🚨 Cyberattack during holiday downtime shut down online sales — 1/3 of revenue gone in hours.

Attackers strike when teams are offline. Is your SOC ready 24/7?

Here’s how to fix that ↓ https://thehackernews.com/2025/06/6-steps-to-247-in-house-soc-success.html

🚨 Qilin ransomware just added legal support for affiliates — yes, actual lawyers.

Victims now face not just hackers, but fake lawsuits pressuring them to pay.

The cybercrime-as-a-service model is evolving fast.

Details here → https://thehackernews.com/2025/06/qilin-ransomware-adds-call-lawyer.html

🚨 UK retail giants M&S and Co-op hit in a single cyber attack costing up to $592M.

Hackers used fake IT help desk calls—suspected Scattered Spider behind it.

Details here → https://thehackernews.com/2025/06/scattered-spider-behind-cyberattacks-on.html

🚨 Cloudflare just stopped the largest DDoS attack ever — 7.3 Tbps in 45 seconds.

It wasn’t the only threat this week. From Chrome 0-days to deepfake Zoom malware and MFA bypasses, attackers are evolving fast.

Full recap → https://thehackernews.com/2025/06/weekly-recap-chrome-0-day-73-tbps-ddos.html

🚨 Hackers are now tricking AI using invisible commands hidden in emails, docs, even calendar invites.

Google’s response? New defenses in Gemini to block these stealth attacks before AI leaks data or follows harmful orders.

Full story → https://thehackernews.com/2025/06/google-adds-multi-layered-defenses-to.html

🚨 A new malware called XDigo is hitting Eastern Europe—via booby-trapped Windows shortcut files.

The twist? The LNK files look harmless… but secretly run hidden commands Windows doesn’t even show.

Here’s how XDSpy pulled it off + who’s targeted ↓ https://thehackernews.com/2025/06/xdigo-malware-exploits-windows-lnk-flaw.html

🚨 After U.S. airstrikes on Iranian nuclear sites, pro-Iran hackers hit back—taking down Trump’s Truth Social.

Now DHS warns more attacks are likely, targeting weak U.S. networks.

Here’s what’s happening → https://thehackernews.com/2025/06/dhs-warns-pro-iranian-hackers-likely-to.html

🚨 SOC burnout isn’t just a staffing issue—it’s a systems failure.

AI is now helping analysts escape alert fatigue, broken workflows & cognitive overload by automating the chaos intelligently—not just faster, but smarter.

Here’s how it’s changing the game ↓ https://thehackernews.com/2025/06/how-ai-enabled-workflow-automation-can.html

🚨 New jailbreak method "Echo Chamber" bypasses AI safety filters—90% success rate on hate, violence, porn prompts.

The twist? It doesn’t brute-force the model.

It coaxes it—slowly and indirectly—into breaking its own rules.

Learn more → https://thehackernews.com/2025/06/echo-chamber-jailbreak-tricks-llms-like.html

🚨 Chinese state-backed hackers breached Canadian telecom gear using a 10.0-rated Cisco flaw.

They tunneled in, stayed hidden, and may have tapped global traffic.

Here’s what’s unfolding—and why it matters ↓ https://thehackernews.com/2025/06/china-linked-salt-typhoon-exploits.html

🚨 Russia-backed hackers used Signal chat to drop malware-laced Word docs on Ukrainian systems.

The twist? One image file secretly loads an in-memory attack chain that evades detection.

Learn what BEARDSHELL & COVENANT really do ↓ https://thehackernews.com/2025/06/apt28-uses-signal-chat-to-deploy.html

🚨 U.S. House just banned WhatsApp for all staff over major security concerns.

Lack of data transparency. No stored encryption. “High-risk,” says the memo.

Meta's furious—but it's official.

Full story → https://thehackernews.com/2025/06/us-house-bans-whatsapp-on-official.html

🚨 Hackers are hijacking misconfigured Docker APIs to run crypto miners—through the Tor network.

They mount the host OS, enable root SSH access, and drop XMRig—all while staying anonymous.

Here’s how it works → https://thehackernews.com/2025/06/hackers-exploit-misconfigured-docker.html

Even the best vulnerability management programs are missing devices—and most tools make it difficult to find out which ones.

Join Pete Constantine, CPO at Prelude, for a live session on how to uncover how 10–20% of endpoints often fall outside scan coverage.

In this session, you’ll learn:
✅ Where blind spots in scan visibility typically hide
✅ How to close gaps using aggregate inventory
✅ How to automate this discovery process in Prelude

Save your seat: https://thn.news/vuln-gaps

🚨 Attackers are hijacking Microsoft Exchange login pages to steal passwords in plain text.

No malware download. No outbound traffic. Just invisible JavaScript keyloggers hiding in plain sight.

65 victims across 26 countries—and counting.

Details → https://thehackernews.com/2025/06/hackers-target-65-microsoft-exchange.html

⚡ You patch CVEs. Hackers exploit what’s exposed—over-permissioned accounts, forgotten assets, weak logins.

Top CISOs explain why CTEM > vuln management—and how to make it work in the real world.

Here’s how they’re doing it → https://thehackernews.com/2025/06/between-buzz-and-reality-ctem.html

💥 Researchers just shut down a cryptominer making $26K/year, dropping its hashrate from 3.3M to zero in seconds using XMRogue and bad shares!

This method forced the attacker to lose 76% of revenue and disrupt their operation.

Details here → https://thehackernews.com/2025/06/researchers-find-way-to-shut-down.html

🚨 New U.S. visa rule: F, M, and J applicants must set social media privacy settings to public—or risk rejection.

Embassy says full visibility is needed to verify identities and screen for security risks.

Here’s what’s changing and why it matters → https://thehackernews.com/2025/06/new-us-visa-rule-requires-applicants-to.html

🚨 Windows 10 isn’t dead yet.

Microsoft is offering 1 more year of critical security updates—if you:
• Sync to the cloud
• Redeem points
• Or pay $30

But there's a catch: You must sign in with a Microsoft account.

Here’s what’s changing → https://thehackernews.com/2025/06/microsoft-extends-windows-10-security.html

🚨 35 malicious npm packages linked to North Korea's “Contagious Interview” op exposed.

Hackers posed as recruiters, tricking devs into running spyware-laced job assignments. Some malware still live on npm.

The goal? Crypto theft & full device takeover.

Read now → https://thehackernews.com/2025/06/north-korea-linked-supply-chain-attack.html

🚨 Hackers are abusing trusted tools to fly under the radar.

Fake SonicWall VPN apps are stealing credentials, while ConnectWise installers signed with valid certificates are dropping malware masked as AI tools or Windows updates.

How both attacks work → https://thehackernews.com/2025/06/sonicwall-netextender-trojan-and.html