Major Cyber Attacks, Ransomware Attacks and Data Breaches of June 2025


 What do global brands like United Natural Foods, North Face, Cartier, Zoom Car, Episource, WestJet, and The Washington Post have in common? On the surface, very little. Yet, beneath their diverse operations, a shared vulnerability unites them: each fell victim to the escalating and damaging effects of cybercrime in June 2025.

This wasn’t just about isolated incidents. From widespread unauthorized access to internal systems to major disruptions in critical operations and customer order fulfillment, the collective impact of June 2025’s cyber incidents has been more devastating than ever. In countless cases, millions of sensitive customer and employee accounts were breached, exposing confidential information and eroding public trust. This alarming trend serves as a stark warning to businesses in Canada and the USA about the rapidly evolving threat landscape.

The writing on the wall couldn’t be clearer: comprehensive cyber preparedness and building robust cyber resilience are no longer optional extras but an urgent, undeniable priority for every business navigating the digital complexities of late 2025 and beyond.

If your organization aims to stand a fighting chance against the ever-present and devastating consequences of a major cyber attack, simply investing in the latest technology won’t suffice. The true differentiator lies in a multi-faceted approach, anchored by a comprehensive Cyber Incident Response Plan (CIRP) backed by robust, ongoing training. It’s a critical business imperative now to proactively prepare through regular cyber tabletop exercises that meticulously simulate real-world attack scenarios. These vital simulations allow you to stress-test your cybersecurity response capabilities across all departments and rehearse these responses regularly, transforming theoretical knowledge into practical readiness.

Ultimately, only those organizations that seamlessly combine the right tools with strategically trained people, optimized processes, and meticulous preparation will possess the agility to truly protect their brand, retain invaluable customer trust, and ensure uninterrupted operations in the face of these growing, sophisticated cyber threats.


This month’s report delves deeper into:

  • Ransomware Attacks in June 2025
  • Data Breaches in June 2025
  • New Malware and Ransomware Discovered
  • Vulnerabilities Discovered and Patches Released
  • Advisories issued, reports, analysis, etc., in June 2025

 

Ransomware Attacks in June 2025

DateVictimSummaryThreat ActorBusiness ImpactSource Link
June 01, 2025Durant (OK), Lorain County (OH), and Puerto Rico’s Justice DepartmentThousands impacted by cyber attacks on governments in Ohio, Oklahoma, Puerto RicoRansomHub (Apparently)Ransomware attacks—likely linked to the RansomHub gang—have disrupted critical services for thousands across Durant (OK), Lorain County (OH), and Puerto Rico’s Justice Department, crippling courts, communications, and digital services as officials scramble to restore operations.Source: The Record
June 04, 2025Lee EnterprisesNewspaper giant Lee Enterprises says nearly 40,000 Social Security numbers leaked in ransomware attackQilin RansomwareA ransomware attack by Qilin on newspaper giant Lee Enterprises exposed nearly 40,000 Social Security numbers, disrupted publishing operations nationwide, and caused $2 million in recovery costs along with significant revenue losses.Source: The Record 
June 05, 2025Kettering HealthKettering Health confirms attack by Interlock ransomware group as health record system is restoredInterlockOhio’s Kettering Health confirmed a ransomware attack by the Interlock gang that disrupted internal systems, phone lines, and electronic health records across 14 hospitals, forcing procedure cancellations and ambulance diversions, with data including financial records reportedly stolen.Source: The Record
June 06, 2025Optima Tax ReliefTax resolution firm Optima Tax Relief hit by ransomware, data leakedChaos RansomwareU.S. tax resolution firm Optima Tax Relief was hit by a double-extortion Chaos ransomware attack—resulting in 69 GB of sensitive corporate and client data, including tax documents, being stolen, encrypted, and leaked online by the threat actors.Source: Bleeping Computer
June 09, 2025Sensata TechnologiesSensata Technologies says personal data stolen by ransomware gangUnknownA ransomware attack in early April by an unknown threat group infiltrated Sensata Technologies’ network (March 28–April 6), encrypting systems and stealing personal and sensitive data—including SSNs, driver’s licenses, financial and medical information—for over 15,000 employees and dependents, now prompting identity monitoring offersSource: Bleeping Computer
June 10, 2025South Korea’s major ticketing platform Yes24Ransomware attack on ticketing platform upends South Korean entertainment industryUnknownA ransomware attack by an unknown threat actor on South Korea’s major ticketing platform Yes24 has disrupted online bookings, e-book access, and community forums for over four days, forcing cancellations and postponements of K-pop concerts and musicals, triggering a privacy investigation over potential customer data breaches, and echoing similar high-impact attacks on U.S. ticketing platforms like StubHub and Ticketmaster.Source: The Record 

