![Cybersecurity News | Daily Recap [20 Jun 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [20 Jun 2025]")
Krispy Kremeβs recent ransomware attack by the Play gang compromised over 160,000 individualsβ data, highlighting the growing threat of cybercriminal groups targeting large organizations. Meanwhile, new malware campaigns like Godfather Trojan and AntiDot employ advanced virtualization and evasion techniques to steal banking and cryptocurrency data. #Play #GodfatherTrojan #AntiDot #KrispyKremeBreach
Data Breaches & Ransomware
- Krispy Kreme suffered a ransomware attack by the Play gang, compromising personal and financial data of over 160,000 individuals and causing major operational disruptions β Krispy Kreme Breach, Krispy Kreme Impact
- Aflac repelled a ransomware attack by a sophisticated cybercrime group, which resulted in theft of thousands of personal and health records while preserving critical operations β Aflac Ransomware
- Oxford City Council in the UK faced a cyberattack compromising legacy systems and employee data dating back over two decades, with ongoing investigations β Oxford Council Attack
Malware & Exploits
- The Godfather Android Trojan now employs virtualization sandboxes to stealthily hijack banking and cryptocurrency apps, enabling real-time data theft and evasion of detection β Godfather Sandbox, Godfather Virtualization
- New Android malware surge linked to the AntiDot MaaS framework uses overlays, virtualization fraud, and NFC theft to target thousands of devices with advanced evasion techniques β AntiDot Malware
- Researchers uncovered 200+ trojanized GitHub repositories as part of the Banana Squad campaign, targeting gamers and developers with disguised Python hacking tools β GitHub Trojan Campaign
- Securonix identified the Serpentine#Cloud malware campaign abusing Cloudflare Tunnels to distribute payloads via phishing, using loaders and RATs like AsyncRAT and RevengeRAT β Cloudflare Malware
- FreeType zero-day CVE-2025-27363 linked by Meta to Paragon spyware exploits, impacting multiple countries with advanced surveillance tools β FreeType Zero-Day
- The Silver Fox APT, a China-based group, deploys trojanized medical software and advanced malware for stealth espionage targeting healthcare and government sectors β Silver Fox APT
Cyber Attacks & Espionage
- Russia-targeted UNC6293 APT uses phishing and Google Application-Specific Password exploits to infiltrate critics and academics with sophisticated social engineering β UNC6293 Phishing
- Iranβs state TV was hijacked mid-broadcast to promote protests amid escalating cyber conflict involving $90M stolen from Nobitex crypto exchange by the Predatory Sparrow group linked to Israel-Iran tensions β Iran TV Hack, Predatory Sparrow Theft
- A cyberattack on Russiaβs Mercury animal certification platform disrupted dairy supply chains nationwide with no claimed responsibility β Russia Mercury Attack
DDoS & Network Security
- Cloudflare mitigated a record-breaking multi-vector DDoS attack peaking at an unprecedented 7.3 Tbps, involving over 122,000 IP addresses across 161 countries and delivering 37.4 TB of data in just 45 seconds β Record DDoS Attack, Massive 7.3 Tbps DDoS
- Microsoft announced removal of legacy drivers from Windows Update to enhance system security and compatibility, allowing partner-driven resubmissions for justifiable drivers β Legacy Drivers Removal
Vulnerabilities & Patching
- A critical vulnerability CVE-2025-49763 affecting Apache Traffic Server enables memory exhaustion attacks causing denial-of-service, urging immediate patching and configuration changes β Apache Traffic Server
- A widespread exploitation of the Motors WordPress theme vulnerability affected over 22,000 sites, risking privilege escalation and account takeovers, with urgent patching advised β Motors Theme Vulnerability
Credential Security & Identity Management
- Self-service password resets (SSPRs) with robust identity verification can reduce helpdesk costs while maintaining strong security despite the rise of passwordless methods β Password Reset Security
- An upcoming webinar highlights the rising threat of stolen credentials as a primary attack vector, offering defense strategies against credential theft and phishing β Credentials Webinar
- The U.S. Department of Justice recovered over $225 million in cryptocurrency stolen through complex scams and money laundering schemes tracked via blockchain analysis β US Crypto Seizure, $225M Crypto Recovery
- Warnings against the misconception of a β16 billion credentials leakβ highlight the role of infostealer malware and credential stuffing, emphasizing best practices like two-factor authentication β Credentials Leak Myth
Security Operations & Defense
- Building 24/7 in-house Security Operations Centers (SOCs) with AI automation and skilled teams is essential for continuous monitoring and defense against off-hours cyberattacks β 24/7 SOC Success