6/27-29/2025 June 29, 2025 ~ The Cyber Beat ~ Leave a comment NATO Members Aim for Spending 5% of GDP on Defense, With 1.5% Eligible for CyberU.S. Falling Behind China in Exploit ProductionHow Vulnerable Is Critical Infrastructure to Cyberattack in the U.S.?Canada Orders China’s Hikvision to Close Canadian OperationsChinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden RootkitPUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific AttackFBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering…Aviation, Transportation Firms…Update: Hawaiian Airlines Cyberattack Has Marks of Scattered SpiderRetail Giant Ahold Delhaize, Parent of Food Lion, Stop & Shop, Giant Food, and Hannaford, Says Data Breach Affects 2.2 Million PeopleWhole Foods Supplier UNFI Restores Core Systems After CyberattackGIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering ToolMOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity SurgeBluetooth Flaws Could Let Hackers Spy Through Your MicrophoneCitrix Bleed 2 Flaw Now Believed to Be Exploited in AttacksLet’s Encrypt Ends Certificate Expiry Emails to Cut Costs, Boost PrivacyCloudflare Open-Sources Orange Meets With End-To-End EncryptionNew York Orders Local Governments to Start Reporting Cyberattacks
6/26/2025 June 27, 2025June 27, 2025 ~ The Cyber Beat ~ Leave a comment When Iran’s Supreme Leader Emerges From Hiding He Will Find a Very Different Nation…Ayatollah Khamenei Says Iran ‘Delivered a Heavy Slap to America’s Face’; Claims Victory Over ‘Zionist’ Israel…Pentagon Chief: Iran Strike Was a ‘Historically Successful Attack’Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing AttacksScam Compounds Labeled a ‘Living Nightmare’ as Cambodian Government Accused of Turning a Blind EyeFBI Used Bitcoin Wallet Records to Peg Notorious IntelBroker as UK NationalMissouri Man Pleads Guilty to Hacking Networks to Pitch Security ServicesEx-Student Charged Over Hacking University for Cheap Parking, Data BreachesFTC Approves $126 Million in Fortnite Refunds Over ‘Dark Patterns’NSA’s Patrick Ware Takes Over as Top Civilian at U.S. Cyber CommandHawaiian Airlines Hit by Cyber AttackMicrosoft 365 ‘Direct Send’ Abused to Send Phishing as Internal UsersFBI Warning for Phone Users to Delete Certain Messages Immediately Even if Unopened – You Risk Accounts Being Drained‘Cyber Plague’: Experts Warn of Growing Infostealer Threat After Billions of Login Details ExposedClickFix Attacks Surge 517% in 2025Hundreds of MCP Servers at Risk of RCE and Data LeaksCritical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root AccessCritical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain AttacksCISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, FortinetWindows Is Getting Rid of the Blue Screen of Death After 40 YearsHow Geopolitical Tensions Are Shaping Cyber Warfare
6/25/2025 June 26, 2025June 26, 2025 ~ The Cyber Beat ~ Leave a comment Trump Says NATO’s New 5% Defence Spending Pledge a ‘Big Win’North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm PackagesNSA and CISA Urge Adoption of Memory Safe Languages for SafetyHalf of Customer Signups Are Now FraudulentU.S. Exchanges, SEC in Talks to Ease Public Company RegulationsBritish Hacker ‘IntelBroker’ Charged with $25M in Cybercrime DamagesRansomware Attack Contributed to Patient’s Death, Says Britain’s NHSFrench Cybercrime Police Arrest Five Suspected BreachForums AdminsPACER Electronic Filing System Under Attack by Hackers, Federal Judge Warns LawmakersGoogle Rolls Out Text-To-Image Model Imagen 4 for FreeData Theft Fears After Cyber Attack on Glasgow City CouncilHackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in AfricaHackers Turn ScreenConnect Into Malware Using Authenticode StuffingSAP GUI Input History Found Vulnerable to Weak EncryptionMillions of Brother Printers Hit by Critical, Unpatchable BugHackers Abuse Microsoft ClickOnce and AWS Services for Stealthy AttacksMicrosoft nOAuth Flaw Still Exposes SaaS Apps Two Years After DiscoveryCitrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADCWinRAR Patches Bug Letting Malware Launch From Extracted Archives
