10 Critical Cybersecurity Threats from Mid-May 2025: Attacks, AI Dangers, and Unpatched Flaws
Every week brings new cyber incidents, and the period around 18th May 2025 was no exception. From a major telecom source code leak to AI‑powered macOS exploits and two dangerous Windows zero‑days, defenders have their hands full. This article distills the top 10 developments into a quick‑scan listicle, covering confirmed breaches, emerging AI‑driven threats, and critical vulnerabilities you need to patch—or at least watch closely. Whether you manage enterprise security or just want to stay informed, these items highlight the evolving attack surface. Let’s dive into the details each one deserves.
1. Vodafone Source Code Leak by Lapsus$
Global telecom giant Vodafone confirmed that its GitHub repositories were partially accessed by the Lapsus$ extortion group through compromised third‑party development software. The attackers leaked source code, but the company emphasised that customer data and core network infrastructure remained untouched. This incident underscores the risk of supply‑chain trust in development tools. While no ransomware was deployed, the leaked code could enable further reconnaissance or IP theft. Organisations should review third‑party integrations and enforce strict access controls on code repositories.
2. THORChain Loses $10.7M in Vault Compromise
Swiss‑based cryptocurrency platform THORChain suffered a security breach that drained about $10.7 million from one of its six vaults. Trading was immediately halted after the compromise, and the company stated that losses were limited to protocol‑owned assets across several blockchains. The attack likely exploited a vulnerability in the cross‑chain logic or a misconfiguration. This event reinforces the importance of rigorous auditing for DeFi protocols and implementing robust monitoring to detect anomalous vault activities before large sums are moved.
3. Ransomware Hits West Pharmaceutical Services
West Pharmaceutical Services, a key manufacturer of drug‑delivery components, was hit by a ransomware attack that encrypted systems and disrupted shipping, manufacturing, and shared services. The attackers also stole data, yet no group has publicly claimed responsibility. The incident affected global operations, highlighting how ransomware can cripple life‑sciences supply chains. Companies in critical manufacturing should prioritise offline backups, network segmentation, and incident‑response drills to minimise downtime and data exfiltration during such attacks.
4. Foxconn Confirms Nitrogen Ransomware Attack
Electronics manufacturer Foxconn acknowledged a cyberattack on its North American operations after the Nitrogen ransomware group claimed to have stolen 8 TB of data. The attack caused temporary disruption at some factories, though normal production was soon restored. Nitrogen is a relatively new group known for double‑extortion tactics. This breach serves as a reminder that large supply‑chain players are prime targets. Companies should enforce multi‑factor authentication, monitor for unauthorised data transfers, and regularly test restoration plans.
5. ‘Claw Chain’ Flaws Expose OpenClaw AI Platform
Researchers disclosed four vulnerabilities, collectively named ‘Claw Chain’, affecting OpenClaw—an autonomous AI agent platform. The most critical flaw, CVE‑2026‑44112 (CVSS 9.6), allows attackers to bypass sandbox controls, expose restricted files, leak secrets, and gain owner‑level access. The chain enables full compromise of the AI agent environment. As organisations deploy AI agents for code generation and decision‑making, they must vet the security of these platforms and apply patches immediately. The vulnerabilities were responsibly disclosed to the vendor.
6. AI‑Assisted macOS Exploit Bypasses M5 Chip Defenses
Researchers developed a macOS kernel exploit that circumvents Apple’s Memory Integrity Enforcement on M5 chips, achieving complete system control on macOS 26.4.1. Anthropic’s Mythos Preview—an AI model—was used to accelerate the discovery of the bug chain. The findings were privately reported to Apple before public disclosure. This demonstrates how AI can supercharge vulnerability research, potentially lowering the barrier for both defenders and attackers. Apple users should apply security updates promptly and enable additional protections like Gatekeeper and SIP.
7. Vercel AI Generator Abused for Phishing Pages
Threat actors are exploiting Vercel’s AI website generator, v0.dev, to mass‑produce realistic phishing pages mimicking brands like Microsoft and Spotify. The campaigns use Telegram bots to capture credentials and payment details in real time. This technique leverages legitimate AI infrastructure to avoid detection by traditional URL filters. Organisations should train users to verify URLs even on trusted platforms, and consider using advanced phishing detection tools that analyse website behaviour rather than just reputation.
8. Hugging Face Package Hides Infostealer After 200K Downloads
A popular repository on Hugging Face, posing as OpenAI’s privacy filter, was found to contain Windows‑targeting malware. The package amassed over 200,000 downloads before being flagged. Once installed, it deployed an infostealer that harvested browser passwords, cookies, SSH keys, VPN configurations, and cryptocurrency wallets. This incident highlights the risks of blindly trusting open‑source AI model repositories. Security teams should scan all third‑party packages, especially those with elevated permissions, and monitor for suspicious network exfiltration attempts.
9. YellowKey: Unpatched BitLocker Bypass (CVE‑2026‑xxxx)
Researchers disclosed YellowKey, a zero‑day vulnerability in Windows 11 and recent Windows Server versions. The flaw allows an attacker with physical access to bypass BitLocker protection via the Windows Recovery Environment, gaining full access to encrypted data. Proof‑of‑concept code is publicly available, and Microsoft has not yet released a patch. Organisations using BitLocker should enforce strong physical security measures, consider enabling additional pre‑boot authentication, and monitor for official patches. This vulnerability underscores the importance of layered encryption controls.
10. GreenPlasma: Privilege Escalation via CTFMON
GreenPlasma is another unpatched Windows zero‑day affecting the same platforms. It abuses the CTFMON framework (used for text input) to escalate privileges from a standard user to SYSTEM. Like YellowKey, proof‑of‑concept code is public, increasing the risk of widespread exploitation. Until Microsoft issues a fix, administrators should restrict local user privileges, apply the principle of least privilege, and use endpoint detection solutions that can detect anomalous process behaviour. Combine this with YellowKey for a potent attack chain if an attacker gains initial foothold.
The past week’s events show that cyber threats continue to evolve across multiple fronts—from ransomware targeting critical infrastructure to AI‑assisted exploits and open‑source package poisoning. Patch management, user awareness, and zero‑trust architectures remain essential, but they must adapt to new attack vectors like AI‑generated phishing and supply‑chain code leaks. Stay vigilant, review your incident‑response plans, and keep an eye on the vulnerabilities that still lack fixes. Cybersecurity is a marathon, not a sprint—but weeks like these remind us to keep our pace quick.