Cybersecurity Incidents Dominate the Week: Microsoft, DaVita, and Interpol Crackdown in Africa

The past week was marked by a wave of significant cybersecurity incidents worldwide. Microsoft announced it is limiting the information shared with Chinese companies through its Microsoft Active Protections Program (MAPP), following concerns that PoC exploit code may have been leaked and abused by Chinese threat actors.
Instead of detailed technical code, Microsoft will now provide only general descriptions of vulnerabilities to these firms. Meanwhile, Hunt.io published an in-depth analysis of the leaked Ermac 3.0 banking trojan source code, revealing both powerful data theft capabilities and serious security flaws. In Africa, Interpol carried out Operation Serengeti 2.0, arresting more than 1,200 individuals linked to cybercrime and recovering nearly $100 million while dismantling 11,000 malicious networks. The operation targeted investment fraud schemes, illicit cryptocurrency operations, and inheritance scams.

Separately, Microsoft patched a logging issue in Copilot that allowed some interactions to bypass audit logs, raising concerns for industries where log integrity is critical.

Researchers also warned that agentic AI integrated into web browsers could be exploited by attackers through techniques such as Scamlexity and ClickFix. Healthcare provider DaVita disclosed that its recent ransomware-related data breach now affects nearly 2.7 million people, with the Interlock group claiming responsibility. Together, these events underscore the growing complexity of today’s cyber threat landscape and the urgent need for stronger defenses across industries.