rental scams, internet love scams, friend impersonation scams, job scams, and e-commerce scams, where victims reportedly lost over S$289 million (approximately USD225 million)." The police also shuttered dozens of scam centers and seized more than $20 million from 32,600 bank accounts.
Stealth Falcon APT exploited Windows zero-day.
Check Point has published a report on the exploitation of a Windows zero-day flaw that was patched earlier this week. The vulnerability (CVE-2025-33053) affects the Windows implementation of WebDAV, and can lead to remote code execution if a victim clicks on a malicious link. Check Point says the Stealth Falcon APT exploited the flaw to target a Turkish defense company. The threat actor sent a malicious .url file in a spearphishing email designed to deliver a custom implant for the Mythic C2 open-source framework.
Stealth Falcon is a cyberespionage actor that targets entities and individuals across the Middle East. Researchers at the University of Toronto's Citizen Lab believe the group is associated with the government of the United Arab Emirates.
Erie Insurance confirms cyberattack.
Pennsylvania-based Erie Insurance has confirmed that a cyberattack was responsible for widespread outages that began over the weekend, BleepingComputer reports. Customers have been unable to log into the company's online portal and are reporting difficulties filing claims.
Erie's management firm, the Erie Indemnity Company, said in an SEC filing, "The Company continues to take protective measures, and is conducting forensic analysis with the assistance of leading third-party cybersecurity experts to gain a full understanding of this event. Given the recency of the event, the Company's investigation and response are ongoing, and the full scope, nature, and ultimate impact on the Company are not yet known."
The company added on its website, "During this outage, Erie Insurance will not contact customers by phone or email to request payments. As always, do not click on any links from unknown sources or share your personal information via phone or email."
