Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [23 Jun 2025]

admin
Cybersecurity News | Daily Recap [23 Jun 2025]

Recent cybersecurity developments highlight nation-state cyber espionage campaigns, including Russian APT28 targeting Ukraine and Chinese Salt Typhoon exploiting CVE-2023-20198 to attack Canadian telecoms. The report also details significant ransomware breaches such as Disneyland Paris and Michigan’s McLaren Health Care, alongside emerging malware threats like XDigo and UMBRELLA STAND, emphasizing evolving attack vectors and vulnerabilities. #APT28 #SaltTyphoon #AnubisRansomware #XDigoMalware #UMBRELLASTAND

State-Sponsored Attacks

  • Russian-linked APT28 hackers target Ukrainian government systems using cloud API backdoors in a sophisticated espionage campaign – Ukrainian Backdoors
  • Chinese Salt Typhoon hackers exploit CVE-2023-20198 to attack Canadian telecom firms for data theft and reconnaissance – Salt Typhoon Attacks
  • Iranian operatives reportedly hack internet security cameras for missile targeting in Israel, with similar surveillance threats in Ukraine and Russia – Iran Camera Exploits
  • The US braces for increased cyberattacks from Iranian hackers amid heightened tensions following involvement in Israel-Iran conflict – US Iran Cyber Threat
  • North Korean BlueNoroff group uses deepfakes and fake Zoom extensions to deploy macOS malware aimed at stealing cryptocurrency – BlueNoroff Deepfake Scam
  • Russian UNC6293 hackers bypass Gmail MFA using stolen app passwords through social engineering targeting high-profile individuals – Gmail MFA Bypass

Ransomware & Data Breaches

  • Anubis ransomware gang claims data leak at Disneyland Paris exposing 39,000 files and threatens further data releases using built-in wipers – Anubis Disneyland Leak
  • Ransomware attack on Michigan’s McLaren Health Care steals data of over 740,000, marking second incident in a year affecting hospital operations – McLaren Ransomware
  • Nucor, North America’s leading steelmaker, confirms data theft and production disruption from recent cyberattack, assessing impact – Nucor Data Breach
  • Oxford City Council suffers data breach exposing two decades of legacy election data from 2001-2022, causing service disruptions and investigations – Oxford Data Breach

Malware & Exploits

  • XDigo Go-based stealer malware exploits Windows LNK flaw in attacks against Eastern European governments in 2025, showcasing advanced evasion – XDigo Malware
  • New UMBRELLA STAND malware targets Fortinet FortiGate 100D firewalls with stealthy backdoors and encrypted channels raising infrastructure espionage concerns – UMBRELLA STAND Malware
  • OpenVPN patched a critical driver flaw (CVE-2025-50054) that allowed attackers to crash Windows systems, with version 2.7_alpha2 released soon – OpenVPN Vulnerability
  • WordPress Motors theme vulnerability is widely exploited to hijack admin accounts, urging immediate updates to prevent takeover – Motors Theme Flaw
  • Critical cryptographic flaw in Meshtastic LoRa mesh network project allows attackers to decrypt private messages and hijack nodes via duplicated keys – Meshtastic Flaw
  • Open directories exposed public tools like SQLMap and BlueShell backdoor used by hackers, enabling reconnaissance on Taiwan infrastructure and beyond – Open Directories Exposure

Security Vulnerabilities & Patches

  • Critical authentication bypass CVE-2025-49825 in Teleport allows remote attackers to bypass SSH auth, with patches released for versions before 17.5.2 – Teleport Auth Bypass, Teleport Vulnerability
  • Amazon EKS security flaws expose AWS credentials and enable privilege escalation, highlighting risks from container misconfigurations – Amazon EKS Flaws

AI and Cybersecurity

  • New advanced AI jailbreak called Echo Chamber circumvents guardrails to manipulate models into producing harmful content, raising model integrity concerns – Echo Chamber Jailbreak
  • Google implements multi-layered defenses to protect GenAI systems against evolving indirect prompt injection attacks – Google AI Defenses
  • AI-enabled workflow automation proposed to reduce SOC burnout by automating repetitive tasks and providing real-time support to analysts – AI for SOCs

Cyberattack Trends & Defense

  • A record 7.3 Tbps DDoS attack using UDP floods illustrates growing scale and complexity of online service disruption campaigns – Record DDoS Attack
  • Amazon’s Steve Schmidt reveals use of honeypots like MadPot to detect nation-state cyber operations such as Volt Typhoon, emphasizing human factors in cybersecurity – Amazon Cyber Insights
  • Weekly threat recap highlights expansion of Remote Access Trojans (RATs) and malware campaigns targeting IoT, government, and banking sectors with increasing phishing – Weekly Threat Recap

Miscellaneous

  • CoinMarketCap briefly hacked via supply chain attack injecting malicious popup to drain cryptocurrency wallets – CoinMarketCap Wallet Drain
  • Microsoft Windows Snipping Tool now supports exporting animated GIF recordings up to 30 seconds to enhance user productivity – Windows GIF Export

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint