Black Arrow Cyber Threat Intelligence Briefing 20 June 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Our review of cyber security in specialist and general media this week features a survey of 300 CISOs where 98% expect increased cyber threats within three years, with growing concern over third-party risks and hybrid outsourcing models. A separate survey revealed that 69% of managed service providers (MSPs) reported multiple cyber breaches in the last 12 months, highlighting supply chain risks to be managed by organisations including the popular attack tactic of IT Helpdesk scams. We also report on the evolution of phishing using agentic-AI and deepfake, and the use of ‘unsubscribe’ buttons on phishing emails to compromise the recipient’s systems.
The structure and tactics of the criminal ecosystem continues to evolve. New attacker groups are emerging as others disappear and existing groups are moving from the retail sector to target financial services, while Iranian cyber attackers are coming to the fore. We also report on the need for CISOs to demonstrate board-level alignment of security and business growth, and the need for stronger governance over the use of AI in organisations.
At Black Arrow Cyber Consulting, we strongly believe these developing risks are best addressed through an organisational-wide approach to security. In line with globally respected frameworks, this starts with governance by a leadership team that has a strong understanding of the fundamentals of cyber security using controls across people, operations and technology to address the evolving risks including social engineering, third party risks, and AI.
Top Cyber Stories of the Last Week
Survey Reveals 98% of CISOs Anticipate Increased Cyber Attacks Within Three Years
CSC’s latest global survey of 300 CISOs found that 70% believe security threats will increase in the next year and almost all (98%) predict an increase in the next three years. The study also highlights a rise in cyber security budgets and growing reliance on hybrid outsourcing models, though concerns remain over third-party access and poor compliance by domain providers.
https://www.techmonitor.ai/technology/cybersecurity/csc-survey-cisos-anticipate-cyberattacks
Over Two Thirds of MSPs Hit by Multiple Breaches in Past Year, Survey Reveals
CyberSmart’s latest survey reveals that managed service providers (MSPs) remain a key target for cybercriminals, citing recent examples of organisations being attacked through their MSP. 69% of MSP participants reported multiple breaches in the last 12 months, with almost half facing three or more. 39% felt prepared to offer a solution or guidance to customers in meeting their cybersecurity regulations which could include DORA or NIS2. The report notes opportunities to further strengthen cyber resilience. MSPs named continuous monitoring, employee cybersecurity training, and proactive risk management as the measures most likely to help them improve cyber confidence. https://www.itsecurityguru.org/2025/06/19/over-two-thirds-of-msps-hit-by-multiple-breaches-in-past-year-survey-reveals/
IT Helpdesk Scams are Ramping Up – Here’s What Leaders Can Do
IT helpdesk scams are becoming more sophisticated, targeting staff across legal, financial and other high-value sectors. Attackers often pose as internal IT support to trick users into installing legitimate remote access tools, giving criminals control of systems. Recent breaches at retailers M&S and the Co-op highlight how even trained IT staff can be manipulated. Criminal groups and state actors alike are adopting these tactics, increasingly enhanced by artificial intelligence to personalise interactions and build trust. With technical controls often bypassed, firms must invest in regular user training, restrict admin rights, and block unauthorised remote access tools to reduce risk.
https://www.itpro.com/security/cyber-attacks/it-helpdesk-scams-are-ramping-up-heres-what-to-do
Phishing 3.0: Agentic AI Ushers in New Generation of Unprecedented Risk
Phishing is entering a new phase, with AI-driven threats set to challenge traditional defences. Known as Phishing 3.0, this wave combines highly convincing deepfakes and autonomous AI agents capable of executing entire campaigns without human input. These tools can convincingly mimic voices or faces of trusted individuals, increasing the risk of fraud and data loss. A recent study found that current defences miss over two-thirds of phishing emails. To remain resilient, organisations must invest in advanced AI-powered detection and raise staff awareness to spot fake communications that appear authentic and urgent. The threat is growing rapidly, and preparation is essential.
