Weekly Cyber Update – June 2–8, 2025: Scams, Breaches, and Supply Chain Threats
This week’s update covers June 2–8, 2025, with 20 key cybersecurity stories. For everyone, we’ve got travel scams, major data leaks, and simple safety tips. For pros, we’re diving into supply chain attacks, zero-day exploits, and cryptojacking. Plus, new tools and questions to spark discussion—let’s dive in!
Cybersecurity for Everyone
Big brands like Cartier, The North Face, and Booking.com were hit this week, putting your info at risk. Scammers are also faking websites and calls. Here’s what happened and how to protect yourself.
Top Stories
1. Cartier Cyberattack Leaks Client Data 
- Summary: Cartier was breached, exposing customer names and order details.
- Why it matters: Shopped there? Watch for phishing emails pretending to be Cartier—don’t click shady links!
Read more
2. The North Face Accounts Hacked 
- Summary: Stolen passwords let hackers into The North Face accounts, grabbing personal info.
- Why it matters: Reusing passwords? Switch to unique ones for every site.
Read more
3. Booking.com Fake Sites Spread Malware 
- Summary: Scammers built fake Booking.com sites to infect users with data-stealing malware.
- Why it matters: Always check URLs before booking—use the official site or app.
Read more
4. AT&T Data Leak Hits Dark Web 
- Summary: 86 million AT&T customer records, including Social Security numbers, were dumped online.
- Why it matters: AT&T user? Freeze your credit to block identity theft.
Read more
5. Coinbase Breach Linked to Bribed Staff 
- Summary: Coinbase support agents in India leaked customer data after taking bribes.
- Why it matters: Crypto users, turn on two-factor authentication to secure accounts.
Read more
6. Victoria’s Secret Delays Earnings Post-Hack 
- Summary: A breach forced Victoria’s Secret to postpone its earnings report.
- Why it matters: Shop there? Monitor your account for suspicious activity.
Read more
7. Fake IT Calls Target Salesforce Users 
- Summary: Scammers posing as IT support tricked users into installing malware on Salesforce accounts.
- Why it matters: Don’t trust random calls—verify with your actual IT team.
Read more
8. Kettering Health Ransomware Data Leak 
- Summary: The Interlock gang leaked patient data from Kettering Health after a ransomware attack.
- Why it matters: Patients, check medical records and report anything odd.
Read more
9. MainStreet Bank Cards Exposed 
- Summary: A third-party breach compromised payment card info for MainStreet Bank customers.
- Why it matters: Bank there? Watch statements for unauthorized charges.
Read more
10. Lee Enterprises Breach Hits 40,000 
- Summary: Ransomware at Lee Enterprises exposed data from nearly 40,000 people.
- Why it matters: Connected to them? Stay alert for phishing using stolen info.
Read more
Pro Insights: Advanced Cyber Threats
Supply chain attacks, zero-days, and stealthy malware were big this week. From GitHub backdoors to exploited vulnerabilities, here’s the technical breakdown to stay ahead.
Top Technical Updates
1. Gluestack Supply Chain Attack on npm/PyPI 
- Summary: 16 Gluestack packages (950K+ weekly downloads) hide a remote access trojan.
- Why it matters: Devs, audit dependencies—supply chain attacks are surging.
Read more
2. Chrome Zero-Day Under Attack 
- Summary: CVE-2025-5419, a V8 engine flaw, is actively exploited—Google issued a patch.
- Why it matters: Update Chrome immediately; zero-days are spyware magnets.
Read more
3. Qualcomm GPU Zero-Days Hit Android 
- Summary: Three Adreno GPU flaws (e.g., CVE-2025-21479) targeted in Android attacks.
- Why it matters: OEMs must patch fast—unfixed devices risk privilege escalation.
Read more
4. PathWiper Malware Targets Ukraine 
- Summary: PathWiper wiper malware destroyed a Ukrainian org’s systems via admin tools.
- Why it matters: Secure admin consoles—destructive attacks are evolving.
Read more
5. Cryptojacking Exploits DevOps Tools 
- Summary: JINX-0132 uses misconfigured Docker and Gitea to mine crypto on cloud servers.
- Why it matters: Lock down APIs and configs—exposed tools are easy targets.
Read more
6. GitHub Backdoors Target Hackers 
- Summary: 100+ repos by “ischhfd83” hide backdoors in code for gamers and crooks.
- Why it matters: Always verify open-source code—trust is risky in 2025.
Read more
7. Qilin Ransomware Hits Fortinet Flaws 
- Summary: Qilin gang exploits Fortinet bugs (e.g., CVE-2024-21762) for remote code execution.
- Why it matters: Patch Fortinet systems now—ransomware thrives on unpatched gear.
Read more
8. Chaos RAT Targets Windows and Linux 
- Summary: Chaos RAT variants spread via fake network tools, hitting both OSes.
- Why it matters: Cross-platform threats are growing—harden all endpoints.
Read more
9. Roundcube Flaw After a Decade 
- Summary: CVE-2025-49113 allows authenticated users to run code on Roundcube servers.
- Why it matters: Patch webmail systems—old bugs are still dangerous.
Read more
10. Play Ransomware Hits 900+ Orgs 
- Summary: Play gang breached 900+ targets since 2022, now exploiting SimpleHelp flaws.
- Why it matters: Segment networks to limit double-extortion damage.
Read more
Takeaway
Scams and exploits are relentless. Stay safe with these steps:
Use strong, unique passwords and enable two-factor authentication.
Verify emails and calls—don’t trust unsolicited contacts.
Keep apps and devices updated to block known vulnerabilities.
Tools of the Week
- Privacy Badger (Everyone) — Browser extension that blocks trackers and protects against data leaks.
- Trivy (Pros) — Scan containers and code for vulnerabilities, catching supply chain risks like Gluestack.
Community Questions
- Everyone: Dodged a scam like Booking.com’s fakes? Share your tip for spotting them!
- Pros: With supply chain attacks like Gluestack on the rise, how are you securing your dependencies?
Stay Connected and Secure
Want more? Join the Crushing Security newsletter for updates: Sign up here.
Drop your thoughts below—let’s keep the convo going!
Suggestions
Got ideas to make these updates better? Comment below, visit the feedback page, or ping Steve.