 

Data Breaches in June 2025

DateVictimSummaryThreat ActorBusiness ImpactSource Link
June 02, 2025North FaceNearly 3,000 North Face website customer accounts breached as retail incidents continueScattered SpiderA credential stuffing attack on The North Face exposed sensitive customer data—including names, addresses, and purchase history—of nearly 3,000 users, as part of a broader campaign likely linked to the Scattered Spider ransomware group.North Face Data Breached
June 02, 2025CartierCartier discloses data breach amid fashion brand cyber attacksScattered SpiderLuxury brand Cartier has disclosed a data breach in which hackers accessed and stole limited customer information after compromising its systems.Cartier Data Breach
June 09, 2025Texas and Illinois state agencies, TxDOTNearly 300,000 crash records stolen from Texas transportation departmentUnknownTexas and Illinois state agencies warned that hackers—unnamed but believed to be organised cyber criminals—compromised a TxDOT account to download nearly 300,000 crash reports containing personal and licensing information, while a phishing campaign against Illinois HFS employees exposed the sensitive data (SSNs, IDs, financial details) of 933 individuals.Source: The Record
June 12, 2025AflacAflac says it stopped attack launched by ‘sophisticated cyber crime group’Scattered Spider (apparently)Aflac disclosed that on June 12 it was hit by a sophisticated social-engineering attack—likely the work of the Scattered Spider cyber crime group—that may have exposed Social Security numbers, health records, claims data, and personal information before the intrusion was swiftly contained.Source: The Record
June 16, 2025Zoom Car8.4 million people affected by data breach at Indian car share company ZoomcarUnknownZoomcar revealed that hackers accessed personal data—including names, phone numbers, addresses, email addresses, and car registration numbers—belonging to approximately 8.4 million users (detected June 9), though no threat actor has been publicly identified and there’s no evidence financial or password details were stolen.Source: The Record
June 16, 2025Email hosting provider Cock.liHacker steals 1 million Cock.li user records in webmail data breachUnknownA hacker exploited a Roundcube webmail vulnerability to steal over 1 million Cock.li user records—exposing email metadata and around 93,000 contact entries, though passwords and email contents remain safe—but the specific threat actor remains unidentified.Source: Bleeping Computer
June 17, 2025EpisourceMore than 5 million affected by data breach at healthcare tech firm EpisourceUnknownEpisource, a healthcare tech provider, suffered a cyber attack from late January to early February that exposed sensitive personal and medical data—including SSNs, insurance IDs, diagnoses, test results, and more—of over 5.4 million individuals, though no threat actor has yet claimed responsibility.Source: The Record
June 17, 2025ScaniaScania confirms insurance claim data breach in extortion attemptHensi hackerScania’s insurance claims portal was breached in late May using stolen third-party credentials, resulting in the theft and dark‑web sale of thousands of claim documents by an extortionist calling themselves “hensi,” though the fallout appears limited so far.Source: Bleeping Computer
June 17, 2025SaaS provider EpisourceHealthcare SaaS firm says data breach impacts 5.4 million patientsUnknownA ransomware-driven breach at healthcare SaaS provider Episource between January 27–February 6 exfiltrated sensitive personal and medical data for approximately 5.4 million U.S. patients—though the attacker remains unidentified and data misuse has not been detected.Source: Bleeping Computer
June 20, 2025ViasatTelecom giant Viasat breached by China’s Salt Typhoon hackersSalt TyphoonViasat, a major satellite communications provider, was breached by China’s state-linked Salt Typhoon hacking group—allowing them unauthorised access via a compromised device, though no customer impact was detected and the incident has since been remediated.Source: Bleeping Computer
June 21, 2025Oxford City CouncilOxford City Council suffers breach exposing two decades of dataUnknownOxford City Council suffered a cyber breach in early June that exposed personal data of current and former council officers from as far back as 2001 to 2022 and disrupted ICT services—though no threat actor has yet been identified.Source: Bleeping Computer
June 22, 2025McLaren Health CareData of more than 740,000 stolen in ransomware attack on Michigan hospital networkInternational ransomware gang linked to INC groupMcLaren Health Care revealed that an international ransomware gang (linked to the INC group) infiltrated its systems between July 17 and August 3, 2024, stealing Social Security numbers, driver’s license details, medical records, and insurance information for 743,131 individuals—leading to system outages, canceled procedures, and provision of credit monitoring services.Source: The Record
June 22, 2025NucorSteel giant Nucor confirms hackers stole data in recent breachUnknownNucor, North America’s largest steelmaker, confirmed that cyber attackers breached its network in June—temporarily halting production at multiple facilities, stealing corporate data, and triggering an SEC filing—though the perpetrators remain unidentified.Source: Bleeping Computer
June 22, 2025McLaren Health Care (and Karmanos Cancer Institute)McLaren Health Care says data breach impacts 743,000 patientsINC ransomwareA July 2024 ransomware attack by the INC gang on McLaren Health Care (and Karmanos Cancer Institute) exposed personal and health data of about 743,000 patients, disrupted IT and phone systems across its 14‑hospital network, and prompted delayed notification after nine months.Source: Bleeping Computer
June 26,  2025Ahold DelhaizeRetail giant Ahold Delhaize says data breach affects 2.2 million peopleINC RansomA ransomware attack in November targeted Ahold Delhaize’s U.S. systems, exposing sensitive personal, financial, and health data of approximately 2.2 million individuals—INC Ransom was believed to be behind the breach and had posted samples of the stolen files.Source: Bleeping Computer

