Pocket Lint Security

The Wright brothers built the first powered airplane for about $1,000 - pocket lint compared to the $5,000 bribes that cracked Coinbase’s customer vault.

Apparently, launching humanity into the skies costs less than convincing a bored support rep to leak KYC data. Silicon Valley spends billions on blockchain certainty; human optimism still comes cheaper than two bicycle mechanics in 1903.

When the helpdesk’s rent is due, gravity isn’t the only law getting violated.

🔝 Top Stories

SAP Zero-Days Hammered, Systems Bleed Profusely

Multiple critical vulnerabilities in SAP NetWeaver, including a CVSS 10.0 unauthenticated file upload flaw (CVE-2025-31324) and a related deserialization bug (CVE-2025-42999, CVSS 9.1), are being actively exploited. Chinese APTs, along with ransomware crews like Qilin, BianLian, and RansomExx, were reportedly having a field day before patches were even a twinkle in SAP's eye, leading to CISA slapping CVE-2025-42999 onto its KEV list.
📰 Onapsis / The Hacker News / CISA

FortiVoice Zero-Day Rings: Fortinet & Co. Under Fire

Fortinet rushed out a patch after disclosing a critical (CVSS 9.6) unauthenticated stack-based buffer overflow zero-day (CVE-2025-32756). This nasty bug affects FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera systems, with attackers already caught red-handed exploiting FortiVoice in the wild, scanning networks, and trying to swipe credentials.
📰 The Hacker News / Rapid7 / Arctic Wolf

DragonForce's UK Retail Blitz: Helpdesk Hooliganism Wins

The "DragonForce" ransomware group is claiming scalps at prominent UK retailers, including Marks & Spencer, Co-op, and Harrods, leading to store closures and data theft. Their sophisticated attack vector? Reportedly tricking IT helpdesks into resetting passwords, a tactic also favored by the Scattered Spider collective, proving once again that the weakest link is often carbon-based.
📰 WEForum.org / CYFIRMA

PowerSchool Pays Ransom, Gets Re-Extorted

Education tech provider PowerSchool, still smarting from a December 2024 breach, is now facing renewed extortion demands for the same stolen student and educator data. Despite admitting they paid a ransom after the initial breach, threat actors are back, proving that paying these crooks offers about as much data deletion assurance as a pinky swear.
📰 Infosecurity Magazine / K12Dive / PowerSchool

Cloudflare: Q1 DDoS Mayhem Nearly Tops Entire 2024

Cloudflare's Q1 2025 report paints a grim picture of the DDoS landscape, revealing they mitigated a staggering 20.5 million attacks – almost as many as the entire 2024 total. With a 358% year-over-year increase and an average of eight hyper-volumetric attacks (over 1 Tbps) daily, the internet is apparently under constant, overwhelming siege.
📰 FieldEffect / Check Point Blog

⚡ Other Headlines

• Ivanti EPMM: Chained Flaws Ignite Wild RCE Infosecurity Magazine

• Chrome's New KEV Star: Loader Bug (CVE-2025-4664) Goes Wild CISA

• Dior's New Collection: Exposed Customer Data Infosecurity Magazine

• DrayTek Routers: Now KEV-Listed & Exploited (CVE-2024-12987) CISA

• RI Bridge Toll: Paid with Deloitte's Lost Creds Governor.ri.gov

• Europol Busts Six DDoS-for-Hire Services, Nabs Suspects RedSeal

• Toppan Spills Bank Data (DBS, BoC). Oops. BrightDefense

• EUVD: Another Vul DB. Just What We Needed. ENISA via RapidFort

• FBI: Your Grandpa's Router? Now a Crime Proxy. Infosecurity Magazine

• Google Embeds AI in Chrome to Fight Scams Infosecurity Magazine

• Langflow Auth Flaw: So Easy, It's Now KEV-Listed. RedSeal

• NIST Security Staff Vanish: 20% Poof! Brain Drain Blues. RedSeal

Coinbase’s $400 Million Insider Disaster

• Bribery, betrayal, and a $20 million ransom demand—welcome to Coinbase’s newest PR nightmare.