Why CISOs Must Align Business Objectives and Cyber Security
A successful chief information security officer (CISO) must align cyber security with business objectives to support growth, innovation and resilience. As cyber threats grow more complex, including silent long-term intrusions and AI-driven attacks, CISOs must take a proactive approach that secures operations without hindering them. This requires board-level engagement, clarity over roles and responsibilities, and regular communication with other executives. Shared ownership of cyber risk across leadership teams fosters a culture where business and security priorities work in tandem. Simulations, modern tools, and well-structured processes further help ensure the organisation is prepared before a major incident occurs.
Scattered Spider has Moved from Retail to Financial Services, Insurance Now Targeted
The cyber crime group known as Scattered Spider has shifted its focus from retailers to the insurance sector, prompting warnings from Google for firms to be on high alert. Several US insurers, including Erie and Philadelphia Insurance, have reported system outages linked to unauthorised access, with investigations still ongoing. The group is known for using fake helpdesk calls to gain access before deploying ransomware. Google recommends enhanced caller verification, stronger authentication methods, and helpdesk training to reduce the risk. The prolonged disruption highlights the need for robust cyber security defences across the financial and insurance sectors.
https://www.theregister.com/2025/06/16/scattered_spider_targets_insurance_firms/
Ransomware Thrives in Shook-Up Criminal Underworld
The ransomware threat landscape is evolving rapidly, with a wave of new groups emerging as older operations disappear. A recent surge in attacks linked to groups such as SafePay, Qlin, Play and Akira accounted for 64 victims in May alone, with organisations in the UK, US, and Europe among those affected. The collapse of major players like RansomHub has triggered fierce competition among criminal groups, leading to greater fragmentation and more sophisticated tactics. Some attacks now appear to serve dual purposes, including espionage. Meanwhile, code reuse from defunct groups like REvil shows that while names may change, the threat remains constant.
https://www.govinfosecurity.com/ransomware-thrives-in-shook-up-criminal-underworld-a-28739
Russian Gang’s Cyber Attack on UK Blood Services ‘Harmed 170 Patients’
A ransomware cyber attack carried out by a Russian criminal group last year severely disrupted pathology services at London hospitals and GP surgeries, directly impacting patient care. The incident, which targeted the provider Synnovis, led to the cancellation of over 10,000 medical appointments and halted blood testing across many GP practices. Reports now confirm that nearly 600 incidents were linked to the disruption, with 170 patients suffering direct harm. These included one case of severe harm and 14 of moderate harm. The attack highlights the real-world consequences of digital vulnerabilities in critical healthcare systems.
https://www.lbc.co.uk/tech/russian-gangs-cyber-attack-on-blood-services-harmed-170-patients/
Experts Warn Clicking "Unsubscribe" Could Actually be a Security Risk, Here's Why
Clicking “unsubscribe” in spam emails may expose users to cyber attacks, experts warn. Threat actors often use these buttons to redirect recipients to harmful websites or confirm active email addresses for future targeting. Research suggests around 1 in 600 clicks lead to malicious content. If the sender is unfamiliar or untrusted, using the unsubscribe option is not advised. Instead, users should rely on built-in unsubscribe features within their email client, use spam filters, or create disposable email addresses to minimise risk. This highlights the need for caution when managing unwanted emails, even in seemingly routine actions.
Security Is Only as Strong as the Weakest Third-Party Link
Third-party risks are now a major contributor to data breaches, accounting for 30% of incidents. High-profile incidents have shown how supplier vulnerabilities can disrupt operations at scale. To remain resilient, security leaders must shift to continuous monitoring and treat third-party risks as their own. With rising complexity and resource constraints, technology and smarter assessments are vital to protecting businesses in an increasingly interconnected environment.
