Cybersecurity News | Daily Recap [09 Jun 2025]

Nation-State & Targeted Attacks

• Chinese state-sponsored actors exploit the NICKNAME zero-click iMessage vulnerability to target high-value individuals in the US and EU, enabling remote device compromise without user interaction – NICKNAME Exploit, iMessage Attacks
• The US DOJ moves to seize $7.74M in cryptocurrency linked to North Korean sanctions evasion schemes involving fake IT workers and laundering networks generating over $88M illicit gains – North Korea Crypto Seizure
• OpenAI bans ChatGPT accounts linked to Russian, Iranian, and Chinese hacker groups abusing AI for malware development, espionage, and disinformation campaigns – OpenAI AI Abuse
• APT group UNC1151 exploited a critical Roundcube webmail flaw (CVE-2024-42009) in spear phishing campaigns targeting Polish organizations to steal credentials via malicious Service Workers – UNC1151 Spear Phishing

Ransomware & Cyberattacks on Critical Infrastructure

• NHS UK calls for 1 million blood donors following a ransomware attack by Qilin that disrupted healthcare services and exposed sensitive patient data – NHS Blood Call
• United Natural Foods, North America’s leading grocery wholesale distributor, suffered a cyberattack causing operational disruption and customer fulfillment delays, triggering incident response protocols – UNFI Cyberattack
• A new Mirai botnet variant leverages a command injection vulnerability (CVE-2024-3721) in TBK DVR devices globally to hijack them for DDoS and malicious traffic activities – Mirai Botnet TBK DVR

Vulnerabilities & Exploits

• Salesforce faces a critical SOQL injection 0-day vulnerability risking exposure of sensitive data worldwide, quietly patched without public acknowledgment – Salesforce SOQL 0-Day
• Metasploit 6.4.68 update patches critical path traversal and remote code execution flaws in ThinManager, Ivanti EPMM, udev persistence on Linux, and adds enhanced PHP payload modules – Metasploit Update

Cryptocurrency Threats

• Over 20 malicious apps on Google Play impersonate popular crypto wallets like SushiSwap and PancakeSwap to steal users’ mnemonic seed phrases in widespread phishing campaigns warned by CRIL – Malicious Wallet Apps, Crypto Phishing Campaign

Data Theft & Fraud

• Kazakhstan police arrested over 140 suspects dismantling a large network selling stolen citizens’ data via Telegram, combating illicit data trade in Eastern Europe – Kazakhstan Data Bust
• Nigerian hacker Kingsley Uchelue Utulu sentenced to over five years imprisonment for cyber fraud targeting US tax preparation firms, underlining persistent Nigerian cybercrime threats – Nigerian Hacker Sentenced

Cyber Defense & Risk Management

• Blue Teams can enhance proactive cyber defense with Wazuh by leveraging real-time monitoring, automated incident response, and customizable playbooks covering threats like credential dumping and brute force – Wazuh Blue Team
• Shadow IT risks persist despite IdP or CASB deployment, with dangers from dormant accounts, excessive AI permissions, and unmanaged app connections requiring specialized detection and mitigation tools – Shadow IT Risks

Threat Landscape & Weekly Recaps

• Recent cybersecurity recaps highlight exploits including Google’s Chrome 0-day patch, destructive data wipers like PathWiper in Ukraine, zero-click iPhone attacks, and APT activities involving groups such as OilRig, UNC5174, and Kimsuky – Weekly Cyber Recap, Threat Research Recap

Cybersecurity News | Daily Recap – hendryadrian.com

Views: 30