This week’s cyber headlines reveal a multifaceted onslaught: ransomware that wipes backups before you can recover, AI tooling and Linux distros under active exploit, and social-engineering campaigns ranging from deepfake Zoom scams to MFA bypass ruses. Malware hides in images and sandboxed apps, while defenses scramble to shore up industrial controls and repel a 7.3 Tbps DDoS wave.

Even “new” credential leaks turn out to be dust from old breaches. Stay sharp and dive into the links below for the full stories!

Ransomware & Backup Threats

• 💀 New Anubis ransomware encrypts and permanently wipes files—recovery impossible even after payment. (Published on 6/16/2025, The Hacker News). Read More

• 🔄 Ransomware gangs now target backup infrastructures first to cripple recovery options. (Published on 6/17/2025, The Hacker News). Read More

• 💾 Chain IQ and UBS data stolen in a ransomware attack claiming millions of files exfiltrated. (Published on 6/19/2025, SecurityWeek). Read More

Vulnerability Exploits

• 🐛 Critical Langflow flaw exploited to unleash the Flodrix botnet for system compromise and DDoS. (Published on 6/17/2025, Dark Reading). Read More

• 🐧 Two local privilege escalation bugs in Linux udisks let attackers gain root on major distros. (Published on 6/18/2025, BleepingComputer). Read More

• 🐍 Over 200 trojanized GitHub repositories found distributing malicious Python payloads to gamers and developers. (Published on 6/20/2025, The Hacker News). Read More

Social Engineering & Targeted Attacks

• 🚨 U.S. insurance companies breached using all Scattered Spider tactics, now shifting focus to insurers. (Published on 6/16/2025, BleepingComputer). Read More

• 🎭 Russian hackers pose as U.S. State Department staff to trick victims into surrendering Google app-specific passwords, bypassing Gmail MFA. (Published on 6/18/2025, SecurityWeek). Read More

• 🤖 BlueNoroff uses deepfake Zoom calls of executives to infect a crypto employee’s Mac with a backdoor. (Published on 6/19/2025, The Hacker News). Read More

• 🏥 Aflac duped by social-engineering attack in continued insurer targeting spree by Scattered Spider. (Published on 6/20/2025, CyberScoop). Read More

Malware & Steganography

• 🖼️ Steganography: a JPEG discovered hiding a malicious payload over the weekend. (Published on 6/16/2025, SANS Internet Storm Center). Read More

• 📱 GodFather Android malware runs legitimate apps in a sandbox to stealthily steal banking and crypto data. (Published on 6/18/2025, Hackread). Read More

Infrastructure & DDoS Defense

• ⚙️ CISA releases five Industrial Control Systems advisories covering Siemens Mendix, LS Electric GMWin, Fuji Smart Editor, Dover ProGauge, and an update for Siemens SENTRON Powercenter. (Published on 6/17/2025, CISA Alerts). Read More

• 🌐 Cloudflare mitigates a record-breaking 7.3 Tbps DDoS attack against a hosting provider. (Published on 6/20/2025, BleepingComputer). Read More

Data Leak Clarifications

• 🗂️ The “16 billion credentials” leak is not a new breach but an aggregation of previously exposed data. (Published on 6/19/2025, BleepingComputer). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!