🛡️ Weekly Cyber Update – June 16–22, 2025: Breaches, Scams, and Record-Breaking Attacks

Community Center Cybersecurity News
, , , , , ,
1

:shield: Weekly Cyber Update – June 16–22, 2025: Breaches, Scams, and Record-Breaking Attacks

This week’s update covers June 16–22, 2025, with 20 critical cybersecurity stories. For everyone, we’ve got breaches at Krispy Kreme, Aflac, and Zoomcar, plus scams hitting your favorite brands. For pros, dive into ransomware wipers, botnets, and massive DDoS attacks. Stay sharp with our tools and tips—let’s get started!

Cybersecurity for Everyone

Your data’s at risk this week! From Krispy Kreme to Aflac, hackers are stealing personal info, while scams target Netflix, Apple, and your wallet. Protect yourself with these simple tips.

:police_car_light: Top Stories

1. Krispy Kreme Data Breach Hits Over 160,000 People :doughnut:

  • Summary: The Play ransomware gang stole sensitive data, including Social Security numbers and health info, from Krispy Kreme, affecting over 160,000 employees, former employees, and their families in a November 2024 attack.
  • Why it matters: If you’re a Krispy Kreme employee or family member, enroll in free credit monitoring offered by Krispy Kreme, check accounts for suspicious activity, and update passwords.
  • :link: Read more

2. Aflac Insurance Breach Exposes Customer Data :swan:

  • Summary: Aflac reported suspicious activity on its U.S. network, potentially leaking Social Security numbers and personal info in a June 2025 cyberattack.
  • Why it matters: If you’re an Aflac customer, monitor bank accounts, enable two-factor authentication, and watch for identity theft signs.
  • :link: Read more

3. Zoomcar Breach Impacts 8.4 Million Users :automobile:

  • Summary: Hackers accessed personal data of 8.4 million Zoomcar users, including names and phone numbers, in a June 2025 breach.
  • Why it matters: If you use Zoomcar, change your passwords and beware of phishing emails or texts pretending to be from Zoomcar.
  • :link: Read more

4. Scammers Hijack Netflix, Apple, and Bank of America Sites :mobile_phone:

  • Summary: Fraudsters injected fake help-desk numbers into search results for Netflix, Apple, and Bank of America, tricking users into sharing personal info in June 2025.
  • Why it matters: Don’t call numbers from search results—use official websites for support to avoid scams.
  • :link: Read more

5. Godfather Malware Targets Banking Apps :bank:

  • Summary: The Godfather Android trojan uses virtualization to mimic legitimate banking apps, stealing credentials and funds in June 2025.
  • Why it matters: Only download apps from Google Play or the App Store to avoid this malware scam.
  • :link: Read more

6. Steam Phishing Scams Lure Gamers :video_game:

  • Summary: Scammers sent fake Steam gift card links in June 2025, tricking gamers into sharing login details.
  • Why it matters: If you’re a gamer, verify links before clicking and enable two-factor authentication on Steam.
  • :link: Read more

7. 16 Billion Passwords Compiled and Leaked Online :unlocked:

  • Summary: A massive compilation of 16 billion login credentials from past breaches, likely collected by infostealer malware, was leaked in June 2025, affecting services like Apple, Google, and Facebook.
  • Why it matters: Check if your email’s been leaked at Have I Been Pwned, update passwords, and enable 2FA to secure accounts.
  • :link: Read more

8. Iran’s TV Hacked During Broadcast :television:

  • Summary: Hackers hijacked Iran’s state TV in June 2025, airing protest messages during a live broadcast.
  • Why it matters: Be cautious of news sources—hackers can manipulate what you see. Verify info from trusted outlets.
  • :link: Read more

9. Scattered Spider Hits Retail Giants :shopping_cart:

  • Summary: The Scattered Spider group attacked Marks & Spencer and Co-op in June 2025, causing up to $592M in damages.
  • Why it matters: Shoppers, watch for fake emails or texts pretending to be from these stores to avoid phishing scams.
  • :link: Read more

10. Washington Post Journalists’ Emails Hacked :newspaper:

  • Summary: State-sponsored hackers compromised email accounts of Washington Post reporters in June 2025.
  • Why it matters: Be wary of suspicious emails, even from trusted sources—check sender details carefully to avoid phishing.
  • :link: Read more

Tool of the Week: Have I Been Pwned — Check if your email or passwords were leaked in breaches like Zoomcar’s or the 16 billion credential compilation.

  • :link: https://haveibeenpwned.com/
    Community Question: After the massive 16 billion password compilation leak, have you checked your accounts? What’s your go-to trick for staying safe online? Share below!

Pro Insights: Advanced Cyber Threats

Tech pros, this week’s intense! Record 7.3 Tbps DDoS attacks, ransomware wipers, and GitHub-based malware target hosting providers, developers, and critical infrastructure. Arm your defenses with these insights.