 

Cyber Attacks in June 2025

DateVictimSummaryThreat ActorBusiness ImpactSource Link 
June 5, 2025United Natural FoodsMajor food wholesaler says cyber attack impacting distribution systemsUnknownUnited Natural Foods disclosed a cyber attack that forced systems offline, disrupting operations and order fulfillment, with ongoing business impacts and recovery efforts underway.Source: The Record
June 07, 2025Gluestack’s NPM packageMalware found in NPM packages with 1 million weekly downloadsUnknownA supply chain attack compromised Gluestack’s popular NPM packages—collectively downloaded 960,000 times weekly—potentially exposing countless developers to malicious code.Source: Bleeping Computer
June 09, 2025SentinelOneSentinelOne shares new details on China-linked breach attemptAPT41A China-linked APT41 group deployed ShadowPad via a supply‑chain attack on SentinelOne’s IT logistics partner in early 2025—while also conducting reconnaissance (PurpleHaze) of SentinelOne servers—to install backdoors and exfiltrate data, though no direct breach of SentinelOne itself was found.Source: Bleeping Computer
June 13, 2025Thomasville, North Carolina, and Georgia’s Ogeechee Judicial Circuit District Attorney’s Office, with Thomasville’s city systemsGovernment offices in North Carolina, Georgia disrupted by cyber attacksUnknownCyber attacks disrupted operations in Thomasville, North Carolina, and Georgia’s Ogeechee Judicial Circuit District Attorney’s Office, with Thomasville’s city systems taken offline and the DA’s office—covering four counties—suffering phone and internet outages, court closures, and limited staff capabilities; while no data compromise has been confirmed, Georgia officials admitted prior delays in implementing a backup system, though recent cybersecurity upgrades helped mitigate catastrophic data loss.Source: The Record
June 14, 2025WestJetWestJet investigates cyber attack disrupting internal systemsUnknownWestJet suffered a cyber attack that disrupted access to its mobile app, website, and select internal systems—though flight operations remained unaffected—as the airline investigates the scope and works with law enforcement; the threat actor remains unidentified and no direct claim has been made.Source: Bleeping Computer
June 15, 2025The Washington PostThe Washington Post’s email system hacked, journalists’ accounts compromisedUnknownJournalists at The Washington Post had their Microsoft-based email accounts compromised in a targeted cyber attack—believed to be state‑sponsored—giving intruders access to sensitive internal communications, though overall systems and customer data were not affected.Source: Bleeping Computer
June 17, 2025Iran’s Bank SepahPro-Israel hackers claim breach of Iranian bank amid military escalationPredatory SparrowPro-Israel hacking group Predatory Sparrow, allegedly linked to Israeli military intelligence, claimed a cyber attack on Iran’s Bank Sepah—disrupting banking services, ATM withdrawals, card payments, and possibly fuel transactions—as retaliation for the bank’s alleged role in funding Iran’s military and nuclear programs, amid escalating Israel-Iran tensions.Source: The Record
June 18, 2025Iran’s Nobitex exchangePro-Israel hackers hit Iran’s Nobitex exchange, burn $90M in cryptoPredatory Sparrow (aka Gonjeshke Darande)A pro-Israel hacktivist group known as Predatory Sparrow (aka Gonjeshke Darande) stole and “burned” over $90 million in cryptocurrency from Iran’s Nobitex exchange on June 18, 2025—destroying the funds by sending them to unusable “vanity” wallets in a politically motivated cyber attack.Source: Bleeping Computer
June 19, 2025Glasgow City Council and CGIGlasgow City Council impacted by ‘cyber incident’UnknownGlasgow City Council and its ICT provider CGI confirmed that a cyber attack  disrupted multiple online services (from planning forms to bin schedules), forced affected servers offline, and may have resulted in the theft of customer data.Source: The Record
June 19, 2025Hawaiian AirlinesHawaiian Airlines discloses cyber attack, flights not affectedUnknownHawaiian Airlines experienced a cyber attack that disrupted access to some internal IT systems—though flights remained on schedule—and while the nature (e.g., ransomware) is unclear, no threat actors have claimed responsibilitySource: Bleeping Computer

