Black Arrow Cyber Threat Intelligence Briefing 27 June 2025

Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Executive Summary

This week, our review of cyber security intelligence in the specialist and general media includes the latest ransomware report by Sophos, which shows that nearly half of organisations paid the ransom and over 40% of victims cited unrecognised security gaps as entry points for attackers. We discuss that popular entry points include employees, with phishing being particularly successful against newly hired employees and smaller organisations not training their staff. We also discuss the pressures of cyber security on key roles in the organisation: for CISOs, more than half are under pressure to keep breaches secret and many want a pause on AI deployment in their organisation; for CFOs, the challenge is to quantify and manage the financial risk of a breach.

Other articles describe how attackers are moving into the insurance, aviation and transportation sectors, while other attackers are using tactics including hijacking search results for major brands, or sending malicious text messages to phones that have been lured onto fake networks. Businesses are urged to address their supply chain risks and their wider security in the light of geopolitical risks from the Middle East, Russia, China and North Korea.

The recurring theme is the need for organisations to understand and proactively manage their risks through proportionate controls, and to establish and rehearse how to respond to an incident in order to remain resilient in the face of escalating threats.


Top Cyber Stories of the Last Week

Nearly Half of Companies Opt to Pay the Ransom, Sophos Report Finds

Sophos’ latest global report shows nearly half of organisations hit by ransomware paid to regain access to their data, with a median payment of one million dollars. 53% negotiated lower sums than initially demanded, and the average recovery cost fell from $2.73 million to $1.53 million year on year. Over 40% of victims cited unrecognised security gaps as entry points for attackers, with lack of staff or expertise remaining a key weakness. However, more firms are halting attacks before data is encrypted, and faster recovery times suggest some organisations have improved readiness against ransomware threats.

https://www.sophos.com/en-us/press/press-releases/2025/06/nearly-half-companies-opt-pay-ransom-sophos-report-finds

New Hires More Likely to Fall for Phishing and Social Engineering Attacks

A recent study highlights that 71% of new hires click on phishing emails within their first three months, making them 44% more likely to fall victim than experienced staff. This increased risk stems from limited security training during onboarding and eagerness to please superiors, especially when emails appear to come from senior figures like the CEO or HR. Encouragingly, organisations that implemented tailored phishing simulations and behaviour-focused training saw phishing risk drop by 30%. Early, practical cyber security training is essential to equip new employees to recognise and report suspicious activity, strengthening overall organisational defences.

https://natlawreview.com/article/new-hires-more-likely-fall-phishing-social-engineering-attacks

BT Warns UK SMEs Are Primary Targets for Hackers as Only Three in Five Have Had Cyber Security Training

BT has warned that UK small and medium-sized enterprises face increasing cyber threats, with 42% of small and 67% of medium firms suffering an attack in the past year. Two in five, the equivalent of two million, SMEs have not provided any cyber security training, leaving them vulnerable to phishing and ransomware, which has more than doubled in a year. QR code scams have surged 1,400% over five years. The average cost of a serious breach for small firms is nearly £8,000, and many SMEs lack the resources or awareness to defend against emerging threats such as AI-driven attacks and account takeovers.

https://newsroom.bt.com/bt-warns-uk-smes-are-primary-targets-for-hackers-as-only-three-in-five-have-had-cyber-security-training/

More than Half of Cyber Security Professionals Told to Conceal Breaches, Survey Claims

A recent Bitdefender survey has revealed that 57% of cyber security professionals worldwide have been pressured to keep breaches secret, with Singapore and the US experiencing the highest rates. The study also highlights growing concerns over AI-driven cyber attacks, which 67% reported had increased and 51% cited as their top risk. Notably, a gap exists between executives’ high confidence in cyber resilience and mid-level managers’ lower assurance. Skills shortages, complex security tools, and challenges securing hybrid systems emerged as key obstacles, with nearly half saying the cyber security skills gap had worsened over the past year.

https://www.techmonitor.ai/technology/cybersecurity/cybersecurity-professionals-conceal-breaches-survey

