Svoboda Cybersecurity Brief June 21, 2025

Jun 21, 2025

AT&T Granted Preliminary Approval for $177M Data Breach Settlement

A U.S. judge approved a $177M settlement for AT&T over data breaches in May and July 2024 that exposed personal information of tens of millions of customers. The settlement resolves class-action lawsuits alleging inadequate security measures.
Source: DataBreaches.net

Aflac Discloses Breach Linked to Scattered Spider Campaign

Aflac confirmed unauthorized network access on June 12, 2025, attributing it to a sophisticated cybercrime group (likely Scattered Spider). The breach exposed claims data, health info, and SSNs but did not involve ransomware.
Source: DataBreaches.net

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack

Cloudflare blocked a 37.4 TB DDoS attack peaking at 7.3 Tbps, targeting a hosting provider. The attack used UDP floods (99.996%) and originated from 122,145 IPs across 161 countries, primarily Brazil and Vietnam.
Source: BleepingComputer

Qilin Ransomware Adds “Call a Lawyer” Feature for Affiliates

Qilin introduced a legal support feature to pressure victims into paying ransoms. The RaaS group also offers DDoS tools and spam services, positioning itself as a full-service cybercrime platform.
Source: The Hacker News

Joseph Schmidt, a former Army Sergeant, admitted to attempting to deliver classified intelligence to Chinese authorities. He retained a device for accessing secure military networks and created documents detailing secrets.
Source: DataBreaches.net

Iranian State TV Hacked Amid Geopolitical Tensions

Hackers interrupted broadcasts to air protest messages, while Bank Sepah and Nobitex suffered breaches, losing $90M in crypto. Pro-Iranian hacktivist groups escalated DDoS attacks against Israeli infrastructure.
Source: The Hacker News

Godfather Android Trojan Deploys Sandbox for Banking Fraud

The malware uses VirtualApp and Xposed to virtualize banking apps, stealing credentials in real time. It targets 500+ apps, including crypto and social media platforms, and evades detection via APK manipulation.
Source: SecurityWeek

Motors Theme Vulnerability Exploited to Hack WordPress Sites

CVE-2025-4322 (CVSS 9.8) allows unauthenticated attackers to reset passwords of any user, including admins. Over 22,000 sites use the theme, with mass exploitation observed since June 7.
Impact: Complete site compromise via admin access.
Mitigation: Update to Motors theme v5.6.68+.
Source: SecurityWeek

FreeType Zero-Day (CVE-2025-27363) Linked to Paragon Spyware

Meta discovered the flaw during investigations into WhatsApp zero-day exploits. The bug allows arbitrary code execution via malformed font files and was patched in Android in May.
Source: SecurityWeek

Krispy Kreme Discloses 161,676 Impacted by Ransomware Attack

The Play ransomware group stole employee and family data, including SSNs and medical info, in December 2024. Losses exceeded $11M, with additional costs expected in 2025.
Source: SecurityWeek

Oxford City Council Hit by Cyberattack Exposing Election Worker Data

Attackers accessed legacy systems containing data from 2001–2022, compromising details of poll workers and ballot counters. No evidence of mass data exfiltration was found.
Source: SecurityWeek

Share this brief: https://svo.bz/gACF

If you want to support us, you can donate here: Donate