6/24/2025 June 25, 2025June 25, 2025 ~ The Cyber Beat ~ Leave a comment Trump Says Iran-Israel Ceasefire in Effect After Accusing Both Sides of Violating It…U.S. Strikes Did Not Destroy Iran’s Nuclear Programme, Intelligence Report Says…Trump’s Iran Attack Spurs Concerns of Retaliation in the U.S.: ICE Arrests 11 Iranian Nationals…Iran’s Cyber Forces Have Many Ways to Attack U.S., Experts WarnFBI Cyber Leader: U.S. Can’t Forget About China’s ‘Typhoon’ Groups Amid Mideast Conflict…China-Nexus ‘LapDogs’ Network Thrives on Backdoored SOHO DevicesInsurers ‘Under Siege’ by Notorious Hacking Group Scattered SpiderCyber Intel Pros and Hobbyists Can Now Report Threats AnonymouslyResearchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogueNew U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to PublicColumbia University Hit by Possible ‘Cyberattack’ as It Outage Impacts Key Student ServicesLeak of Data Belonging to 7.4 Million Paraguayans Traced Back to InfostealersHackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via KeyloggersTrezor’s Support Platform Abused in Crypto Theft Phishing AttacksResearchers Say Cybercriminals are Using Jailbroken AI Tools from Mistral and xAIMalware Campaign Uses Rogue WordPress Plugin to Skim Credit CardsSonicWall Warns of Trojanized NetExtender Stealing VPN LoginsNew FileFix Attack Weaponizes Windows File Explorer for Stealthy CommandsHackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor NetworkU.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
6/23/2025 June 24, 2025June 24, 2025 ~ The Cyber Beat ~ Leave a comment Trump Urges Iran, Israel to Seek ‘Peace and Harmony’ After ‘Weak’ Qatar Strike…Trump Says Iran, Israel Agree to Truce…Iran Refutes Trump’s Claims of Ceasefire Deal With Israel, but Signals Readiness to End HostilitiesCyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation…U.S. Tells Companies to Prepare for Iranian CyberattacksChinese “LapDogs” ORB Network Targets U.S. and AsiaChina-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian TelecomTaiwan Is Rushing to Make Its Own Drones Before It’s Too LateTelegram Purged Chinese Crypto Scam Markets—Then Watched as They RebuiltFormer U.S. Army Sergeant Pleads Guilty After Amateurish Attempt at Selling Secrets to ChinaRevil Ransomware Members Released After Time Served on Carding ChargesA CISO’s AI PlaybookAPT28 Hackers Use Signal Chats to Launch New Malware Attacks on UkraineSecond Attack on McLaren Health Care in a Year Affects 743K PeopleU.S. Insurance Giant Aflac Says Customers’ Personal Data Stolen During CyberattackFC Barcelona’s Data Compromised in Ransomware Attack on InsurerCoinMarketCap Briefly Hacked to Drain Crypto Wallets via Fake Web3 PopupSteel Giant Nucor Confirms Hackers Stole Data in Recent Breach184 Million Passwords Leaked Across Facebook, Google, More: What to Know About This Data BreachXDigo Malware Exploits Windows LNK Flaw in Eastern European Government AttacksSparkKitty Malware on Google Play, Apple App Store Stole Your Photos—And CryptoEcho Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful ContentCitrix Patches Critical Vulns in NetScaler ADC and Gateway