https://www.darkreading.com/vulnerabilities-threats/security-strong-weakest-third-party-link
Employees Are Using AI Where They Know They Shouldn’t
Many employees are using artificial intelligence tools in ways they know they shouldn’t, including for sensitive tasks such as safety decisions and personnel matters. Despite this, 86% of staff lack confidence in AI’s accuracy, and most feel undertrained in its practical use. Smaller firms in particular struggle with adoption, with nearly half of employees unsure how to use AI effectively. Business leaders should take urgent steps to improve staff training, introduce clear and enforceable AI policies, and avoid deploying tools without defined purpose or oversight, as failure to do so risks both misuse and missed productivity gains.
https://www.helpnetsecurity.com/2025/06/18/employees-ai-potential/
Threat of Cyber Attacks from Iran Concern Security Experts
Cyber security experts are warning of a heightened threat of cyber attacks linked to Iran, particularly in light of ongoing regional tensions. Sectors such as energy, finance and transport are viewed as high-risk due to their potential for widespread disruption. Experts have noted the use of advanced phishing techniques and malware targeting critical systems, including those controlling fuel supplies and public infrastructure. Activity from both state-sponsored and sympathetic groups has increased, with dormant hacking groups resurfacing and issuing threats. Businesses are advised to strengthen defences and report suspicious activity, especially where remote access or unpatched systems are involved.
https://www.washingtontimes.com/news/2025/jun/18/cyber-pros-warn-digital-threats-spreading-iran/
Governance, Risk and Compliance
Survey reveals 98% of CISOs anticipate increased cyber attacks within three years – Tech Monitor
Why CISOs Must Align Business Objectives & Cyber Security
Cyber Security Strategy Shifts Amid Global Political Tensions
How to Break the Security Theater Illusion
Bridging the Gap Between CEOs and CISOs for AI Adoption | MSSP Alert
What is a compliance audit? (with an example checklist) | TechTarget
Security Is Only as Strong as the Weakest Third-Party Link
Security Evolution: From Pothole Repair to Road Building
Choosing a Clear Direction in the Face of Growing Cyber Security Demands - SecurityWeek
7 trends shaping digital transformation in 2025 - and AI looms large | ZDNET
How C-suite roles are shaping the future of tech leadership - Help Net Security
15 Emerging Cyber Security Threats and How to Prepare - DevX
Changing nature of cyber threat leads to ‘brittle’ risk landscape - Insurance Post
Threats
Ransomware, Extortion and Destructive Attacks
Scattered Spider Using Aggressive Social Engineering Techniques to Deceive IT Support Teams
IT helpdesk scams are ramping up –here’s what leaders can do | IT Pro
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
Scattered Spider targets insurance firms, Google warns • The Register
Hackers switch to targeting US insurance companies
Ransomware Thrives in Shook-Up Criminal Underworld
Qilin Ransomware Emerges as World's Top Threat, Demands $50 Million Ransom
Fog ransomware attacks use employee monitoring tool to break into business networks | TechRadar
How cyber insurers are adapting to the new ransomware playbook | Insurance Business America
Anubis ransomware adds wiper to destroy files beyond recovery
Ransomware Group Qilin Offers Legal Counsel to Affiliates - Infosecurity Magazine
Ransomware gang busted in Thailand hotel raid
Don’t Get Caught in Scattered Spider’s Web | McCarter & English, LLP - JDSupra
Ransomware 3.0: A Glimpse Into the Post-Trust Ecosystem
Bert Ransomware: What You Need To Know | Fortra
Cyber attack purportedly compromises Scania’s corporate insurance subsidiary | SC Media
Ryuk ransomware’s initial access expert extradited to the US
Ransomware Victims
Russian gang’s cyber attack on blood services ‘harmed 170 patients’ - LBC
Victoria’s Secret restores critical systems after cyber attack
Freedman HealthCare targeted by cyber extortionists • The Register
Cyber attack pushes German napkin company into insolvency – DataBreaches.Net
2 Insurers Say Ongoing Outages Are Not Caused by Ransomware
