Major Incidents or Breaches

  • The Texas Department of Transportation (TxDOT) suffered a data breach in which a threat actor downloaded 300,000 crash records from its database.
  • United Natural Foods, Inc. (UNFI) experienced a cybersecurity incident, leading to proactive system shutdowns and operational disruption. The exact attack vector remains unknown.
  • A widespread outage impacted Heroku, preventing developers from accessing the platform and disrupting web services for over six hours.
  • OpenAI’s ChatGPT experienced a global outage, affecting user access across web, mobile, and desktop platforms.

Newly Discovered Vulnerabilities

  • Adobe released security patches addressing 254 vulnerabilities, primarily affecting Experience Manager (AEM).
  • Microsoft’s June 2025 Patch Tuesday addressed 66-67 vulnerabilities, including one actively exploited zero-day and another publicly disclosed flaw. Notably, a Microsoft Outlook update will expand the list of blocked risky attachments.
  • A new Secure Boot bypass vulnerability (CVE-2025-3052) was disclosed, allowing attackers to disable security controls and install bootkit malware.
  • Ivanti patched three high-severity hardcoded key vulnerabilities in Workspace Control, which exposed SQL credentials.
  • Researchers identified over 20 configuration-related risks, including five CVEs, in Salesforce Industry Cloud, potentially exposing sensitive data.
  • A researcher discovered a flaw in Google’s account recovery process that allowed brute-forcing of linked phone numbers, which has since been addressed.
  • Proof-of-concept code was released for a Roundcube webmail vulnerability, enabling authenticated attackers to fully compromise servers.

Notable Threat Actor Activity

  • FIN6 has been observed impersonating job seekers and using AWS-hosted fake resumes on LinkedIn to deliver the More_eggs malware, targeting recruiters with malicious payloads.
  • The Rare Werewolf (formerly Rare Wolf) APT group has conducted attacks against Russian and CIS enterprises, leveraging legitimate software in their operations.
  • Stealth Falcon APT exploited a Microsoft remote code execution zero-day in the Middle East, which was patched in the latest Patch Tuesday.
  • DanaBot malware operators were exposed and dismantled due to a command-and-control server bug introduced in 2022.
  • Quasar RAT is being distributed through malicious BAT files in ongoing campaigns.
  • Poisoned npm packages disguised as utilities were found containing backdoors with file-deletion commands, posing a threat to software supply chains.
  • A new Rust-based information stealer, Myth Stealer, is being distributed via fraudulent gaming websites, targeting Chrome and Firefox users.

Trends, Tools, or Tactics of Interest

  • Increased targeting of educational institutions, with reports highlighting worsening cybersecurity in schools.
  • AI-related data exposure risks are rising; a report found that 99% of organizations analyzed had sensitive data accessible to AI systems.
  • Non-human identity management is emerging as a critical security challenge due to the proliferation of automated services and applications.
  • SSH key mismanagement continues to be a significant risk, with untracked and unrotated credentials creating vulnerabilities.
  • Cisco announced new tools to monitor and control AI agent behavior within enterprise networks amid concerns about rogue AI activity.
  • GitHub is promoting artifact attestation and the SLSA framework to prevent software supply chain attacks.
  • Microsoft Outlook will block additional risky attachment types to mitigate malware delivery.
  • Android devices are receiving new enterprise-scale security protections.
  • Red Canary is expanding AI-driven solutions to reduce alert fatigue in security operations centers.

Regulatory or Policy Developments Affecting the Security Industry

  • ConnectWise is rotating code signing certificates for ScreenConnect, Automate, and RMM products due to security concerns.
  • India’s security leaders are grappling with new digital privacy regulations and AI governance, amid a shortage of cybersecurity talent.
  • Apple is emphasizing on-device processing for its new AI features, positioning privacy as a key differentiator.