Cybersecurity News | Daily Recap [01 Jul 2025]

hendryadrian.com

hendryadrian.com

Cybercrime & Attacks

• The International Criminal Court suffered a second sophisticated cyberattack this year, highlighting ongoing security challenges. – ICC Cyberattacks, ICC Cyberattack
• The U.S. Department of Justice disrupted a North Korean IT worker “laptop farm” scheme operating in 16 states, exposing illicit revenue streams over $5 million and arrests of facilitators. – North Korean Laptop Farms, North Korean IT Scheme, North Korean Scheme Disrupted
• A ransomware attack on Swiss non-profit Radix exposed over 1.3TB of federal data, attributed to the Sarcoma ransomware group leaking sensitive government info. – Swiss Government Ransomware
• Johnson Controls notifies victims after a ransomware attack by the Dark Angels group, which demanded $51 million ransom causing worldwide data theft and disruption. – Johnson Controls Breach
• Esse Health confirms a data breach affecting over 263,000 patients via a likely ransomware attack, impacting their medical record systems. – Esse Health Breach, Esse Health Data Theft
• Spanish police and Europol arrest five suspects dismantling a global cryptocurrency fraud ring laundering over €460 million through shell companies and false identities. – Crypto Fraud Bust, Europol Crypto Fraud

Vulnerabilities & Exploits

• Critical flaws in Microsens NMP Web+ industrial systems enable hackers to gain full control via forged tokens, threatening critical manufacturing worldwide. – Microsens Vulnerabilities
• Thousands of Citrix NetScaler devices remain unpatched against actively exploited critical flaws, risking denial of service and session hijacking attacks. – Citrix NetScaler Flaws
• Google patched the fourth actively exploited Chrome zero-day of 2025 (CVE-2025-6554) involving a V8 engine type confusion flaw that allows remote code execution. – Chrome Zero-Day Fix, Chrome V8 Zero-Day, Chrome 138 Update
• New vulnerability in popular IDEs like Visual Studio Code allows malicious extensions to bypass verified status, risking developer environments. – IDE Extension Flaw

Geopolitical Cyber Threats

• U.S. agencies warn of rising cyberattacks by Iranian state-affiliated actors targeting critical infrastructure, industrial control systems (ICS), and defense networks with ransomware, DDoS, and espionage techniques. – Iranian Cyber Threats, Iranian ICS Attacks, Iranian Critical Infrastructure Warning, US Iranian Cyber Threat Alert
• Canada suspends Chinese surveillance firm Hikvision operations over national security concerns amid geopolitical tensions. – Hikvision Ban
• Russia increasingly restricts access to Cloudflare-protected services as part of its internet isolation efforts, affecting many businesses and users. – Cloudflare Russia Access
• Germany demands removal of the DeepSeek AI app from app stores for GDPR violations related to unauthorized data transfer to China. – DeepSeek AI Removal

Cybersecurity Policy & Industry Updates

• Sean Cairncross’s nomination as U.S. national cyber director advances despite limited cybersecurity experience, reflecting a key moment in American cyber policy leadership. – National Cyber Director
• LevelBlue announces acquisition of Trustwave to form a top-tier managed security service provider (MSSP) focused on enhanced MDR and cyber resilience. – LevelBlue Trustwave Deal
• Cato Networks raises $359 million Series G funding to accelerate AI-driven SASE platform expansion, now valued at over $4.8 billion. – Cato Networks Funding
• Microsoft to remove password management features from its Authenticator app by August 2025, urging users to switch to passkeys or third-party managers. – Microsoft Authenticator Change
• Microsoft Defender for Office 365 now blocks email bombing attacks, improving protection against threat actors like BlackBasta and FIN7. – Defender Email Bombing
• A new maturity model framework helps enterprises close browser security gaps to combat risks from GenAI misuse and shadow SaaS proliferation. – Browser Security Model

Cybersecurity News | Daily Recap – hendryadrian.com