Phishing & Email Based Attacks
Phishing 3.0: Agentic AI Ushers in New Generation of Unprecedented Risk
ChainLink Phishing: How Trusted Domains Become Threat Vectors
Why You Should Think Twice Before You Click ‘Unsubscribe’ in an Email - WSJ
Researcher shows how Android notifications can be a phisher's gold mine
Phishing goes prime time: Hackers use trusted sites to hijack search rankings | CSO Online
Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse - SecurityWeek
MailerLite warns of phishing campaign • Graham Cluley
Microsoft 365 security in the spotlight after Washington Post hack - Neowin
Washington Post email breach under probe | Cybernews
Other Social Engineering
SCATTERED SPIDER Using Aggressive Social Engineering Techniques to Deceive IT Support Teams
IT helpdesk scams are ramping up –here’s what leaders can do | IT Pro
North Korean hackers deepfake execs in Zoom call to spread Mac malware
Researcher shows how Android notifications can be a phisher's gold mine
Virtual kidnapping scams prey on our worst fears - Help Net Security
Why Are Cyber Criminals Targeting Law Firms With Voice Phishing? | Law.com
US Seizes $7.74M in Crypto Tied to North Korea's Global Fake IT Worker Network
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack - SecurityWeek
Fraud, Scams and Financial Crime
Brits Lose £106m to Romance Fraud in a Year - Infosecurity Magazine
Why You Should Think Twice Before You Click ‘Unsubscribe’ in an Email - WSJ
US recovers $225 million of crypto stolen in investment scams
Scammers hijack real support pages to show fake phone numbers | TechSpot
Paddle settles for $5 million over facilitating tech support scams
Krispy Kreme Data Breach Puts Employees at Risk of Financial Fraud - Infosecurity Magazine
Artificial Intelligence
North Korean hackers deepfake execs in Zoom call to spread Mac malware
Phishing 3.0: Agentic AI Ushers in New Generation of Unprecedented Risk
Employees are using AI where they know they shouldn’t - Help Net Security
Bridging the Gap Between CEOs and CISOs for AI Adoption | MSSP Alert
China’s Spy Agencies Are Investing Heavily in AI, Researchers Say - The New York Times
NCSC sounds warning over AI threat to critical national infrastructure | UKAuthority
As Geopolitical Tensions Rise AI Is Amplifying the Threat of Global Cyberwarfare
Who's guarding the AI? Even security teams are bypassing oversight - Help Net Security
M365 Copilot: New Zero-Click AI Flaw Allows Corporate Data Theft - Infosecurity Magazine
Why CISOs need to understand the AI tech stack - Help Net Security
CISOs flag gaps in GenAI strategy, skills, and infrastructure - Help Net Security
7 trends shaping digital transformation in 2025 - and AI looms large | ZDNET
Before scaling GenAI, map your LLM usage and risk zones - Help Net Security
LLM agents flunk CRM and confidentiality tasks • The Register
Stop Anthropomorphizing AI and Secure It Like Software
How CISOs Can Govern AI & Meet Evolving Regulations
Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security - SecurityWeek
Researchers Warn of AI Attacks After PoC Exploits Atlassian's AI Agent - Infosecurity Magazine
Malware attack disguises itself as DeepSeek installer • Graham Cluley
2FA/MFA
Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse - SecurityWeek
Why SMS two-factor authentication codes aren't safe and what to use instead | ZDNET
Malware
North Korean hackers deepfake execs in Zoom call to spread Mac malware
Malware attack disguises itself as DeepSeek installer • Graham Cluley
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack - SecurityWeek
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Threat Actors Target Victims with HijackLoader and DeerStealer - Infosecurity Magazine
Cyber crime crackdown disrupts malware, infostealers, marketplaces across the globe | CyberScoop
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
Threat Actors Attacking Windows System With New Winos 4.0 Malware
Sneaky Serpentine#Cloud slithers through Cloudflare tunnels • The Register
Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs - Infosecurity Magazine
New Campaigns Distribute Malware via Open Source Hacking Tools - SecurityWeek
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto - Infosecurity Magazine
