Cybersecurity Weekly — June 23, 2025

Tracking tech abuse, exploit markets, ransomware takedowns, and a sneak peek into Black Basta’s private chat logs — here's what shaped this week in cyber

🔍 Breaches, Bypasses, and Exposure

Meta and Yandex quietly track Android users
A covert localhost socket mechanism links anonymous web browsing to user identities across billions of devices
🔗 Read more

Russian hackers bypass Gmail MFA via app passwords
Sophisticated phishing campaign impersonated US officials and targeted well-known critics of Russia
🔗 Read more

FortiGate exploit listed for $12,000 on dark web
New tool for mass-exploitation of exposed Fortinet APIs surfaces on underground forums
🔗 Read more

Aflac discloses breach amid insurance sector targeting
Attackers stole personal and health data in a wave of incidents affecting multiple US insurers
🔗 Read more

Fasana forced into insolvency after cyberattack
The German napkin manufacturer halted production and lost €2 million in under two weeks
🔗 Read more

CoinMarketCap compromised in wallet-draining attack
Malicious Web3 popups tricked users into connecting wallets, stealing their crypto
🔗 Read more

Oxford City Council breach exposes two decades of data
Legacy systems were accessed and personally identifiable information compromised
🔗 Read more

🧠 Advanced Threats and Zero Days

Jira prompt injection turns tickets into attack vectors
AI integrations make Atlassian’s JSM vulnerable to novel social engineering exploits
🔗 Read more

Jitter-Trap technique helps detect stealthy attacks
Varonis Threat Labs reveals a new method to expose post-exploitation activity using randomness patterns
🔗 Read more

Linux privilege escalation chain enables root access
Two new local flaws affect major distributions, allowing attackers full system control
🔗 Read more

Motors WordPress theme flaw mass-exploited
CVE-2025-4322 enables admin account hijacking across vulnerable websites
🔗 Read more

OneDrive bug breaks file search across all platforms
Microsoft confirms investigation into file indexing issues affecting web, iOS, Android, and Windows
🔗 Read more

🕵️ Nation-State Threats and Espionage

Black Basta made over $100 million in ransomware payments
Leaked chat logs reveal scale of operations and internal strategy under leader known as "tramp"
🔗 Read more

DanaBot malware infrastructure dismantled
US and European authorities name suspects in the long-running banking trojan operation
🔗 Read more

Lazarus Group blamed for $11 million BitoPro heist
North Korean threat actors strike Taiwanese exchange in targeted cryptocurrency theft
🔗 Read more

LapDogs backdoor infects SOHO devices in new China-linked campaign
China-nexus actors use compromised routers to mask operations and relay traffic
🔗 Read more

📱 Mobile Malware and App Risks

GodFather Android trojan now uses on-device virtualization
Targets Turkish banks by hijacking real banking apps in sandboxed environments
🔗 Read more

Free VPNs still leaking user data to China
TTP warns that despite earlier findings, shady VPNs remain in top app stores
🔗 Read more

Don’t miss what’s next
Subscribe to BagheeraAltered’s Cybersecurity Newsletter for weekly threat summaries, breach reports, and intel from the front lines
Subscribe here
Powered by Buttondown

‍