Cybersecurity Institute News Roundup 30 June 2025
Welcome to this week’s Cybersecurity Institute News Roundup: a weekly overview of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. In this week’s roundup, we cover the potential role cyber played in US strikes on Iranian nuclear sites and the Iran-Israel conflict in cyberspace, WhatsApp being banned on US House government devices, new EU member mandates to complete critical infrastructure post-quantum cryptography (PQC) by 2030, and a breach of 16 billion login credentials across Apple, Facebook, Google and more.
Potential role cyber played in US strikes on Iranian nuclear sites
Analysts speculate that the US used a combination of cyber and conventional military tactics in their recent targeted strike against Iranian nuclear sites, an operation codenamed Midnight Hammer. Potential cyber tactics include the use of malware, wiperware, and distributed denial-of-service attacks to disrupt enemy preparedness and response.
Iran-Israel conflict unfolds in cyberspace
https://www.politico.com/news/2025/06/22/us-israel-iran-war-cyber-attacks-00417782
In additional to conventional warfare, the Iran-Israel conflict is increasingly being played out in cyberspace. Over the past few weeks, there have been cyberattacks on major Iranian financial institutions along with disinformation campaigns across Israel.
WhatsApp banned on US House government devices
https://www.axios.com/2025/06/23/whatsapp-house-congress-staffers-messaging-app
The US Office of Cybersecurity has deemed WhatsApp high risk and banned its presence and use on any House device. Specific concerns include a lack of transparency in how the app protects user data and the absence of stored data encryption.
EU members to migrate critical infrastructure to PQC by 2030
Europe is strengthening its cyber posture once again with new EU mandates for member states to begin their post quantum cryptography (PQC) journey by the end of 2026 and to have completed critical infrastructure PQC migration no later than 2030.
16 billion login credentials breached including Apple, Facebook, and Google
Researchers have reported the compromise of 16 billion login credentials across social media, virtual private networks (VPNs), developer portals, and user accounts including those from Apple, Facebook, Google, GitHub, Telegram, and several government services.