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Malicious Chimera Turns Larcenous on Python Index
Security Bite: Infostealer malware spikes 28% among Mac users, says Jamf - 9to5Mac
'Water Curse' Targets Infosec Pros via Poisoned GitHub Repos
Bots/Botnets
Hackers Exploit Langflow Flaw to Unleash Flodrix Botnet
Mobile
Researcher shows how Android notifications can be a phisher's gold mine
Godfather Android malware now uses virtualization to hijack banking apps
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
Denial of Service/DoS/DDoS
Protecting Against Origin Server DDoS Attacks - Security Boulevard
Internet of Things – IoT
Thieves don't need your car keys, just a wireless signal - Help Net Security
SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles - Help Net Security
Data Breaches/Leaks
The 20 biggest data breaches of the 21st century | CSO Online
UBS Employee Data Reportedly Exposed in Third Party Attack - Infosecurity Magazine
GCHQ intern who took secret data home jailed - BBC News
FCA warned four staffers who pocketed regulator data • The Register
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
Cartier Data Breach: Luxury Retailer Warns Customers That Personal Data Was Exposed - SecurityWeek
Telecom giant Viasat breached by China's Salt Typhoon hackers
No, the 16 billion credentials leak is not a new data breach
Hackers Access Legacy Systems in Oxford City Council Cyber Attack - SecurityWeek
Over Two Thirds of MSPs Hit by Multiple Breaches in Past Year, Survey Reveals - IT Security Guru
MSPs remain confident over security | Microscope
Freedman HealthCare targeted by cyber extortionists • The Register
CCC breach exposes 9M Americans, hackers claim | Cybernews
Krispy Kreme Data Breach Puts Employees at Risk of Financial Fraud - Infosecurity Magazine
Microsoft 365 security in the spotlight after Washington Post hack - Neowin
Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web
Zoomcar discloses security breach impacting 8.4 million users
240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco - SecurityWeek
Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People - SecurityWeek
Hacker steals 1 million Cock.li user records in webmail data breach
Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defence Documents
Organised Crime & Criminal Actors
Cyber crime crackdown disrupts malware, infostealers, marketplaces across the globe | CyberScoop
Dutch police identify users as young as 11-year-old on Cracked.io hacking forum
Dutch police identify 126 Cracked.io users | Cybernews
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Pro-Israel hackers hit Iran's Nobitex exchange, burn $90M in crypto
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto - Infosecurity Magazine
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
US Seizes $7.74M in Crypto Tied to North Korea's Global Fake IT Worker Network
Insurance
How cyber insurers are adapting to the new ransomware playbook | Insurance Business America
Changing nature of cyber threat leads to ‘brittle’ risk landscape - Insurance Post
Supply Chain and Third Parties
UBS Employee Data Reportedly Exposed in Third Party Attack - Infosecurity Magazine
ChainLink Phishing: How Trusted Domains Become Threat Vectors
Security Is Only as Strong as the Weakest Third-Party Link
'Water Curse' Targets Infosec Pros via Poisoned GitHub Repos
Cloud/SaaS
M365 Copilot: New Zero-Click AI Flaw Allows Corporate Data Theft - Infosecurity Magazine
Threat Actor Abuses TeamFiltration for Entra ID Attacks
Google links massive cloud outage to API management issue
Why Denmark is dumping Microsoft Office and Windows for LibreOffice and Linux | ZDNET
German state ditches Microsoft for open-source software - NZ Herald
Microsoft 365 security in the spotlight after Washington Post hack - Neowin
Sneaky Serpentine#Cloud slithers through Cloudflare tunnels • The Register
Outages
Google links massive cloud outage to API management issue
2 Insurers Say Ongoing Outages Are Not Caused by Ransomware
Encryption
Encryption Backdoors: The Security Practitioners’ View - SecurityWeek
Linux and Open Source
Why Denmark is dumping Microsoft Office and Windows for LibreOffice and Linux | ZDNET
German state ditches Microsoft for open-source software - NZ Herald