 

New Ransomware/Malware Discovered in June 2025

New RansomwareSummary
Acreed malwareAccording to a report, a newly emerged malware called Acreed is gaining ground in the Russian cyber criminal market and is expected to become the go-to infostealer for hackers, following the recent takedown of Lumma stealer.
DarkGaboon (hacking group)DarkGaboon, a financially driven cyber crime group active since 2023, has been independently targeting Russian organisations across multiple sectors using phishing emails and leaked LockBit 3.0 ransomware, according to Positive Technologies.
SuperCard — a malicious variant of the NFCGate toolRussian cybersecurity firm F6 reported the first local attacks using SuperCard — a malicious variant of the NFCGate tool — which steals bank data via NFC on infected Android devices, marking a shift to commercialised malware-as-a-service operations with global targeting and causing $5.5 million in losses and over 175,000 infections in Russia alone.

 

Vulnerabilities Discovered & Patches Released in June 2025

DateNew Flaws/FixesSummary
June 02, 2025CVE-2025-21479, CVE-2025-21480, CVE-2025-27038Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks.
June 02, 2025CVE-2025-5419Google has issued an emergency security update to patch CVE-2025-5419, the third zero-day vulnerability in Chrome exploited in attacks since the beginning of the year.
June 03, 2025CVE-2025-3935CISA has warned U.S. federal agencies of active exploitation of a recently patched ScreenConnect flaw and four other vulnerabilities, including CVE-2025-3935, affecting ASUS routers and the Craft CMS.
June 03, 2025CVE-2025-37093HPE has warned of eight vulnerabilities— including the critical CVE-2025-37093—affecting all StoreOnce versions before v4.3.11, urging users to upgrade to the latest release.
June 08, 2025CVE-2024-3721A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them.
June 09, 2025CVE-2025-49113Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public exploit.
June 10, 2025CVE-2025-33053Microsoft’s June 2025 Patch Tuesday addressed 66 security flaws—including one actively exploited WebDAV zero‑day leveraged by APT‑style attackers and another publicly disclosed SMB flaw—to close remote‑code execution and privilege‑escalation gaps. Another report says that Stealth Falcon hackers exploited a Windows WebDAV zero-day (CVE-2025-33053) to deliver custom malware in targeted attacks, primarily against Middle Eastern government and defence entities.
June 11, 2025CVE‑2025‑32711A critical “EchoLeak” zero‑click flaw (CVE‑2025‑32711) in Microsoft 365 Copilot could have silently exfiltrated sensitive corporate data via a malicious email prompt injection—though Microsoft patched it server-side in May before any known exploitation
June 13, 2025CVE‑2024‑57727CISA has issued an advisory warning that ransomware actors have been exploiting CVE‑2024‑57727, a path‑traversal flaw in unpatched SimpleHelp RMM software, to breach a utility billing provider and launch double‑extortion attacks
June 15, 2025CVE-2025-4123More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.
June 16, 2025CVE‑2025‑3464A critical flaw in ASUS Armoury Crate’s kernel driver allowed local attackers—once on a system—to elevate to SYSTEM privileges and potentially take full control of Windows machines
June 18, 2025CVE-2025-5309BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote code execution on vulnerable servers.
June 21, 2025CVE-2025-4322Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme “Motors” to hijack administrator accounts and gain complete control of a targeted site.
June 23, 2025CVE-2023-20198The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored ‘Salt Typhoon’ hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.
June 25, 2025CVE-2025-6543Citrix warned that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition.
June 26, 2025CVE-2025-20281 ,CVE-2025-20282Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC).
June 26, 2025CVE-2024-51978A critical flaw (CVE-2024-51978) affected 742 printer models from Brother, Fujifilm, Toshiba, and Konica Minolta, allowing remote attackers to generate default admin passwords—with no firmware fix possible for existing devices.

