svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief June 17, 2025

Jun 17, 2025

bulletproof VPN - stay anonymous

Credit Control Corporation Suffers Second Data Breach Affecting 9.1M Consumers

A hacker forum post claims a new breach at Credit Control Corporation (CCC), exposing data of 9.1M consumers, including names, addresses, and SSNs. The seller alleges an insider provided server access, bypassing CCC’s enhanced security measures post-2023 breach.
Source: DataBreaches

Microsoft Copilot AI Bug (CVE-2025-32711) Leaks Data via Email Prompts

A zero-click vulnerability (CVSS 9.3) in Microsoft 365 Copilot allowed data exfiltration via crafted emails. Patched by Microsoft, with no observed exploitation.
Impact: Unauthorized access to sensitive data via AI-generated responses.
Mitigation: Apply latest updates; no user action required.
Source: DataBreaches

Zoomcar Discloses Breach Impacting 8.4M Users

The India-based car-sharing platform confirmed unauthorized access to user data (names, phone numbers, addresses) but excluded financial data. Attackers contacted employees directly after the breach.
Source: BleepingComputer

Anubis Ransomware Deploys Wiper Module to Permanently Delete Files

The RaaS operation now includes a “/WIPEMODE” feature to zero out files, making recovery impossible even after ransom payment. Targets healthcare, construction, and hospitality sectors globally.
Impact: Data destruction and encryption.
Mitigation: Segment networks; monitor for phishing (initial vector).
Source: The Hacker News

Archetyp Dark Web Drug Marketplace Shut Down in International Operation

Europol-led “Operation Deep Sentinel” seized €7.8M and arrested 8 suspects, including the alleged admin, after infiltrating the €250M drug trafficking platform.
Source: SecurityWeek

ASUS Armoury Crate Bug (CVE-2025-3464) Grants SYSTEM Privileges

A flaw in ASUS’s system management software allows privilege escalation via hardlink manipulation of AsIO3.sys. Impacts versions 5.9.9.0 to 6.1.18.0.
Impact: Full system compromise via local access.
Mitigation: Update to latest version via Armoury Crate’s “Update Center”.
Source: BleepingComputer

Washington Post Email System Hacked by Suspected State Actor

Journalists covering national security and China were targeted in a breach of Microsoft email accounts, likely by APT actors exploiting Exchange vulnerabilities.
Source: BleepingComputer

Scattered Spider Shifts Focus to US Insurance Firms

The group uses social engineering (MFA bombing, SIM swapping) and deploys RansomHub/Qilin ransomware. Google warns of sector-wide targeting.
Impact: Data theft and ransomware deployment.
Mitigation: Strengthen identity controls; monitor helpdesk social engineering.
Source: BleepingComputer

German Napkin Manufacturer Declares Insolvency After Cyberattack

Fasana filed for bankruptcy after a May 2025 ransomware attack paralyzed IT systems, causing €250K+ daily losses. Attackers left ransom notes on printers.
Source: DataBreaches

North Korean IT Worker Scheme Tied to $7.74M Crypto Seizure

The DOJ seized funds linked to a DPRK operation using fake identities/AI tools to infiltrate crypto firms and launder proceeds via shell companies.
Source: The Hacker News

Tenable Nessus Agent Flaws (CVE-2025-36631/2/3) Allow System Takeover

Three high-severity bugs enable file manipulation and code execution as SYSTEM. Fixed in version 10.8.5.
Impact: Privilege escalation and data destruction.
Mitigation: Upgrade to Nessus Agent 10.8.5+.
Source: SecurityWeek

Malicious PyPI/npm Packages Deliver Pulsar RAT

Packages like eslint-config-airbnb-compat and solders used obfuscated JavaScript to fetch payloads from firewall[.]tel and cdn.audiowave[.]org.
Impact: Remote code execution via supply chain attack.
Mitigation: Audit dependencies; block suspicious domains.
Source: The Hacker News

Sentara Health Terminates Remote Workers Over Identity Fraud

Lab services employees outsourced work internationally, exposing 13,278 patient records (SSNs, medical data). Unable to verify if hired individuals performed tasks.
Source: DataBreaches

WMATA Train Operators Arrested in $362K Healthcare Fraud Scheme

Used forged doctor notes to submit fake AFLAC insurance claims, sharing kickbacks. Five accomplices already pleaded guilty.
Source: DataBreaches

Kali Linux 2025.2 Released with CARsenal Car Hacking Toolkit

Updated distro includes 13 new tools like hlcand and CaringCaribou, plus MITRE ATT&CK-aligned menu restructuring.
Source: BleepingComputer

Share this brief: https://svo.bz/dwDt

If you want to support us, you can donate here: Donate