6/20-22/2025 June 22, 2025June 22, 2025 ~ The Cyber Beat ~ Leave a comment U.S. Begins Moving B-2 Bombers, as Trump Weighs Attack on Iran…U.S. Strikes 3 Nuclear Sites in Iran, in Major Regional Conflict Escalation…What We Know About U.S. Strikes on Three Iranian Nuclear Sites…U.S. Strike on Iran Began With a Ruse…Iran Hacks Security Cameras to Gain Intel on Israel…Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical TensionsHow Cyber Warfare Changes the Face of Geopolitical ConflictRussia Expert Falls Prey to Elite Hackers Disguised as U.S. OfficialsDutch Launch Operation Orange Shield to Keep NATO Summit SafeTonga Ministry of Health Hit With Cyberattack Affecting Website, IT SystemsMicrosoft Is Blocking Google Chrome Through Its Family Safety FeatureMicrosoft to Remove Legacy Drivers From Windows Update for Security BoostInsurer Aflac Investigating Possible Data Leak After CyberattackPersonal Data of Oxford City Council Officers ExposedM&S and Co-op Hacks Classified as Single Cyber Event…Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in DamagesBitopro Exchange Links Lazarus Hackers to $11 Million Crypto HeistNo, the 16 Billion Credentials Leak Is Not a New Data BreachRussian Dairy Supply Disrupted by Cyberattack on Animal Certification SystemNetflix, Apple, BofA Websites Hijacked With Fake Help-Desk NumbersCloudflare Blocks Record 7.3 Tbps DDoS Attack Against Hosting ProviderNew Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC TheftWordPress Motors Theme Flaw Mass-Exploited to Hijack Admin AccountsMeta To Introduce Full Passkey Support for Facebook on Mobiles
6/18-19/2025 June 19, 2025June 19, 2025 ~ The Cyber Beat ~ Leave a comment Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System…Israeli Hacktivists Steal and Burn $90m+ from Iranian Crypo BizIran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict…Iran’s Internet Blackout Adds New Dangers for Civilians Amid Israeli BombingsFinland Could Charge Russia-Linked Ship’s Officers Over Cable Breaks by ‘August at the Latest’Argentina Uncovers Suspected Russian Spy Ring Behind Disinformation CampaignsRussian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing CampaignTelecom Giant Viasat Breached by China’s Salt Typhoon HackersNorth Korean Hackers Deploy Python-Based Trojan PylangGhost Targeting Crypto…North Korean BlueNoroff Hackers Deepfake Execs in Zoom Call to Spread Mac MalwareResearchers Warn of ‘Living off AI’ Attacks After PoC Exploits Atlassian’s AI Agent ProtocolAI Now Generates Majority of Spam and Malicious EmailsThink Twice Before You Click ‘Unsubscribe’Ransomware Group Qilin Offers Legal Counsel to AffiliatesAlleged Ryuk Initial Access Broker Extradited to the U.S.U.S. Recovers $225 Million of Crypto Stolen in Investment ScamsKrispy Kreme Says November Data Breach Impacts Over 160,000 People…Krispy Kreme Data Breach Puts Employees at Risk of Financial FraudUBS Employee Data Reportedly Exposed in Third Party AttackAsana Warns MCP AI Feature Exposed Customer Data to Other OrgsHealthcare SaaS Firm Episource Says Data Breach Impacts 5.4 Million PatientsIndia’s TCS Says None of Its Systems Were Compromised in M&S HackMinecraft Cheaters Never Win … But They May Get MalwareBanana Squad’s Stealthy GitHub Malware Campaign Targets DevsWater Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware CampaignGodFather Malware Upgraded to Hijack Legitimate Mobile AppsClickFix Helps Infostealers Use MHSTA for Defense EvasionNew Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing ChainsCritical Linux Flaws Discovered Allowing Root Access ExploitsCISA Warns of Active Exploitation of Linux Kernel Privilege Escalation VulnerabilityBeyondTrust Warns of Pre-auth RCE in Remote Support SoftwareMicrosoft Unveils New Security Defaults for Windows 365 Cloud PCsDuckDuckGo Beefs up Scam Defense to Block Fake Stores, Crypto Sites
