Canary Trap’s Bi-Weekly Cyber Roundup

Canary Trap’s bi-weekly roundup details several active and high-impact cyber incidents: a zero-click WhatsApp vulnerability (CVE-2025-55177) likely chained with an Apple ImageIO zero-day (CVE-2025-43300); an APT41-linked phishing/malware campaign targeting U.S.–China trade talks; KillSec ransomware exfiltrating >34 GB of Brazilian healthcare records via an unsecured S3 bucket; a stealthy Buterat backdoor (with observed C2 ginomp3.mooo.com and payloads amhost.exe/bmhost.exe) targeting enterprise and government networks; and a disruptive attack on Jaguar Land Rover claimed by Scattered Lapsus$ Hunters, with recommended mitigations and lessons learned.