Cybersecurity News | Daily Recap [28 Jun 2025]

hendryadrian.com

hendryadrian.com

Cybercrime Groups & Espionage

• The Scattered Spider threat group is expanding its social engineering attacks from retail to aviation and transportation sectors, using impersonation to bypass MFA – Scattered Spider Expands, Scattered Spider Shift
• Over 1,000 SOHO devices have been hacked in a China-linked LapDogs espionage campaign deploying the ShortLeash backdoor across multiple regions – LapDogs Campaign
• GIFTEDCROOK malware evolved from a browser stealer to an intelligence-gathering tool targeting Ukrainian authorities through phishing-based document exfiltration – GIFTEDCROOK Evolution

Phishing & Social Engineering

• A sophisticated phishing attack using a legitimate Webflow site disguises fake DocuSign emails and employs fingerprinting to evade detection – Fake DocuSign Phishing

Vulnerabilities & Ransomware

• A critical CVE-2025-6561 vulnerability in Hunt Electronics hybrid DVRs exposes admin credentials in plaintext, enabling unauthenticated remote access – Hunt DVR Flaw
• Although organizations have improved preventing ransomware encryption and reduced ransom payments, overall preparedness and cybersecurity hygiene still lag considerably – Ransomware Response

Privacy & Platform Updates

• Facebook’s new AI tool requests photo uploads to generate story ideas, raising concerns over data retention, facial recognition, and potential misuse especially in relation to China – Facebook AI Privacy
• Microsoft will update the infamous Blue Screen of Death to a black background with enhanced recovery features and progress indicators to improve system resilience – Windows BSOD Update

Geopolitical Censorship

• Russia has begun throttling access to websites protected by Cloudflare to restrict Western tech usage and block censorship circumvention tools like Psiphon and VPN hosts – Russia Cloudflare Throttling

Cybersecurity News | Daily Recap – hendryadrian.com