6/17/2025 June 18, 2025June 18, 2025 ~ The Cyber Beat ~ Leave a comment Israel-Iran Air War Enters Sixth Day, Trump Calls for Iran’s ‘Unconditional Surrender’Suspected Israeli Hackers Claim to Destroy Data at Iran’s Bank SepahPro-Cambodian Hacktivists Launch Attacks on Thai Government Sites Amid Border DisputeTaiwan Hit by Sophisticated Phishing Campaign…Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT MalwareViasat Identified as Victim in Sweeping Phone Hack Tied to ChinaMinnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets’ AddressesPaddle Settles for $5 Million Over Facilitating Tech Support ScamsUK ICO Fines 23andMe £2.3m for Data Protection FailingsMicrosoft Promises to Keep European Cloud Data in EuropeItaly’s Leonardo Buys a European Cybersecurity CompanyOperation Endgame: Do Takedowns and Arrests Matter?Scania Confirms Insurance Claim Data Breach in Extortion AttemptHacker Steals 1 Million Cock.li User Records in Webmail Data BreachRussia Detects First SuperCard Malware Attacks Skimming Bank Data via NFCHacklink Marketplace Fuels Surge in Covert SEO Poisoning AttacksInstagram ‘BMO’ Ads Use AI Deepfakes to Scam Banking CustomersNew Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS AttacksTP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate AlertNew Veeam RCE Flaw Lets Domain Users Hack Backup ServersGoogle Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor‘b’: Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code ExecutionLangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
6/16/2025 June 17, 2025June 17, 2025 ~ The Cyber Beat ~ Leave a comment Israeli Startup Hub Under Missile FireCompanies Warned On Iranian CyberattacksHackers Impersonating U.S. Government Compromise Email Account of Prominent Russia ResearcherBipartisan Bill Aims to Create CISA-HHS Liaison for Hospital CyberattacksArchetyp Market Shut Down in Europe-Wide Law Enforcement OperationU.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker NetworkU.S. Offering $10 Million for Info on Iranian Hackers Behind IOControl MalwareKali Linux 2025.2 Released With 13 New Tools, Car Hacking UpdatesZoomcar Discloses Security Breach Impacting 8.4 Million UsersAs Grocery Shortages Persist, UNFI Says It’s Recovering From CyberattackRemorseless Extortionists Claim to Have Stolen Thousands of Files From Freedman HealthCareScattered Spider Has Moved From Retail to InsuranceeThreat Actors Target Victims with HijackLoader and DeerStealerASUS Armoury Crate Bug Lets Attackers Get Windows Admin PrivilegesTenable Fixes Three High-Severity Flaws in Vulnerability Scanner NessusMicrosoft: June Windows Server Security Updates Cause DHCP Issues
6/13-15/2025 June 15, 2025June 15, 2025 ~ The Cyber Beat ~ Leave a comment Here Are the Top Iranian Leaders Killed in Israel’s Precision Airstrikes — Including Revolutionary Guard Leader, Gen. Hossein Salami…A Miscalculation by Iran Led to Israeli Strikes’ Extensive Toll, Officials Say…Israel-Iran Clashes Escalate, Civilians Urged to Evacuate Target Areas…700% Spike in Cyber Attacks on Israel Since Strike on Iran…Trump Vetoed Israeli Plan to Kill Iran’s Supreme Leader, U.S. Official Tells AP‘No Kings’ Protests, Citizen-Run ICE Trackers Trigger Intelligence WarningsFormer CISA and NCSC Heads Warn Against Glamorizing Threat Actor NamesKrebs: Inside a Dark Adtech Empire Fed by Fake CAPTCHAsGoogle’s $32 Billion Deal for Wiz Gets Antitrust ReviewDanish Government Agency to Ditch Microsoft Software in Push for Digital IndependenceDo You Trust XI With Your ‘Private’ Browsing Data? Apple, Google Stores Still Offer China-Based VPNsCISOs Must Align Business Objectives & CybersecurityCyberattack on Washington Post Strikes Journalists’ Email AccountsWestJet Probes Cybersecurity Incident Affecting App and Internal SystemsVictoria’s Secret Recovers Critical Systems After