Half of Security Pros Want GenAI Deployment Pause

Research by security firm Cobalt reveals that nearly half of security professionals believe a pause on generative AI deployment is needed, as 36% feel adoption is outpacing their teams’ ability to manage risks. Three-quarters of practitioners consider generative AI their top IT risk, with concerns including exposure of sensitive data, manipulation of training information and model inaccuracies. Only 21% of serious vulnerabilities identified in generative AI tools are resolved. The report stresses that traditional web security measures like input validation remain essential, while highlighting that addressing prompt-based attacks on AI systems demands expert, adaptive testing.

https://www.infosecurity-magazine.com/news/half-security-pros-genai-pause/

Cyber Attacks on Insurers Put CFOs on High Alert

Recent cyber attacks on major insurers, including Aflac, have heightened concerns among chief financial officers about quantifying and managing the financial risks of data breaches in the insurance sector. Aflac detected unauthorised access to its network involving sensitive data such as health records and Social Security numbers. While operations remain unaffected and ransomware was not involved, the attack is linked to a sophisticated criminal group known for exploiting staff through social engineering, which uses deception to manipulate employees. Other insurers have faced similar breaches, signalling a rising trend of targeted attacks against the insurance industry that demand immediate attention from senior leaders.

https://fortune.com/2025/06/24/cyberattacks-insurers-aflac-cfo-high-alert/

Scattered Spider Behind Cyber Attacks on M&S and Co-op, Causing Up to £440M in Damages, Widening Attacks to Insurance, Aviation and Transportation Sectors

Recent cyber attacks on UK retailers Marks & Spencer and Co-op, linked to the same criminal group Scattered Spider, have resulted in combined damages estimated between £270 million and £440 million. These incidents exploited social engineering, where attackers tricked IT help desks to gain access. The attacks are considered a significant event with deep impacts on both firms and their suppliers. Experts warn that Scattered Spider is now targeting the insurance, aviation and transportation sectors, urging heightened vigilance.

https://thehackernews.com/2025/06/scattered-spider-behind-cyberattacks-on.html

https://techcrunch.com/2025/06/28/fbi-cybersecurity-firms-say-scattered-spider-hackers-now-targeting-airlines-transportation-sector/

Netflix, Apple, BofA Websites Hijacked with Fake Help-Desk Numbers

Cyber criminals are hijacking search results for major brands like Netflix, Apple, and Bank of America, placing fake ads that lead victims to authentic-looking support pages showing fraudulent phone numbers. When users call these numbers, scammers posing as help-desk staff trick them into giving away personal or financial details, or granting remote access to their devices. This attack exploits weaknesses in website search functions and is difficult for browsers to detect. Organisations should raise awareness that legitimate support will never request sensitive information over the phone, and staff should be wary of unsolicited phone numbers in search results.

https://www.theregister.com/2025/06/20/netflix_apple_bofa_websites_hijacked/

Police Alerts About New SMS “Blaster” Scams Used for Smishing

UK Police have highlighted a rise in smishing attacks involving SMS blasters; these are radio devices that attract and connect to mobile phones in the area, and then send out text messages to those phones appearing to be from trusted organisations. A recent case saw a man jailed for sending thousands of scam messages from a car in London to steal personal information. Although some networks have blocked millions of scam texts, individuals are urged to avoid engaging with suspicious messages and report them to their mobile network provider. Disabling 2G on Android or filtering unknown senders on iPhones can further reduce exposure to these threats.

https://cybernews.com/news/police-alerts-about-new-sms-blaster-scams-used-for-smishing/

Report Reveals 5 in 6 Organisations at Risk Due to Immature Supply Chain Security

A new report from SecurityScorecard shows that 5 in 6 organisations face heightened cyber security risks due to outdated supply chain defences. Third-party involvement in breaches has doubled to nearly 30%, yet fewer than half of firms monitor cyber security across even half of their extended supply chains. Over 70% have suffered at least one serious third-party incident in the past year. Experts warn that without integrated detection and incident response, organisations remain vulnerable to cascading impacts from supply chain cyber attacks.

