Microsoft Releases Script for Restoring Critical inetpub Folder
Microsoft has introduced a PowerShell script to facilitate the restoration of the ‘inetpub’ folder, which was unintentionally created by the April 2025 Windows security updates, should it be deleted.…

Emerging Atomic macOS Stealer Campaign Leverages ClickFix Exploit to Target Apple Users
Cybersecurity researchers have identified a significant malware campaign utilizing the ClickFix social engineering technique to deceive users into downloading an information-stealing malware identified as Atomic macOS Stealer (AMOS) on…

Cybersecurity 2025: Six Critical Trends for CISOs to Monitor
This year’s Infosecurity Europe 2025 gathered industry experts to discuss the latest trends, challenges, and successes in the cybersecurity domain. The following six key trends emerged from conversations across…

PowerSchool Cybersecurity Incident: Hacker Pleads Guilty and Granted Release on Personal Recognizance Bond
A 19-year-old student from Assumption College has been implicated in a series of cyber extortion activities targeting at least two organizations, including a telecom company and a widely recognized…

Zero-Click iMessage Exploit Targets Key Officials in the US and EU
iVerify has identified a critical zero-click vulnerability in iMessage, referred to as “NICKNAME,” which has been exploited in targeted attacks against high-value individuals in both the United States and…

OpenAI Mandated to Safeguard ChatGPT Conversations
OpenAI has formally challenged a court order mandating the retention of user conversations, which forms part of an ongoing copyright infringement lawsuit filed by The New York Times and…

Optima Tax Relief Experiences Ransomware Incident Resulting in Data Breach
U.S. tax resolution firm Optima Tax Relief has recently fallen victim to a Chaos ransomware attack, resulting in the exposure of sensitive data. The attackers have claimed responsibility for…

Microsoft Collaborates with CBI to Disrupt Indian Call Center Operation Involved in Japanese Tech Support Fraud
India’s Central Bureau of Investigation (CBI) has successfully dismantled two illegal call centers involved in a sophisticated transnational tech support scam targeting Japanese citizens. The operation resulted in the…

Termination of Miami Hospital Employee Following Patient Information Data Breach
More than 2,000 patients of Jackson Health System experienced a significant breach of their personal information, which included names, addresses, and medical details. This unauthorized access was perpetrated by…

Nigerian National Receives Over Five-Year Sentence for Cybercrime, Including Hacking, Fraud, and Identity Theft.
KINGSLEY UCHELUE UTULU was sentenced today to 63 months in prison following a ruling by U.S. District Judge Paul G. Gardephe. The case was announced by Jay Clayton, the…

Over 20 Malicious Applications on Google Play Seek to Exploit User Seed Phrases
Recent investigations have revealed that over 20 malicious applications available on Google Play are engaged in the theft of cryptocurrency seed phrases. These deceptive applications masquerade as reputable wallets…

Supply Chain Compromise Affects Gluestack NPM Packages with 960,000 Weekly Downloads
A significant supply chain compromise has occurred within the Node Package Manager (NPM) ecosystem, impacting 16 widely utilized Gluestack packages, specifically ‘react-native-aria’. These packages collectively account for over 950,000…

Texas Department of Transportation Initiates Investigation into Breach of Crash Report Records and Distributes Notification Letters
A recent incident involving the Texas Department of Transportation (TxDOT) has brought to light a significant breach of security within its Crash Records Information System (CRIS). On May 12,…

Emergence of New Supply Chain Malware Operation Targeting npm and PyPI Ecosystems Affects Millions Worldwide
Cybersecurity researchers have identified a significant supply chain attack targeting multiple packages associated with GlueStack, which has led to the delivery of malware. The threat was introduced through alterations…

ICE Initiates Deportation Proceedings Against Australian Cybersecurity Offender “DR32”
The recent developments regarding David Kee Crees, an Australian citizen, have garnered attention within the cybersecurity community. Crees, who has operated under various online aliases including “Abdilo,” “Notavirus,” “Surivaton,”…

Malicious Browser Extensions Compromise Security of Over 700 Users Throughout Latin America Since Early 2025
Cybersecurity researchers have identified an ongoing campaign targeting users in Brazil since the beginning of 2025. This campaign involves the distribution of a malicious extension for Chromium-based web browsers…

Federal Government’s Engagement with Artificial Intelligence Regulations
On Thursday, a testimony was presented before the House Committee on Oversight and Government Reform during a hearing focused on the implications of artificial intelligence within the federal government.…

Cybercriminals Exploit Phony IT Support Calls to Compromise Corporate Systems, Google
A financially motivated group of hackers identified as UNC6040 has adopted a straightforward yet efficient strategy to execute breaches within targeted organizations. This group primarily aims to exploit vulnerabilities…

Weekly Security Overview (June 1 – June 7)
Last week, significant developments in the realm of information security were reported across various platforms.

Recent articles highlighted the concerning issue of AsyncRAT infections, with victims increasingly finding themselves…

Evaluating the Limitations of Your IdP or CASB: Five Critical Risks Associated with Shadow IT
Organizations often overlook the risks of shadow IT, which do not require internal sabotage to lead to data breaches. Situations such as forgotten free trials, AI-powered tools syncing data…