CyberattackCloudflare: Outage Not Caused by Security Incident, Data Is SafeGovernment Offices in North Carolina, Georgia Disrupted by CyberattacksWorker Information Provided to MEMIC Indemnity Leaked in at OneGroup NY Data BreachOver 269,000 Websites Infected with JSFireTruck JavaScript Malware in One MonthDiscord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto WalletsAnubis Ransomware Adds Wiper to Destroy Files Beyond RecoveryNew TokenBreak Attack Bypasses AI Moderation with Single-Character Text ChangesRansomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double ExtortionOver 46,000 Grafana Instances Exposed to Account Takeover Bug
6/12/2025 June 12, 2025June 12, 2025 ~ The Cyber Beat ~ Leave a comment Graphite Spyware Used in Apple iOS Zero-Click Attacks on Journalists…Apple Fixes New iPhone Zero-Day Bug Used in Paragon Spyware HacksPredator Spotted in Mozambique for First Time, Another Sign of Spyware’s AvailabilityBelarusian Hackers Taunt Kaspersky Over Report Detailing Their AttacksSmartAttack Uses Smartwatches to Steal Data From Air-Gapped SystemsNIST Publishes New Zero Trust Implementation GuidanceEuropol Says Criminal Demand for Data is “Skyrocketing”Microsoft Edge Now Offers Secure Password Deployment for Businesses23andMe Privacy Ombudsman Recommends Company Obtains Consent for Sale of Customer Data‘Major Compromise’ at NHS Temping Arm Exposed Gaping Security HolesRansomware Attack on Ticketing Platform Yes24 Upends South Korean Entertainment IndustryFog Ransomware Attack Uses Unusual Mix of Legitimate and Open-Source ToolsOver 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration ToolWordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam NetworkGitLab Patches High Severity Account Takeover, Missing Auth IssuesTrend Micro Fixes Critical Vulnerabilities in Multiple ProductsPalo Alto Networks Patches Series of VulnerabilitiesThe $200,000 Zoom Call
6/11/2025 June 11, 2025June 11, 2025 ~ The Cyber Beat ~ Leave a comment Congress Introduces Bill to Strengthen Healthcare CybersecurityHalf of Mobile Users Now Face Daily Scams20,000 Asian IPs and Domains Dismantled in Infostealer CrackdownSingapore Leads Multinational Operation to Shutter Scam Centers Tied to $225 Million in TheftsHow Waymo Handles Footage From Events Like the LA Immigration RiotsCyber Startup Cyera Raises $540 Million in Series E RoundInfamous Website 4chan to Be Investigated by UK Communications RegulatorErie Insurance Confirms Cyberattack Behind Business DisruptionsCyber-Attack Targets Ogeechee (GA) Judicial Circuit District AttorneyFormer Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat ManagerSinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default PasswordsZero-Click AI Data Leak Flaw Uncovered in Microsoft 365 CopilotWhatsApp Moves to Join Apple’s Encryption Fight With UK Government
6/10/2025 June 11, 2025June 11, 2025 ~ The Cyber Beat ~ Leave a comment Trump Administration Executive Order Changes Cybersecurity PolicyStealth Falcon: CISA, Microsoft Warn of Windows Zero-Day Used in Attack on ‘Major’ Turkish Defense OrgHundreds of Russian Devices Hit by Rare Werewolf Cryptomining AttacksDDoS Attacks on Financial Sector Surge in Scale and SophisticationDanaBot Malware Operators Exposed via C2 Bug Added in 2022ConnectWise Rotating Code Signing Certificates Over Security ConcernsMicrosoft Outlook to Block More Risky Attachments Used in AttacksApple Intelligence Is Gambling on Privacy as a Killer FeatureAirlines Don’t Want You to Know They Sold Your Flight Data to DHSSpanish Minister Says Private Power Firms Slow to Share Information in Blackout ProbeFive Plead Guilty to Laundering $36 Million Stolen in Investment ScamsSSH Keys: The Most Powerful Credential You’re Probably