March has been another intense month in cybersecurity, with threats emerging across multiple sectors, from critical infrastructure to financial institutions.
This month, we’ve seen major security breaches affecting cryptocurrency platforms, targeted cyber-espionage campaigns, and vulnerabilities in widely used technology. Attackers continue to refine their tactics, using everything from zero-day exploits to sophisticated laundering operations.
In this month’s roundup, we’ll discuss the most significant cyber incidents and their implications for the evolving threat landscape.
Critical security flaws discovered in DrayTek Routers – urgent firmware update released
DrayTek has alerted customers to two newly identified security vulnerabilities in several of its popular broadband routers, both carrying a severe Common Vulnerability Score (CVSS) of 9.8 out of 10. These flaws, which allow remote code execution via buffer overflow exploits, were discovered in October 2024 but were only publicly disclosed at the end of February 2025.
While these vulnerabilities pose a significant security risk, DrayTek has already released firmware updates (some as early as November 2024) to patch the issues. However, the company has only recently begun directly notifying customers, urging them to update their devices immediately to safeguard against potential cyber threats.
Google patches critical Chrome zero-day exploited in cyber attacks
Google released an urgent security update for Chrome after cybersecurity researchers at Kaspersky uncovered an actively exploited zero-day vulnerability, CVE-2025-2783. The flaw, which allowed attackers to bypass Chrome’s sandbox protection due to a logical error in its security framework on Windows, was used in a sophisticated cyber-espionage campaign dubbed “Operation ForumTroll.” Victims were targeted via phishing emails that redirected them to malicious websites, triggering infections without further user interaction.
The campaign primarily targeted Russian media, educational institutions, and government organisations, leading researchers to suspect a state-sponsored Advanced Persistent Threat (APT) group.
Following Kaspersky’s report, Google swiftly addressed the issue, releasing patches in Chrome versions 134.0.6998.177 and 134.0.6998.178 on March 25, 2025. Users are strongly advised to update their browsers immediately to mitigate the risk of exploitation.
INTERPOL’s Operation Red Card cracks down on cybercrime, arresting 306 suspects across Africa
A major international crackdown on cybercrime, led by INTERPOL and spanning seven African nations, has resulted in the arrest of 306 suspects and the seizure of 1,842 devices. Dubbed Operation Red Card, the effort targeted cross-border scams involving mobile banking, investment fraud, and phishing attacks that affected over 5,000 victims.
Authorities in countries such as Nigeria, South Africa, and Zambia dismantled scam centres, recovered stolen assets, and apprehended key individuals behind fraudulent schemes.
Among the notable arrests, Nigerian police detained 130 individuals, including 113 foreign nationals linked to online fraud, while South African authorities confiscated over 1,000 SIM cards used for large-scale phishing. Zambian officials also arrested members of a criminal syndicate deploying malware to access victims’ banking apps. INTERPOL emphasised the operation’s success in disrupting cyber criminal networks and reinforcing international cooperation against digital fraud.
North Korean hackers launder $300M from record-breaking ByBit Heist
The notorious Lazarus Group is said to have successfully laundered $300 million of the $1.5 billion stolen in the recent ByBit crypto hack. Working around the clock, the hackers are using sophisticated laundering techniques to obscure the funds, potentially fuelling North Korea’s military ambitions.
ByBit is fighting back with its Lazarus Bounty program, rewarding individuals for tracking stolen funds. While $40 million has been frozen, experts warn most of the crypto may never be recovered due to North Korea’s expertise in laundering digital assets.
U.S. charges 12 Chinese hackers for spying on dissidents and government agencies
The U.S. has charged 12 Chinese nationals, including two government officers, for hacking U.S.-based dissidents and selling stolen data to Beijing. The group, linked to Chinese firm i-Soon, allegedly breached American government agencies, a religious group, and a Hong Kong newspaper.
Prosecutors say hackers charged Chinese agencies between $10,000 and $75,000 per exploited inbox, operating under state direction. The U.S. is now offering a $10M reward for information on i-Soon and its employees as tensions over state-sponsored cyber attacks escalate.
Get protected today with industry-leading cybersecurity tools
March cybersecurity events highlight the ever-evolving nature of digital threats. The rise of sophisticated attacks, whether targeting financial assets, government agencies, or critical software vulnerabilities, reinforces the need for vigilance and rapid response.
Organisations must adopt robust security measures, patch vulnerabilities swiftly, and stay informed about emerging risks. At Brigantia, we support channel partners in delivering market-leading, advanced cybersecurity solutions, helping them strengthen their customers' defences and protect their digital future.
Contact the Brigantia team to explore our cybersecurity solutions.
Visit our resources page for more articles like this: https://www.brigantia.com/resources