 

Warnings/Advisories/Reports/Analysis

News TypeSummary
ReportAccording to a recent report, a little-known hacking group, Black Owl, has emerged as a major threat to Russian state institutions and critical industries. The group is reportedly carrying out cyber attacks intended to cause maximum disruption while also seeking financial gain.
WarningGoogle warned that a cyber criminal operation known as “The Com” is tricking companies into giving them widespread access to a popular Salesforce tool, allowing them to steal sensitive data and move through other parts of the organisations.
ReportAccording to newly released FBI data, the Play ransomware gang has targeted over 900 organisations since its emergence in 2022, establishing itself as one of the most dangerous active cyber crime groups.
ReportScammers used phishing to steal £47 million by posing as taxpayers and targeting 100,000 HMRC accounts in a rebate fraud—though no customer funds were lost, arrests were made, and HMRC clarified it was not a cyber or hacking attack like recent ones on major retailers.
ReportA newly released report reveals that a cyberespionage group suspected of links to Iran, known as BladedFeline—a likely subgroup of OilRig—has been targeting Kurdish and Iraqi government officials in a prolonged spying campaign, according to cybersecurity firm ESET.
ReportA report said that the “Russian Market” cyber crime marketplace has become a leading hub for trading credentials stolen through information-stealing malware.
ReportArkana Security briefly relisted over 569 GB of Ticketmaster data—originally stolen in Snowflake breaches tied to ShinyHunters in 2024—for sale again over the weekend, reigniting concerns about widespread exposure of customer ticketing and personal information.
ReportAI is being called a “data‑breach time‑bomb” after a Varonis report found that 99% of organisations expose sensitive information across clouds, apps, and AI copilots—making a single prompt capable of leaking critical data.
ReportA recent Coinbase data breach was linked to India-based TaskUs support staff who were bribed by threat actors to leak user data, with two employees admitting to the scheme after one was caught photographing her screen.
ReportGoogle’s Threat Intelligence Group has linked voice phishing attacks by hackers posing as ShinyHunters to attempts at stealing data from Salesforce platforms by tricking employees into using a tampered Data Loader tool.
ReportOpenAI dismantled multiple ChatGPT accounts linked to state-backed hackers and disinformation campaigns from countries including China, Russia, North Korea, Iran, and the Philippines, citing misuse for malware development, influence operations, and employment scams.
ReportThe NHS is urgently calling for 1 million blood donors as stocks remain critically low due to last year’s ransomware attack on Synnovis by the Qilin group, which disrupted pathology services and led to overuse of O-type blood, while over 900,000 patients’ sensitive medical data remains compromised and many still await breach notification.
ReportKazakhstan has arrested over 140 individuals, including business owners and Telegram channel admins, for allegedly selling citizens’ personal data from government databases, with some of the stolen info shared with debt collectors and over 400 devices seized in the crackdown.
ReportA massive Google Cloud outage on June 12 disrupted core services—API management failures caused widespread outages across Gmail, Drive, Cloudflare-integrated services, and other critical platforms for over three hours before recovery
ReportVictoria’s Secret has fully restored its critical systems and e-commerce platform following a May 24 cyber attack that forced a three-day shutdown—though it continues to assess financial impacts and incurred remediation costs.