IgnoringMastery Schools Notifies 37,031 of Major Data BreachOngoing Cyberattack at U.S. Grocery Distributor Giant UNFI Affecting Customer OrdersStolen Ticketmaster Data From Snowflake Attacks Briefly for Sale AgainFIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs MalwareRust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox UsersResearchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry CloudNew Secure Boot Flaw Lets Attackers Install Bootkit Malware, Patch NowAndroid Enterprise Rolls Out Security and Productivity UpdatesIvanti Workspace Control Hardcoded Key Flaws Expose SQL CredentialsAdobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security GapsKrebs: Patch Tuesday, June 2025 Edition
6/9/2025 June 9, 2025June 9, 2025 ~ The Cyber Beat ~ Leave a comment Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group PurpleHaze…SentinelOne Shares New Details on China-Linked Breach AttemptU.S. Infrastructure Could Crumble Under Cyberattack, Ex-NSA Advisor WarnsParaguay President’s X Account Likely Hacked in Bitcoin SchemeA Researcher Figured Out How to Reveal Any Phone Number Linked to a Google AccountSam Altman Brings His Eye-Scanning Identity Verification Startup to the UKSpyware Maker Paragon Cuts Ties With Italy After Government Refused Audit Into Hack of Journalist’s PhoneKazakhstan Detains Over 140 for Allegedly Selling Citizens’ Data via Telegram ChannelsLet Them Eat Junk: United Natural Foods, Supplier to Whole Foods, Walmart, Hit by CyberattackNHS Calls for 1 Million Blood Donors as UK Stocks Remain Low Following CyberattackJackson Health System Announces Another 5-Year Insider Data BreachNearly 300,000 Crash Records Stolen From Texas Transportation DepartmentSensata Technologies Says Personal Data Stolen by Ransomware GangNew Hacker Group Uses LockBit Ransomware Variant to Target Russian CompaniesPayU Plugin Flaw Allows Account Takeover on 5000 WordPress SitesOver 84,000 Roundcube Instances Vulnerable to Actively Exploited FlawNext-Gen Developers Are a Cybersecurity Powder Keg
6/6-8/2025 June 8, 2025June 8, 2025 ~ The Cyber Beat ~ Leave a comment Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 AttackOpenAI Takes Down ChatGPT Accounts Linked to State-Backed Hacking, DisinformationThe Pentagon Disinformation That Fueled America’s UFO MythologyStates Rebuff Proposed Federal Ban on AI LawsTrump Administration Takes Aim at Biden and Obama Cybersecurity RulesCybercriminals Are Hiding Malicious Web Traffic in Plain SightMicrosoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support ScamUncle Sam Moves to Seize $7.7m Laundered by North Korean IT Worker RingHacker Arrested After Exploiting 5,000 Accounts in $4.5 Million Cryptojacking SchemeNigeria Jails 9 Chinese Nationals for Being Part of International Cyberfraud SyndicatePolice Arrests 20 Suspects for Distributing Child Sexual Abuse ContentMicrosoft Shares Script to Restore Inetpub Folder You Shouldn’t DeleteTax Resolution Firm Optima Tax Relief Hit by Ransomware, Data LeakedKettering Health Confirms Attack by Interlock Ransomware Group as Health Record System Is RestoredScattered Spider Uses Tech Vendor Impersonation and Phishing Kits to Target HelpdesksNew Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple UsersMalicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025Malicious npm Packages Posing as Utilities Delete Project DirectoriesMalware Found in npm Packages With 1 Million Weekly DownloadsNew Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions GloballyNew Mirai Botnet Infect TBK DVR Devices via Command Injection FlawCritical Fortinet Flaws Now Exploited in Qilin Ransomware AttacksGoogle’s Upcoming Gemini Kingfall Is Allegedly a Coding BeastEnterprises Are Getting Stuck in AI Pilot Hell, Say Chatterbox Labs Execs