• "Less than 1%" sounds comforting, right? Wrong. Try 100,000 customers hung out to dry.

• $5,000 bribes for customer data: Turns out, that's enough to dismantle security at a multi-billion dollar exchange.

• Coinbase’s response? Reject ransom, offer bounty, but not before bleeding hundreds of millions in damage control.

Coinbase just learned a brutal lesson: Your biggest threat doesn't need fancy exploits—just a payday.

Forget zero-day vulnerabilities and nation-state hackers. Coinbase’s $400 million dumpster fire was sparked by the oldest exploit in the book: cash in the hand.

A handful of overseas customer support agents—motivated by bribes that, depressingly, equaled more than their annual salary—handed over the digital equivalent of nuclear launch codes: personal data for tens of thousands of users.

Bribery Beats Blockchain

Cryptography can't save you from human greed.

Insiders compromised by bribes took privileged customer data, from government IDs to detailed transaction histories. Armed with this goldmine, the attackers launched sophisticated social engineering campaigns, systematically looting users who believed they were speaking with legit Coinbase support.

It was textbook espionage without breaking a single digital lock.

Coinbase initially sniffed out suspicious activity but dismissed it as isolated missteps by rogue employees. Turns out, those "missteps" were the frontline scouts of a coordinated assault. By the time a ransom demand landed—$20 million or else—Coinbase finally connected the dots.

They had seen the smoke. They just hadn't noticed the fire.

Transparency: Too Little, Too Late

CEO Brian Armstrong stepped up, refusing the ransom publicly, with the flair of someone taking a brave stand. Nice optics.

Then came Coinbase’s bold counter-move: a matching $20 million bounty for information leading to the attackers' capture.

But here's the catch: the attackers had already bolted the barn doors, leaving Coinbase chasing shadows—and headlines.

Damage Control: Expensive and Messy

Rejecting the ransom felt heroic, but the fallout was catastrophic.

Coinbase committed to reimbursing customers tricked by social engineering scams tied directly to the stolen data—provided it happened before their official disclosure.

How much is this going to cost them? Between $180 million and $400 million.

That's the price tag for overlooking human vulnerabilities in a system obsessively focused on digital security.

Trust Me, Bro: The Future of Crypto Security?

Coinbase says they're upping their game. U.S.-based support centers, insider threat monitoring, tighter access controls—it's an expensive wake-up call.

All that tech. All that money.

And the weakest link STILL comes down to how much you trust the person sitting at a keyboard.

Did You Know?

Look, you made it this far down the email. You're clearly committed... or just procrastinating exceptionally well. Either way, since you're here, might as well loop in some friends or coworkers…

Refer 3 new victims - err, friends & coworkers - using your unique link below. 

If they subscribe, we'll send you an exclusive Dumpster Fire sticker. It’s the perfect visual metaphor for gestures broadly at everything.... well, you know.

Want one?

(You currently have 0 referrals.)

Copy and paste this link:

https://www.cybersizzler.com/subscribe?ref=PLACEHOLDER

Or click the Share Button (we won't tell anyone it wasn't manual. Maybe.):

It’s arguably more valuable than most security awareness training.
Regardless, you get a sticker.

More Clicking Required

Still with us?

Why?

Err... Uh… I mean, cool.
Your dedication is... noted. And about to be exploited.

Go on, spread this digital contagion. Screenshot our glorious prose. It’ll look fantastic on your boss's enormous monitor, or maybe even educate your nephew who thinks "phishing" involves actual fish. Every share is a win for chaos—and our metrics.

Don't get comfortable. There's a poll right below this.

Click it.

Just mash a button. We're not asking for a dissertation.

- Dave
Sizzler Out. //