Report

The hacker group Rare Werewolf has targeted hundreds of devices in Russia, Belarus, and Kazakhstan—mainly in industrial firms and engineering schools—using phishing emails to deploy XMRig cryptomining malware via malicious attachments, Kaspersky reports
ReportCyber crime group FIN6 (aka Skeleton Spider) is impersonating job seekers on LinkedIn and Indeed to trick recruiters into opening phishing emails containing the MoreEggs backdoor, marking a shift from their usual payment card and PoS data theft operations, according to DomainTools.
WarningGoogle has warned that the Scattered Spider hacking collective (aka UNC3944) is now targeting U.S. insurance companies—using sophisticated social‑engineering techniques on help desks and call centers to breach sensitive corporate systems
ReportSingapore led a multinational law enforcement operation across seven Asian jurisdictions—including Hong Kong, South Korea, Malaysia, the Maldives, Thailand, and Macao—that investigated 33,900 suspects tied to over 9,200 scams (including investment fraud, fake job sites, and pig butchering), arrested more than 1,800 individuals, froze 32,000 scam-linked bank accounts, and seized $20 million, in response to an estimated $225 million in total victim losses.
ReportBelarusian hacktivists known as the Cyber Partisans publicly taunted Kaspersky—mocking the firm’s detailed report on their cyber attacks by suggesting it was merely a self-serving defence of its outdated security tools—asserting they remain undeterred and even grateful for the unintended attention
ReportA Fog ransomware attack on an Asian financial institution stood out due to the unusual use of legitimate employee monitoring software (Syteca) and rare pentesting tools (like GC2), raising concerns that the operation may have been a front for espionage rather than a typical ransomware campaign.
ReportIn a court filing, privacy ombudsman Neil Richards urged that bankrupt genomics firm 23andMe should have obtained separate and affirmative consent from customers before selling their sensitive genetic data — a move prompted by consumer concerns, spikes in deletion requests following a 2023 hack and the company’s March bankruptcy, and criticism from lawmakers, as 23andMe’s prior privacy updates were deemed unclear and possibly conflicting with its public assurances.
ReportThe UK’s Information Commissioner fined genetic testing firm 23andMe £2.31 million for “profoundly damaging” security failures that exposed sensitive genetic, health, and personal data of over 150,000 UK users during a 2023 credential-stuffing breach.
WarningGoogle warned that the notorious Scattered Spider (aka UNC3944) hacker group—recently linked to major retail breaches—has now shifted its focus to the insurance sector in the U.S., targeting help desks and call centers with sophisticated social‑engineering attacks to infiltrate networks and access sensitive customer data.
ReportRadware reported that the pro-Cambodian hacktivist group AnonsecKh (aka Bl4ckCyb3r) launched at least 73 DDoS and defacement attacks on Thai government and private-sector websites following a border skirmish on May 28, intensifying operations amid rising military tensions.
ReportKrispy Kreme confirmed that a November 2024 cyber attack—claimed by the Play ransomware gang—compromised the personal data of around 161,676 people (predominantly employees and family members), including SSNs, driver’s licenses, payment details, health and biometric records, disrupted online ordering, and led to over $11 million in losses.
ReportResearchers from Recorded Future and Resecurity discovered that threat actor Brigada Cyber PMC used the Redline infostealer to hack a Paraguayan government official’s device, leading to the leak of personal data belonging to 7.4 million citizens on dark web forums.
ReportNorth Korea’s BlueNoroff APT (aka TA444) used deepfake videos of company executives during fake Zoom calls in June 2025 to trick employees into installing custom macOS malware aimed at cryptocurrency theft.
ReportCloudflare mitigated a record-breaking 7.3 Tbps DDoS attack in mid-May that flooded a hosting provider with 37.4 TB of data in just 45 seconds, using a global, automated defence system to block traffic from over 122,000 IPs across 161 countries.
ReportA recent “16 billion credentials” leak isn’t a fresh breach but a massive compilation of old passwords stolen over years via infostealer malware and credential-stuffing attacks—simply repackaged and briefly exposed online
ReportAnother report on the Synnovis data breach said that the ransomware attack by the Qilin group on Synnovis in June 2023 disrupted blood testing across London hospitals, contributing to a patient’s death and exposing sensitive medical data of over 900,000 individuals, according to the NHS.
ReportA British hacker known as “IntelBroker” (Kai West) has been charged in the U.S. for breaching dozens of global companies—stealing and selling sensitive data, inflicting over $25 million in damages, and trafficking stolen information via BreachForums.
WarningThe U.S. Department of Homeland Security has issued a National Terrorism Advisory warning that Iran-backed cyber threat actors and pro‑Iranian hacktivists are likely to ramp up low-level cyber attacks targeting poorly secured U.S. networks, internet-connected devices, and critical infrastructure amid the current Israel–Iran conflict
ReportThe U.S. House of Representatives has officially banned WhatsApp on all government-issued devices—citing it as a “high-risk” app due to unclear data protection, lack of stored-data encryption, and other security vulnerabilities.
ReportHackers have been abusing ConnectWise ScreenConnect’s trusted installer by tampering with its Authenticode signature—injecting malicious settings that convert it into signed remote access malware for stealthy initial access.
ReportA new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s devices with infostealers and backdoors.
ReportAmerican grocery giant United Natural Foods (UNFI) reported that it has restored its core systems and brought online the electronic ordering and invoicing systems affected by a cyberattack.
ReportHackers associated with “Scattered Spider” tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors.