6/5/2025 June 6, 2025June 6, 2025 ~ The Cyber Beat ~ Leave a comment Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope ExpandsIran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal MalwareChina Offers Cash Rewards for Hackers It Says Are Taiwanese MilitaryKrebs: Proxy Services Feast on Ukraine’s IP Address ExodusWhat Really Happened in the Aftermath of the Lizard Squad HacksRoss Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers SuspectWhat to Know About Picking a Virtual Cyber ChiefNintendo Warns Switch 2 GameChat Users: “Your Chat Is Recorded”Cellebrite Buys Corellium to Help Cops Bust Phone EncryptionUncle Sam Puts $10M Bounty on RedLine Dev and Russia-Backed CroniesViLE Gang Members Sentenced for DEA Portal Breach, ExtortionAT&T Not Sure if New Customer Data Dump Is Déjà Vu…Old AT&T Data Leak Repackaged to Link SSNs, DOBs to 49M Phone NumbersEvansville Based Business Anchor Industries Hit with Ransomware AttackUK Tax Authority Reveals Scammers Stole £47 MillionFBI: BADBOX 2.0 Android Malware Infects Millions of Consumer DevicesPopular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded CredentialsHacker Selling Critical Roundcube Webmail Exploit as Tech Info DisclosedGoogle’s Upcoming Gemini Kingfall Is Allegedly a Coding BeastMicrosoft Makes a ‘Proactive Investment’ in EU Cybersecurity Amid Bloc’s Tensions With U.S.Trump’s National Cyber Director Nominee Grilled About His Resume, Proposed Spending CutsFTC Chair Implores Congress to Strengthen Children’s Online Privacy Protection Law
6/4/2025 June 5, 2025June 5, 2025 ~ The Cyber Beat ~ Leave a comment The Race to Build Trump’s ‘Golden Dome’ Missile Defense System Is OnUkraine Claims It Hacked Tupolev, Russia’s Strategic Warplane MakerMicrosoft Unveils Free EU Cybersecurity Program for GovernmentsSee How Much Faster a Quantum Computer Will Crack EncryptionFBI Says Palm Springs Bombing Suspects Used AI Chat Program to Help Plan AttackICE Quietly Scales Back Rules for Courthouse RaidsHacker Arrested for Breaching 5,000 Hosting Accounts to Mine CryptoBidenCash Carding Market Domains Seized in International OperationCybersecurity Investor Merlin Ventures Raises Over $75 Million Debut FundIn the AI Race With China, Don’t Forget About SecurityCISA Workforce Cut by Nearly One-Third So FarEcopetrol Alerts About Security Violations and Possible LeakCrims Stole 40,000 People’s Data From Our Network, Admits Publisher Lee EnterprisesInterlock Ransomware Gang Claims Responsibility for Kettering Health HackGoogle Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader AppPhishing Campaign Uses Fake Booking.com Emails to Deliver MalwareFBI Warns of NFT Airdrop Scams Targeting Hedera Hashgraph WalletsChaos RAT Malware Targets Windows and Linux via Fake Network Tool DownloadsWidespread Campaign Targets Cybercriminals and GamersPlay Ransomware Crims Exploit SimpleHelp Flaw in Double-Extortion SchemesCisco Warns of ISE and CCP Flaws with Public Exploit Code
6/3/2025 June 3, 2025June 3, 2025 ~ The Cyber Beat ~ Leave a comment Thousands Impacted by Cyberattacks on Governments in Ohio, Oklahoma, Puerto RicoX’s New ‘Encrypted’ Xchat Feature Seems No More Secure Than the Failure That Came Before ItMan Pleads Guilty to Swatting Spree Impacting Scores of Government OfficialsMeta and Yandex Are De-anonymizing Android Users’ Web Browsing IdentifiersGermany Hands Vodafone $51 Million Fine Over Data Privacy ViolationsHow ‘Big Ag’ Spied on Animal Rights Activists and Pushed the FBI to Treat Them as BioterroristsMarriott Wins U.S. Appeals Order Striking Down Data Breach Class ActionCrowdStrike Shares Drop on Weak Revenue GuidanceMozilla Launches New System to Detect Firefox Crypto Drainer Add-OnsIndian Grocery Startup