https://www.businesswire.com/news/home/20250625237124/en/SecurityScorecard-Report-Reveals-5-in-6-Organizations-at-Risk-Due-to-Immature-Supply-Chain-Security

Businesses Urged to Strengthen Cyber Defences Amid Increase in Iran-Adjacent Attacks

Cyber security experts have warned of a sharp rise in cyber attacks linked to Iran following the recent Israel-Iran conflict, with UK, US and EU businesses targeted. Attacks have included attempts to crash systems by overwhelming them with traffic, malicious software designed to delete data, and coordinated disinformation campaigns. UK Prime Minister Sir Keir Starmer described these cyber attacks as assaults on the UK itself, urging firms to urgently review and strengthen their cyber security. Experts caution that companies may be targeted simply for being connected to Western interests. Organisations are urged to strengthen security by promptly applying updates, using strong access controls, and preparing incident response plans. Experts stress the importance of employee awareness and real-time monitoring to counter sophisticated attack techniques aimed at disruption and data theft.

https://news.sky.com/story/businesses-urged-to-strengthen-cyber-defences-amid-increase-in-iran-adjacent-attacks-13388470

https://securityboulevard.com/2025/06/heightened-cyber-threat-from-iran-sparks-urgent-calls-for-vigilance-and-mitigation/

National Security Strategy 2025: Security for the British People in a Dangerous World

The UK’s National Security Strategy 2025 sets out the country’s response to an increasingly dangerous world, committing to spend 5% of GDP on national security by 2035. It highlights rising threats from Russia, China and Iran, and warns of growing cyber attacks undermining public services. The strategy stresses stronger borders, revitalising the defence industry, and aligning technology and economic resilience with security goals. It calls for a national effort to build resilience, improve cyber defences and ensure stability at home and abroad, emphasising that economic security and technological advantage are now central to protecting the British people.

https://www.gov.uk/government/publications/national-security-strategy-2025-security-for-the-british-people-in-a-dangerous-world/national-security-strategy-2025-security-for-the-british-people-in-a-dangerous-world-html

How Geopolitical Tensions Are Shaping Cyber Warfare

Geopolitical tensions are fuelling a surge in cyber attacks as nation-state-backed groups target governments, finance, and infrastructure with increasing speed and sophistication. Iran focuses on disruption for political gain, North Korea pursues profit through theft, and Russia and China aim for long-term strategic advantage. Attackers often reuse old tools with new delivery methods, exploiting poor patching and weak user awareness. Artificial intelligence is compounding risks by enabling precise, large-scale attacks. To remain resilient, organisations must combine strong basics like patching and training with intelligence-led testing of defences tailored to the specific threats they face.

https://www.darkreading.com/vulnerabilities-threats/geopolitical-tensions-shape-cyber-warfare



Threats

Ransomware, Extortion and Destructive Attacks

Nearly Half of Companies Opt to Pay the Ransom, Sophos Report Finds

UK ransomware costs significantly outpace other countries | Computer Weekly

Four REvil ransomware crooks walk free after admitting guilt • The Register

Ransomware threat actors today and how to thwart them | TechTarget

Cyber criminals cash in on stolen cookies and credentials | Insurance Business America

Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms

Bring Your Own Installer EDR Bypass Observed in Ransomware Operation | MSSP Alert

Dire Wolf Ransomware Comes Out Snarling, Bites Verticals

Ransomware in Cars: Why Automotive Cyber Attacks Are Spiking in 2025 | Raleigh News & Observer

Ransomware Victims

Major insurer hit by giant cyber attack | Insurance Business America

M&S and Co-op Hacks Classified as Single Cyber Event - Infosecurity Magazine

Scattered Spider Behind Cyber Attacks on M&S and Co-op, Causing Up to $592M in Damages

M&S cyber-attack boosted sales at Next, Zara and H&M

Patient death at London hospital linked to cyber attack on NHS – DataBreaches.Net