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Passwords, Credential Stuffing & Brute Force Attacks
Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse - SecurityWeek
North Korean APT Hackers Attacking Ukrainian Government Agencies to Steal Login Credentials
Social Media
Ofcom investigates 4chan for not protecting users from illegal content • Graham Cluley
Trump administration set to again waive TikTok ban • The Register
Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement
Regulations, Fines and Legislation
Ofcom investigates 4chan for not protecting users from illegal content • Graham Cluley
How CISOs Can Govern AI & Meet Evolving Regulations
Cyber security takes a big hit in new Trump executive order - Ars Technica
Trump administration set to again waive TikTok ban • The Register
SEC withdraws cyber rules for investment companies, advisers | CyberScoop
The Future of the SEC’s Cyber Security Disclosure Rules | DLA Piper - JDSupra
Careers, Working in Cyber and Information Security
Employers are demanding too much from junior cyber recruits • The Register
AI is changing cyber security roles, and entry-level jobs are at risk - Help Net Security
ISC2 Report: Entry-Level Hiring Needs a Reset
The Triple Threat of Burnout: Overworked, Unsatisfied, Trapped
Building a Career as a Cyber Warfare Defender - DataBreachToday
Cyber Security Company Launches In-House 'University' Training Program
Law Enforcement Action and Take Downs
Cyber crime crackdown disrupts malware, infostealers, marketplaces across the globe | CyberScoop
Dutch police identify 126 Cracked.io users | Cybernews
GCHQ intern who took secret data home jailed - BBC News
Ransomware gang busted in Thailand hotel raid
Ryuk ransomware’s initial access expert extradited to the US
Law enforcement operation shut down dark web drug marketplace Archetyp Market
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
As Geopolitical Tensions Rise AI Is Amplifying the Threat of Global Cyber Warfare
Israeli Strikes Raise Fears of Cyber Attacks and Retaliation
Israel strikes Iran: A history of assassinations, sabotages, cyber attacks
Cyber weapons in the Israel-Iran conflict may hit the US • The Register
Cyber attacks against Israel increase since start of Iran conflict | The Jerusalem Post
Threats to the 2025 NATO Summit: Cyber, Influence, and Hybrid Risks
Protecting Civilians in Cyber Space: A UN Security Council Imperative • Stimson Center
Nation State Actors
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names - Infosecurity Magazine
China
China’s Spy Agencies Are Investing Heavily in AI, Researchers Say - The New York Times
How China Is Using Hackathons, Competitions to Build an Army of Hackers - Bloomberg
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names - Infosecurity Magazine
China Is Hacking Russia to Steal War Secrets - The New York Times
Telecom giant Viasat breached by China's Salt Typhoon hackers
State-sponsored hackers compromised the email accounts of several Washington Post journalists
Russia
Russia has a plan for long-term aggression against Europe - Kallas | УНН
Russian gang’s cyber attack on blood services ‘harmed 170 patients’ - LBC
China Is Hacking Russia to Steal War Secrets - The New York Times
Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse - SecurityWeek
Suspected Russian hackers used new tactic against UK researcher | Reuters
Sweden says it is under cyber attack • Graham Cluley
Iran
Israeli Strikes Raise Fears of Cyber Attacks and Retaliation
Israel strikes Iran: A history of assassinations, sabotages, cyber attacks
Cyber Attacks against Israel increase since start of Iran conflict | The Jerusalem Post
Pro-Israel hackers hit Iran's Nobitex exchange, burn $90M in crypto
Companies Warned On Iranian Cyber Attacks - WSJ
Israel-Tied Predatory Sparrow Hackers Are Waging Cyber War on Iran’s Financial System | WIRED
Iran-Israel War Triggers a Maelstrom in Cyber Space
Iran’s internet goes offline amid claims of ‘enemy abuse’ • The Register
Iran's Cyber Army: Missing in Action
Pro-Israel hackers take credit for cyber attack on Iran's Bank Sepah
Cyber attack hits state-owned bank in Iran - Iraqi News
Iran experienced a near-total national internet blackout