KiranaPro Was Hacked and Its Servers Deleted, CEO ConfirmsCoinbase Breach Tied to Bribed TaskUs Support Agents in IndiaAndroid Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto WalletsFake Docusign Pages Deliver Multi-Stage NetSupport RAT MalwareMalicious RubyGems Pose as Fastlane to Steal Telegram API DataCritical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious CodeHewlett Packard Enterprise Warns of Critical StoreOnce Auth BypassCISA Warns of ConnectWise ScreenConnect Bug Exploited in AttacksGoogle Quietly Pushes Emergency Fix for Chrome 0-Day as Exploit Runs WildOpenAI is Hopeful GPT-5 Will Compete a Little More
6/2/2025 June 3, 2025June 3, 2025 ~ The Cyber Beat ~ Leave a comment Ukrainians Smuggle Drones Hidden in Cabins on Trucks to Strike Russian AirfieldsPro-Ukraine Hacker Group Black Owl Poses ‘Major Threat’ to Russia, Kaspersky SaysNorth Korean Spies Want Your Jobs. Here’s What You Can Do.‘Forest Blizzard’ vs ‘Fancy Bear’ – Cyber Companies Hope to Untangle Weird Hacker NicknamesTop U.S. Cyber Agency Faces Staff and Funding Cuts in New BudgetAcreed Emerges as Dominant Infostealer Threat Following Lumma Takedown‘Russian Market’ Emerges as a Go-to Shop for Stolen CredentialsMysterious Leaker GangExposed Outs Conti Kingpins in Massive Ransomware Data DumpAI Is Learning to Escape Human ControlGoogle Chrome to Distrust Chunghwa Telecom, Netlock Certificates in AugustSentinelOne: Last Week’s 7-Hour Outage Caused by Software FlawNSO Appeals WhatsApp Decision, Says It Can’t Pay $168 Million in ‘Unlawful’ DamagesThe North Face Warns Customers of April Credential Stuffing AttackCartier Discloses Data Breach Amid Fashion Brand CyberattacksMainStreet Bancshares Says Thieves Drained Customer Data Through Third Party HoleCoinbase Breach Linked to Customer Data Leak in India, Sources SayMalaysian Home Minister’s WhatsApp Hacked, Used to Scam ContactsVanta Bug Exposed Customers’ Data to Other CustomersFake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global RegionsCryptojacking Campaign Targets DevOps Servers Including NomadSophisticated Malware Campaign Targets Windows and Linux SystemsPreinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PINQualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPUImplementing Secure by Design Principles for AI
5/30-6/1/2025 June 1, 2025June 1, 2025 ~ The Cyber Beat ~ Leave a comment U.S. Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles…Impersonator Breached Chief of Staff Susie Wiles’s Phone, Trump SaysSenators Call on Trump Admin to Reinstate Cyber Review Board for Salt Typhoon InvestigationIndia’s Alarm Over Chinese Spying Rocks the Surveillance IndustryMandatory Ransomware Payment Disclosure Begins in AustraliaU.S. Banks Urge SEC to Repeal Cyber Disclosure RuleCops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware KingpinPolice Takes Down AVCheck Site Used by Cybercriminals to Scan MalwareKrebs: U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ ScamsFeds Arrest DoD Techie, Claim He Dumped Top Secret Files in Park for Foreign Spies to FindMeta Says It Disrupted Influence Operations Linked to China, Iran, RomaniaChina-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and BrazilConnectWise Breach Linked to Nation-State HackersHospitals in Maine, New Hampshire Limit Services After Cyberattack on Catholic Health Org Covenant HealthDDoS Incident Disrupts Internet for Thousands in MoscowNew EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser DataHackers Are Exploiting Critical Flaw in vBulletin Forum SoftwareExploit Details for Max Severity Cisco iOS XE Flaw Now PublicNew Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, FedoraMicrosoft Authenticator Now Warns to Export Passwords Before July Cutoff