M&S cyber attack deepens as tech partner TCS denies blame - Retail Gazette

3 key takeaways from the Scattered Spider attacks on insurance firms

Whole Foods supplier UNFI restores core systems after cyber attack

Services disrupted as cyber attack hits Glasgow Council - UKTN

Phishing & Email Based Attacks

Report on New Hires and Phishing Susceptibility

Microsoft 365 'Direct Send' abused to send phishing as internal users

Employers: A cautionary tale about new cyber threats involving employee handbooks | Clark Hill PLC - JDSupra

Other Social Engineering

Employers: A cautionary tale about new cyber threats involving employee handbooks | Clark Hill PLC - JDSupra

Police warn of SMS scams as ‘blaster’ is used to send thousands of texts | Scams | The Guardian

How Foreign Scammers Use US Banks to Fleece Americans — ProPublica

ClickFix attacks skyrocketing more than 500% - Help Net Security

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

New wave of ‘fake interviews’ use 35 npm packages to spread malware

Fraud, Scams and Financial Crime

Netflix, Apple, BofA sites hijacked with fake help numbers • The Register

Is crime turning digital? Almost all Brits believe cyber crime is more of a risk - here's how to stay safe | TechRadar

Police warn of SMS scams as ‘blaster’ is used to send thousands of texts | Scams | The Guardian

How Foreign Scammers Use U.S. Banks to Fleece Americans — ProPublica

Reported Impersonation Scams Surge 148% as AI Takes Hold - Infosecurity Magazine

Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards - Infosecurity Magazine

Half of Customer Signups Are Now Fraudulent - Infosecurity Magazine

UK cyber attacks set to continue amid ‘fraud pandemic’, security experts warn | The Independent

Amazon Prime Day Is Coming — How To Protect Yourself From Scammers

Artificial Intelligence

New AI Jailbreak Bypasses Guardrails With Ease - SecurityWeek

Most AI and SaaS apps are outside IT's control - Help Net Security

Reported Impersonation Scams Surge 148% as AI Takes Hold - Infosecurity Magazine

AI Is Behind 50% Of Spam — And Now It’s Hacking Your Accounts

Researchers say cyber criminals are using jailbroken AI tools from Mistral and xAI | The Record from Recorded Future News

AI Agents Are Getting Better at Writing Code—and Hacking It as Well | WIRED

Navigating Generative AI's Expanding Capabilities and Evolving Risks

Half of Security Pros Want GenAI Deployment Pause - Infosecurity Magazine

Vulnerability in Public Repository Could Enable Hijacked LLM Responses | Security Magazine

And Now Malware That Tells AI to Ignore It?

Hundreds of MCP Servers at Risk of RCE and Data Leaks - Infosecurity Magazine

We know GenAI is risky, so why aren't we fixing its flaws? - Help Net Security

Trump’s plan to ban US states from AI regulation will ‘hold us back’, says Microsoft science chief | Artificial intelligence (AI) | The Guardian

US Army Blocks Air Force's AI Program Over Data Security Concerns    | Air & Space Forces Magazine

Malware

Researchers discover first malware to exploit AI prompt injection

And Now Malware That Tells AI to Ignore It?

Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards - Infosecurity Magazine

20,000 Malicious IPs And Domains Taken Down In INTERPOL Infostealer Crackdown – Eurasia Review

Stealthy backdoor found hiding in SOHO devices running Linux - Help Net Security

Threat Actor Trojanizes Copy of SonicWall NetExtender App

Attackers Wield Signed ConnectWise Installers as Malware

New wave of ‘fake interviews’ use 35 npm packages to spread malware

Threat Actor Allegedly Selling FortiGate API Exploit Tool Targeting FortiOS

APT28 hackers use Signal chats to launch new malware attacks on Ukraine

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cyber attacks on state bodies: a multi-level interaction scheme via Word and Signal revealed | УНН

Prometei botnet activity has surged since March 2025

WinRAR patches bug letting malware launch from extracted archives

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Bots/Botnets

Prometei botnet activity has surged since March 2025

Half of Customer Signups Are Now Fraudulent - Infosecurity Magazine

Mobile

Godfather Malware Targets 400+ Banking Apps Worldwide

SparkKitty Swipes Pics From iOS, Android Devices

You should probably delete any sensitive screenshots you have in your phone right now. Here's why | ZDNET