Elon Musk turns on Starlink in Iran as Tehran shuts down internet | The Jerusalem Post
North Korea
North Korean hackers deepfake execs in Zoom call to spread Mac malware
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto - Infosecurity Magazine
Protecting Civilians in Cyber Space: A UN Security Council Imperative • Stimson Center
US Seizes $7.74M in Crypto Tied to North Korea's Global Fake IT Worker Network
North Korean APT Hackers Attacking Ukrainian Government Agencies to Steal Login Credentials
Tools and Controls
Security Is Only as Strong as the Weakest Third-Party Link
Who's guarding the AI? Even security teams are bypassing oversight - Help Net Security
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
Choosing a Clear Direction in the Face of Growing Cyber Security Demands - SecurityWeek
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names - Infosecurity Magazine
How cyber insurers are adapting to the new ransomware playbook | Insurance Business America
CISOs flag gaps in GenAI strategy, skills, and infrastructure - Help Net Security
Fog ransomware attacks use employee monitoring tool to break into business networks | TechRadar
AI is changing cyber security roles, and entry-level jobs are at risk - Help Net Security
Cyber Security Strategy Shifts Amid Global Political Tensions
What is a compliance audit? (with an example checklist) | TechTarget
CISOs brace for a surge in domain-based cyber threats - Help Net Security
SAML vs. OAuth 2.0: Mastering the Key Differences - Security Boulevard
Microsoft Quietly Disabled Windows Hello Facial Recognition in the Dark
Why a Layered Approach Is Essential for Cyber Security and Zero Trust - Security Boulevard
Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security - SecurityWeek
Application security risk: How leaders can protect their businesses | IT Pro
Stop Anthropomorphizing AI and Secure It Like Software
The new attack surface: from space to smartphone - SpaceNews
Other News
‘We’re being attacked all the time’: how UK banks stop hackers | Banking | The Guardian
Why Legal Firms Are Vulnerable to Cyber Threats and How to Prevent the Risks | LawNews.co.uk
Threats to the 2025 NATO Summit: Cyber, Influence, and Hybrid Risks
Over Two Thirds of MSPs Hit by Multiple Breaches in Past Year, Survey Reveals - IT Security Guru
MSPs remain confident over security | Microscope
Bank of England loses hundreds of laptops amid rising cyber threat
WestJet: 'expect interruptions' online amid security snafu • The Register
This Is One of the Worst Things You Can Do at the Airport, According to Cyber Security Experts
Why Are Cyber Criminals Targeting Law Firms With Voice Phishing? | Law.com
Cyber Attacks on Humanitarian Orgs Jump Worldwide
Survey of UK retailers shows lack of preparedness for cyber attacks | Logistics Matters
Vulnerability Management
Vulnerabilities
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products - SecurityWeek
Critical Vulnerability Patched in Citrix NetScaler - SecurityWeek
High-Severity Vulnerabilities Patched by Cisco, Atlassian - SecurityWeek
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking - SecurityWeek
Apple squashes zero-click bug used for spyware attacks • The Register
Palo Alto Networks fixed multiple privilege escalation flaws
Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products - SecurityWeek
BeyondTrust warns of pre-auth RCE in Remote Support software
Microsoft Quietly Disabled Windows Hello Facial Recognition in the Dark
AMD releases security update for Ryzen CPUs with TPM vulnerability - Techzine Global
Over 46,000 Grafana instances exposed to account takeover bug
Microsoft: June Windows Server security updates cause DHCP issues
ASUS Armoury Crate bug lets attackers get Windows admin privileges
Attackers actively exploit older TP-Link routers | Cybernews
Organisations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers - SecurityWeek
Zyxel Firewall Vulnerability Again in Attacker Crosshairs - SecurityWeek
Hackers Exploit Langflow Flaw to Unleash Flodrix Botnet
SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles - Help Net Security
Researchers Warn of AI Attacks After PoC Exploits Atlassian's AI Agent - Infosecurity Magazine
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.