:police_car_light: Top Technical Updates

1. Cloudflare Blocks 7.3 Tbps DDoS Attack :cloud_with_lightning:

  • Summary: Cloudflare mitigated a record-breaking 7.3 terabits-per-second DDoS attack targeting a hosting provider in May 2025.
  • Why it matters: DDoS attacks are growing—ensure your services use robust protection like Cloudflare’s Magic Transit.
  • :link: Read more

2. Anubis Ransomware Adds Wiper Feature :floppy_disk:

  • Summary: Anubis ransomware added a “wipe mode” in June 2025, permanently deleting files even after payment.
  • Why it matters: Back up critical data offline and test restores—ransomware is getting nastier.
  • :link: Read more

3. Godfather Malware Uses Virtualization :mobile_phone:

  • Summary: The Godfather Android trojan creates virtual sandboxes to hijack real banking apps and steal funds in June 2025.
  • Why it matters: Monitor mobile app behavior and deploy endpoint detection to catch this advanced malware.
  • :link: Read more

4. Water Curse Targets GitHub Repos :snake:

  • Summary: The Water Curse group hid malware in 76 GitHub repos, posing as legit hacking tools to target developers in June 2025.
  • Why it matters: Verify open-source code and use dependency scanners to avoid supply chain attacks.
  • :link: Read more

5. Qilin Ransomware Offers “Call Lawyer” Feature :balance_scale:

  • Summary: Qilin ransomware introduced a “call lawyer” feature in June 2025, providing affiliates legal counsel to pressure victims into paying.
  • Why it matters: Train staff on social engineering and strengthen incident response to counter these tactics.
  • :link: Read more

6. TP-Link Router Flaw Exploited :door:

  • Summary: A vulnerability (CVE-2023-33538) in discontinued TP-Link routers was actively exploited in June 2025, per CISA.
  • Why it matters: Replace outdated routers and patch devices to block remote code execution (RCE).
  • :link: Read more

7. Langflow Vulnerability Fuels Flodrix Botnet :robot:

  • Summary: A critical flaw (CVE-2025-3248) in Langflow was exploited in June 2025 to spread the Flodrix botnet, enabling DDoS attacks.
  • Why it matters: Patch Langflow servers and monitor for unusual network traffic to stop botnet infections.
  • :link: Read more

8. Viasat Hit by China’s Salt Typhoon :satellite:

  • Summary: China-linked Salt Typhoon breached satellite firm Viasat in June 2025, targeting telecom infrastructure.
  • Why it matters: Audit critical infrastructure for backdoors and enhance network segmentation to limit damage.
  • :link: Read more

9. Archetyp Market Shut Down by Police :oncoming_police_car:

  • Summary: Europol dismantled Archetyp Market, a major dark web drug marketplace, arresting its admin in June 2025.
  • Why it matters: Monitor dark web activity for threat intel—disruptions can shift criminal tactics.
  • :link: Read more

10. Malicious Minecraft Mods Target Gamers :video_game:

  • Summary: Fake Minecraft mods via Stargazers DaaS delivered Java-based malware to steal data in June 2025.
  • Why it matters: Scan game mods with antivirus tools and restrict software sources to prevent infections.
  • :link: Read more

:hammer_and_wrench: Tools of the Week

  • For Everyone: uBlock Origin — A free browser extension that blocks malicious ads and trackers, protecting you from phishing scams like those targeting Netflix, Apple, and Steam users. Install it on Chrome or Firefox to stay safe while browsing.
  • For Pros: Dependency-Check — A free OWASP tool that scans project dependencies for known vulnerabilities, helping developers avoid supply chain attacks like the Water Curse malware hidden in GitHub repos.

:speech_balloon: Community Questions

  • For everyone: Have you tried a tool like uBlock Origin to block scams? What’s your go-to for safe browsing?
  • For pros: With GitHub-based malware spiking, what’s your top strategy for securing open-source code? Share below!

:brain: Takeaway

Hackers are bolder, targeting everything from donuts to satellites. Stay proactive!

  • :locked: Use two-factor authentication to secure accounts (Aflac, Zoomcar).
  • :mobile_phone_with_arrow: Stick to trusted app stores and verify links (Steam, Netflix scams).
  • :shield: Patch systems and back up data offline to counter ransomware and DDoS.

:globe_with_meridians: Stay Connected and Secure

Want more? :bell: Join the Crushing Security newsletter for the latest news and tips: Sign up here.
Drop your thoughts below—let’s keep the convo rolling!

:repeat_button: Suggestions

:light_bulb: Got ideas to make these updates better? Comment below, visit the feedback page, or ping Steve.

Tags: cyber-news, data-breach, scams, online-safety, hacking