What to do if your mobile phone account is hacked or number stolen | Mobile phones | The Guardian

Denial of Service/DoS/DDoS

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic - Ars Technica

Internet of Things – IoT

Typhoon-like gang slinging TLS certificate 'signed' by LAPD • The Register

A sneaky cyber espionage campaign is exploiting IoT devices and home office routers – here's what you need to know | IT Pro

Chinese APT Hacking Routers to Build Espionage Infrastructure - SecurityWeek

Ransomware in Cars: Why Automotive Cyber Attacks Are Spiking in 2025 | Raleigh News & Observer

DSIT identifies cyber security weaknesses in IoT devices | UKAuthority

Israel urges citizens to turn off home cameras as Iran hacks surveillance systems | TechSpot

Medical device cyber attacks push hospitals into crisis mode - Help Net Security

Data Breaches/Leaks

Supply Chain Attack Hits Swiss Banks | SC Media UK

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself | ZDNET

Oxford City Council suffers breach exposing two decades of data

Hacker 'IntelBroker' charged in US for global data theft breaches

Minister announces temporary legal aid reforms after cyber-attack on Legal Aid Agency | Electronic Immigration Network

Steel Giant Nucor Confirms Data Stolen in Cyber Attack

Cyber attacks at two Melbourne hospitals expose patient details on dark web

Hawaiian Airlines discloses cyber attack, flights not affected

Former US Army Sergeant admits he sold secrets to China • The Register

Advance Auto Parts data breach class action settlement

Organised Crime & Criminal Actors

Is crime turning digital? Almost all Brits believe cyber crime is more of a risk - here's how to stay safe | TechRadar

Man Who Hacked Organisations to Advertise Security Services Pleads Guilty - SecurityWeek

Man pleads guilty to hacking networks to pitch security services

British Man Suspected of Being the Hacker IntelBroker Arrested, Charged - SecurityWeek

Money mule networks evolve into hierarchical, business-like criminal enterprises - Help Net Security

Africa Sees Surge in Cyber Crime as Law Enforcement Struggles

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

You should probably delete any sensitive screenshots you have in your phone right now. Here's why | ZDNET

Attackers Target Docker APIs in Stealthy Crypto Heist

Bank hacks, internet shutdowns and crypto heists: Here’s how the war between Israel and Iran is playing out in cyberspace - POLITICO

Supply Chain and Third Parties

SecurityScorecard Report Reveals 5 in 6 Organisations at Risk Due to Immature Supply Chain Security

Supply Chain Attack Hits Swiss Banks | SC Media UK

M&S and Co-op Hacks Classified as Single Cyber Event - Infosecurity Magazine

Scattered Spider Behind Cyber Attacks on M&S and Co-op, Causing Up to $592M in Damages

Most organisations are at risk thanks to immature supply chain security | TechRadar

M&S cyber attack deepens as tech partner TCS denies blame - Retail Gazette

MSPs Juggle High Breach Rates and Strong Cyber Confidence | MSSP Alert

Security pro counts the cost of Microsoft dependency • The Register

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Why Are CISOs Prioritizing Snowflake Security? The Breach Playbook Has Changed. - Security Boulevard

Officials set out cyber security charter for NHS suppliers | UKAuthority

Cloud/SaaS

Most AI and SaaS apps are outside IT's control - Help Net Security

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

Why Are CISOs Prioritizing Snowflake Security? The Breach Playbook Has Changed. - Security Boulevard

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

When the Cloud Goes Down, Will Your Security Go With It? | Symantec Enterprise Blogs

Outages

UK mobile telco Three suffers voice, text outage • The Register

Encryption

China breaks RSA encryption with a quantum computer - Earth.com

Quantum risk is already changing cyber security - Help Net Security

Home Office anti-encryption site pushes payday loan scheme • The Register

Linux and Open Source

Stealthy backdoor found hiding in SOHO devices running Linux - Help Net Security

Linux flaws chain allows Root access across major distributions

French city of Lyon ditching Microsoft for FOSS • The Register

Passwords, Credential Stuffing & Brute Force Attacks

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself | ZDNET

Cyber criminals cash in on stolen cookies and credentials | Insurance Business America