 

Conclusion: Securing Your Digital Future with Synergy IT Cybersecurity USA

The pervasive cyber incidents of June 2025, meticulously detailed in this report, serve as an undeniable testament to the heightened and ever-evolving threat landscape. From sophisticated ransomware crippling operations to widespread data breaches exposing millions, the digital battlefield demands more than just basic defenses. For businesses across the USA, the imperative for proactive cyber preparedness and robust cyber resilience has never been more urgent.

It’s clear that in today’s environment, where threats are complex and relentless, no organization can afford to navigate these waters alone. The ability to protect your brandretain customer trust, and ensure uninterrupted operations hinges on a strategic combination of the right tools, highly trained personnel, optimized processes, and meticulous preparation.

This is where Synergy IT Cybersecurity USA steps in. As your dedicated partner in safeguarding digital assets, we understand the unique challenges faced by businesses in the modern cyber threat environment. Our expertise extends beyond merely reacting to incidents; we specialize in building comprehensive, proactive cybersecurity frameworks that integrate cutting-edge technology with best-in-class people and processes. From developing bespoke Cyber Incident Response Plans to conducting realistic cyber tabletop exercises and deploying advanced threat detection solutions, we are committed to fortifying your defenses.

Don’t leave your business vulnerable to the next wave of cyberattacks. Take control of your security posture today.

Contact Synergy IT Cybersecurity USA to assess your organization’s unique risks and build a resilient cybersecurity strategy tailored to protect your operations and ensure your peace of mind.

Source : https://www.cm-alliance.com/cybersecurity-blog/major-cyber-attacks-ransomware-attacks-and-data-breaches-of-june-2025

Contact : 
 
Synergy IT solutions Group 
 
US : 167 Madison Ave Ste 205 #415, New York, NY 10016 
 
Canada : 439 University Avenue, 5th Floor, Toronto, ON M5G 1Y8 
 
US :  +1(917) 688-2018 
Canada : +1(905) 502-5955 
 
Email  :  
info@synergyit.com 
sales@synergyit.com 
 
info@synergyit.ca 
sales@synergyit.ca 
 
Website : https://www.synergyit.ca/   ,  https://www.synergyit.com/ 
 

Comments

Popular posts from this blog

January 2025: Recent Cyber Attacks, Data Breaches, Ransomware Attacks

Major Cyber Attacks, Data Breaches, Ransomware Attacks in December 2024

APTs in 2025: Key Trends and Predictions