Cyber Weekly Newsletter

Cyber Weekly Newsletter for Friday June 6, 2025

The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team

Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware

This Weeks Need-to-Know News and Alerts

⚠️ Cybersecurity company SentinelOne revealed that a software flaw triggered a seven-hour-long outage last week. They confirmed the incident's root cause was not a cyberattack or a breach but a software flaw in an infrastructure control system.https://www.bleepingcomputer.com/news/technology/sentinelone-last-weeks-7-hour-outage-caused-by-software-flaw/

⚠️ Critical Fortinet flaws now exploited in Qilin ransomware attacks. The Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely https://www.bleepingcomputer.com/news/security/critical-fortinet-flaws-now-exploited-in-qilin-ransomware-attacks/   

⚠️ Google patches new Chrome zero-day bug exploited in attacks. Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. https://www.bleepingcomputer.com/news/security/google-patches-new-chrome-zero-day-bug-exploited-in-attacks/

⚠️Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials. Network traffic that is unencrypted also means that they are susceptible to adversary-in-the-middle (AitM) attacks on untrusted networks and public Wi-Fi. https://thehackernews.com/2025/06/popular-chrome-extensions-leak-api-keys.html 

⚠️ FBI reports Play ransomware breached 900 victims, including critical orgs. The report notes the gang exploited remote monitoring and management tools and uses recompiled malware in every attack, making it more difficult for security to detect and block it. https://www.bleepingcomputer.com/news/security/fbi-play-ransomware-breached-900-victims-including-critical-orgs 

⚠️ Fake Recruiter Emails Target CFOs with spear-phishing campaign that uses a legitimate remote access tool called Netbird. The starting point of the attack is a phishing email that impersonates a recruiter. https://thehackernews.com/2025/06/fake-recruiter-emails-target-cfos-using.html 

⚠️ Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin. WooCommerce Wishlist tool allows e-commerce site customers to save their favorite products for later and share the lists on social media platforms. https://thehackernews.com/2025/05/over-100000-wordpress-sites-at-risk.htm 

⚠️ Fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT. The site shares temporal and infrastructure overlaps with other malicious domains spoofing banks and IT services. https://thehackernews.com/2025/05/cybercriminals-clone-antivirus-site-to_4.html 

⚠️ Microsoft Helps CBI Dismantle Call Centers Behind Tech Support Scam. These actors used generative AI to scale their operations, including to identify potential victims, automate the creation of malicious pop-up windows. https://thehackernews.com/2025/06/microsoft-helps-cbi-dismantle-indian.html 

⚠️ 0-click exploitation of iMessage nickname feature revealed. Apple has resolved an iMessage issue involving the Nickname Update feature could have been exploited to trigger errors with no user interaction. https://www.scworld.com/news/0-click-exploitation-of-imessage-nickname-feature-revealed 

⚠️ BADBOX 2.0 Android malware infects millions of consumer devices. FBI warns that the BADBOX 2.0 malware campaign has infected home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. https://www.bleepingcomputer.com/news/security/fbi-badbox-20-android-malware-infects-millions-of-consumer-devices 

⚠️ Chrome Drops Trust for Chunghwa, Netlock Certificates. Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions by the companies. https://www.darkreading.com/remote-workforce/chrome-drops-trust-chunghwa-netlock-certificates 

⚠️ Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud. The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same. https://www.darkreading.com/vulnerabilities-threats/cisco-warns-critical-static-credential-vulnerability 

⚠️ AVCheck site used by cybercriminals taken down. An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild. https://www.bleepingcomputer.com/news/security/police-takes-down-avcheck-antivirus-site-used-by-cybercriminals

⚠️ Qualcomm shipped security updates to address three zero-day vulnerabilities that have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed to the company by the Google Android Security team. https://thehackernews.com/2025/06/qualcomm-fixes-3-zero-days-used-in.html

From Our Blog

✅ Preparing for Account Takeover and Business Email Attacks

Both tactics are employed by cybercriminals to gain unauthorized access to valuable information or financial assets. While they share some commonalities, the methodologies and specific targets of these attacks distinguish them from one another. In this post, we will delve into what sets ATO and BEC attacks apart, their similarities, and effective measures for defending against them…Read more now at https://riskigy.com/blog/f/preparing-for-account-takeover-and-business-email-attacks 

✅ FBI and Verizon Reports Highlight Ransomware and Third-Party Risk

Two major reports, Verizon's 2025 Data Breach Investigations Report (DBIR) and the FBI's 2024 Internet Crime Complaint Center (IC3) Annual Report, provide valuable insights into the current state of cybercrime.…Read more now at https://riskigy.com/blog/f/fbi-and-verizon-reports-highlight-ransomware-and-third-party-risk 

✅ Managing Bring Your Own AI (BYOAI) Risk

While the Bring Your Own AI (BYOAI) trend can enhance productivity and foster innovation, it also introduces a set of compelling risks that businesses must manage carefully. As AI continues to transform the business landscape, a new trend has emerged, Bring Your Own AI (BYOAI)....Read more at https://riskigy.com/blog/f/managing-bring-your-own-ai-byoai-risk 

✅ Key Differences Between Data Privacy and Data Security

Although these terms are often used interchangeably, they represent distinct facets of protection when managing sensitive information. This post explores the differences between data privacy and data security, providing examples of regulations and highlighting risks businesses face in each area…Read more at https://riskigy.com/blog/f/key-differences-between-data-privacy-and-data-security 

✅ Surge in ClickFix and Fake CAPTCHA Attacks

ClickFix, a social engineering tactic that surfaced last year, involves threat actors designing deceptive websites or phishing attachments that show fake errors and then instruct users to click a button to resolve them…Read more https://riskigy.com/blog/f/surge-in-clickfix-and-fake-captcha-attacks 

Recent Data Breach News

⚠️Old AT&T data leak repackaged by a threat actor that has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates to individual users. https://www.bleepingcomputer.com/news/security/old-atandt-data-leak-repackaged-to-link-ssns-dobs-to-49m-phone-numbers/ 

⚠️ Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange. A TaskUs employee was caught capturing photos of her screen using a personal device. https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/ 

⚠️Victoria’s Secret delays earnings release after security incident. In response to the late May incident, the company took down corporate systems, some in-store services, and the e-commerce website as a precaution on May 26. https://www.bleepingcomputer.com/news/security/victorias-secret-delays-earnings-release-after-security-incident/ 

⚠️Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website. The company is owned by VF Corporation that also controls Vans, Timberland, and Dickies. https://www.bleepingcomputer.com/news/security/the-north-face-warns-customers-of-april-credential-stuffing-attack 

⚠️Sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. Adidas added that the stolen information did not include the affected customers' payment-related information or passwords. https://www.bleepingcomputer.com/news/security/adidas-warns-of-data-breach-after-customer-service-provider-hack/ 

⚠️Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers information after its systems were compromised. Cartier revealed that hackers breached its systems and stole a limited amount of customer information. https://www.bleepingcomputer.com/news/security/cartier-discloses-data-breach-amid-fashion-brand-cyberattacks/ 

Cybersecurity Is Complex! We Are Here To Help

Cyberthreats are everywhere, you don’t have to face them alone. Get Cybersecurity & Tech help from Riskigy!

✔Looking for an expert to assist your firm or clients? 

✔Need a pro to explain Tech or Cyber to your management? 

✔Vetting a new investment or acquisition? 

✔Want to build a cyber aware staff? 

✔Need immediate assistance with an incident? 

✔Considering adding a vCISO or vCTO to your team?

✔Seeking help with SOC-2, SEC/FINRA, or FTC readiness?

Contact us to discuss how we can assist!