Brother printer bug in 689 models exposes default admin passwords

Social Media

Twitter refuses to explain what it’s doing about hate speech and misinformation, sues New York State for asking • Graham Cluley

Regulations, Fines and Legislation

UK Bill Would Increase Cyber Security Standards for Critical Infrastructure Operators | Skadden, Arps, Slate, Meagher & Flom LLP - JDSupra

Home Office anti-encryption site pushes payday loan scheme • The Register

How to Keep Up with Overlapping Cyber Security Regulations in Finance - Infosecurity Magazine

Top Pentagon spy pick rejected by White House - POLITICO

WhatsApp messaging app banned on all US House of Representatives devices | WhatsApp | The Guardian

CISA Is Shrinking: What Does It Mean for Cyber?

Trump’s plan to ban US states from AI regulation will ‘hold us back’, says Microsoft science chief | Artificial intelligence (AI) | The Guardian

Foreign aircraft, domestic risks | CSO Online

Models, Frameworks and Standards

UK Bill Would Increase Cyber Security Standards for Critical Infrastructure Operators | Skadden, Arps, Slate, Meagher & Flom LLP - JDSupra

New Cyber Blueprint to Scale Up the EU Cyber Security Crisis Management | ENISA

Careers, Working in Cyber and Information Security

Why work-life balance in cyber security must start with executive support - Help Net Security

Getting a career in cyber security isn’t easy, but this can help

UK Gov Cyber Security Jobs Average Salary is Under £45,000, Study Finds - Infosecurity Magazine

Charming Kitten APT Tries Spying on Israeli Cyber Experts

Law Enforcement Action and Take Downs

Man Who Hacked Organisations to Advertise Security Services Pleads Guilty - SecurityWeek

British Man Suspected of Being the Hacker IntelBroker Arrested, Charged - SecurityWeek

20,000 Malicious IPs And Domains Taken Down In INTERPOL Infostealer Crackdown – Eurasia Review

Four REvil ransomware crooks walk free after admitting guilt • The Register

Hacker 'IntelBroker' charged in US for global data theft breaches

Indian police arrest 10 for laundering fraud proceeds for a Chinese gang | Cryptopolitan

Misinformation, Disinformation and Propaganda

Twitter refuses to explain what it’s doing about hate speech and misinformation, sues New York State for asking • Graham Cluley


Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity

Cyber Warfare and Cyber Espionage

How Cyber Warfare Changes the Face of Geopolitical Conflict

National Security Strategy 2025: Security for the British People in a Dangerous World (HTML) - GOV.UK

How Geopolitical Tensions Are Shaping Cyber Warfare

A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks

Cyber warfare escalates: Israel and Iran's digital conflict

Nation State Actors

How Cyber Warfare Changes the Face of Geopolitical Conflict

Are we making hackers sound too cool? These security experts think so | TechRadar

Decade of risk: signaling security in an era of geopolitical tension - DCD

National Security Strategy 2025: Security for the British People in a Dangerous World (HTML) - GOV.UK

China

Stealthy backdoor found hiding in SOHO devices running Linux - Help Net Security

China breaks RSA encryption with a quantum computer - Earth.com

A sneaky cyber espionage campaign is exploiting IoT devices and home office routers – here's what you need to know | IT Pro

Chinese APT Hacking Routers to Build Espionage Infrastructure - SecurityWeek

China-linked APT Salt Typhoon targets Canadian Telecom companies

Indian police arrest 10 for laundering fraud proceeds for a Chinese gang | Cryptopolitan

Former US Army Sergeant admits he sold secrets to China • The Register

China increases cyber attacks on hospitals to ‘humiliate’ Taiwan

Russia

Russia releases REvil members after convictions for payment card fraud | The Record from Recorded Future News

APT28 hackers use Signal chats to launch new malware attacks on Ukraine

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cyber attacks on state bodies: a multi-level interaction scheme via Word and Signal revealed | УНН

Iran

A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks

Heightened Cyber Threat from Iran Sparks Urgent Calls for Vigilance and Mitigation - Security Boulevard

