![Cybersecurity News | Daily Recap [07 Jun 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [07 Jun 2025]")
Multiple critical vulnerabilities have been identified across various platforms, including HPE Insight Remote Support, FreeRTOS-Plus-TCP, AWS Amplify Studio, and Apache Tomcat, urging immediate patching to prevent exploits leading to system crashes and denial of service. Additionally, recent ransomware campaigns targeted organizations like Optima Tax Relief and Kettering Health, while nation-state actors have engaged in espionage and infrastructure attacks, notably in Ukraine and Armenia. #HPE RCE Flaw #FreeRTOS Flaw #AWS Amplify RCE #Tomcat DoS #Optima Tax Chaos #Kettering Interlock #Bitter APT #UNC5792 #Atomic macOS Stealer #PathWiper Malware
Critical Vulnerabilities
- Multiple critical remote code execution flaws were found in HPE Insight Remote Support, FreeRTOS-Plus-TCP, and AWS Amplify Studio, requiring urgent updates to prevent code execution and system crashes β HPE RCE Flaw, FreeRTOS Flaw, AWS Amplify RCE
- An Apache Tomcat HTTP/2 vulnerability causing denial of service via memory leaks was exposed with a proof-of-concept exploit, stressing the need for immediate patching β Tomcat DoS PoC
- Microsoft released a PowerShell script to safely restore the inetpub folder removed by April 2025 Windows patches to mitigate a critical privilege escalation vulnerability β Microsoft inetpub Script
Ransomware Attacks
- The Chaos ransomware gang targeted U.S. tax firm Optima Tax Relief, stealing 69 GB of sensitive data and encrypting servers in a double-extortion attack β Optima Tax Chaos
- Kettering Health confirmed a major breach by Interlock ransomware, resulting in stolen patient and organizational data along with service disruptions β Kettering Interlock Attack
APT & Espionage Activities
- The India-aligned threat actor TA397 (Bitter APT) conducted global espionage campaigns targeting government and diplomatic entities using malware like BDarkRAT and spearphishing tactics β TA397 Espionage
- A sophisticated spear-phishing operation by UNC5792 targeted Armenian civil society and government via Signal messenger with fake personas and advanced infrastructure β Signal Phishing Armenia
Malware Campaigns Targeting macOS & Ukraine
- A new campaign exploiting ClickFix social engineering installs Atomic macOS Stealer (AMOS) via fake Spectrum sites to harvest passwords and enable lateral movement of Apple usersβ data β Atomic macOS Stealer
- The destructive malware PathWiper, linked to Russian APT groups and evolving from HermeticWiper, is targeting Ukraineβs critical infrastructure with data-wiping attacks rather than ransomware extortion β PathWiper Malware