Businesses urged to strengthen cyber defences amid increase in Iran-adjacent attacks | Politics News | Sky News

Cyber warfare escalates: Israel and Iran's digital conflict

Bank hacks, internet shutdowns and crypto heists: Here’s how the war between Israel and Iran is playing out in cyberspace - POLITICO

Israel urges citizens to turn off home cameras as Iran hacks surveillance systems | TechSpot

The real threat to the UK from Iran - from sleeper cells to cyber attacks

Israel expands cyber powers amid rising threats—via WhatsApp | Ctech



Other News

BT warns UK SMEs are primary targets for hackers as only three in five have had cyber security training

BT says nearly half small businesses have suffered a cyber attack in the last year

Insurance industry in the cyber crosshairs: Firms urged to reinforce defences | Insurance Business America

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown | ZDNET

Services disrupted as cyber attack hits Glasgow Council - UKTN

Cyber attacks on insurers put CFOs on high alert | Fortune

EU and Australia commit to Defence Partnership| Cybernews

Thousands of UK government laptops, phones and tablets have been lost or stolen | Cybercrime | The Guardian

Building cyber resilience in the financial sector

Decade of risk: signaling security in an era of geopolitical tension - DCD

Medical device cyber attacks push hospitals into crisis mode - Help Net Security

Cyber Intel Pros and Hobbyists Can Now Report Threats Anonymously - Infosecurity Magazine

French city of Lyon ditching Microsoft for FOSS • The Register

Security pro counts the cost of Microsoft dependency • The Register

Some European Countries Are Ditching Microsoft Software For Good (And Here's Why That Matters)

Denmark is switching to Linux | PC Gamer

Dual-Use Military and Civil Airports Face Cyber Threats

The Security Fallout of Cyber Attacks on Government Agencies - Security Boulevard

Meta boss praises new US army division enlisting tech execs as lieutenant colonels | US military | The Guardian

Cyber Skills Today for Economic Growth Tomorrow

Foreign aircraft, domestic risks | CSO Online

Felicity Oswald, chief operating officer at UK’s NCSC, set to leave cyber agency | The Record from Recorded Future News


Vulnerability Management

Windows updates might finally be getting better — Microsoft to remove legacy drivers from Windows Update to boost security | Tom's Hardware

'7% of organisations tackle vulnerabilities only when necessary' - Data Centre & Network News

CISA Is Shrinking: What Does It Mean for Cyber?

Irish businesses show gaps in cyber security as 6 in 10 overlook regular software updates

Vulnerabilities

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) - Help Net Security

Up next on the KEV? All signs point to 'CitrixBleed 2' • The Register

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Linux flaws chain allows Root access across major distributions

Threat Actor Allegedly Selling FortiGate API Exploit Tool Targeting FortiOS

Hundreds of MCP Servers at Risk of RCE and Data Leaks - Infosecurity Magazine

Asana Fixes Security Flaw in AI Data Integration Tool

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities - SecurityWeek

Millions of Brother Printers Hit by Critical Unpatchable Bug

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

WinRAR patches bug letting malware launch from extracted archives

Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) - Help Net Security

Motors Theme Vulnerability Exploited to Hack WordPress Websites - SecurityWeek


Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·       Automotive

·       Construction

·       Critical National Infrastructure (CNI)

·       Defence & Space

·       Education & Academia

·       Energy & Utilities

·       Estate Agencies

·       Financial Services

·       FinTech

·       Food & Agriculture

·       Gaming & Gambling

·       Government & Public Sector (including Law Enforcement)

·       Health/Medical/Pharma

·       Hotels & Hospitality

·       Insurance

·       Legal

·       Manufacturing

·       Maritime & Shipping

·       Oil, Gas & Mining

·       OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·       Retail & eCommerce

·       Small and Medium Sized Businesses (SMBs)

·       Startups

·       Telecoms

·       Third Sector & Charities

·       Transport & Aviation

·       Web3


Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

 

Next
Next

Black Arrow Cyber Threat Intelligence Briefing 20 June 2025