Top 5 Cybersecurity News Stories June 20, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. 1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

A new cybersecurity report has revealed that over 1,500 Minecraft players were infected through malicious Java-based mods hosted on popular platforms such as CurseForge and Bukkit. Threat actors used obfuscated code within fake performance-enhancing mods to deploy the “DaaS” malware, enabling remote access, keylogging, and information theft.

The campaign demonstrates an alarming trend in targeting niche gaming communities through trusted modding ecosystems. The attackers also employed Discord for command-and-control functions and data exfiltration. Users are advised to validate the authenticity of mods and scan for threats before installation.

Read more on The Hacker News.

2. Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Google has issued a warning about the persistent threat posed by the Scattered Spider hacking group, known for targeting large enterprises with sophisticated social engineering and phishing tactics. The group, suspected to have ties with the ALPHV/BlackCat ransomware syndicate, employs SIM swapping, MFA bypass techniques, and Active Directory manipulation to gain elevated access.

Their evolving methods and use of living-off-the-land binaries highlight the need for enhanced identity protection and incident response measures. Google urges organizations to strengthen their security postures, particularly around employee authentication and access controls.

Read more on The Hacker News.

3. North Korean hackers deepfake execs in Zoom call to spread Mac malware

North Korean hackers from the BlueNoroff group have employed deepfake technology during Zoom calls to impersonate executives and distribute macOS malware. The attackers tricked victims into installing a fake “patch” which deployed a custom backdoor designed for persistence and remote access.

This campaign marks a dangerous evolution in cyber-espionage tactics, combining deepfakes with advanced social engineering. The malware targets developers and finance employees, aligning with BlueNoroff’s previous financially motivated operations. Security experts urge organizations to verify all remote meeting participants and exercise extreme caution with unsolicited software downloads.

Read more on BleepingComputer.

4. Scania confirms insurance claim data breach in extortion attempt

Scania, the Swedish commercial vehicle manufacturer, has confirmed a data breach involving its Financial Services insurance portal, following an extortion attempt. Threat actors used stolen credentials—likely from infostealer malware—to access and exfiltrate sensitive insurance claim documents managed by an external IT provider.

The attackers later leaked samples on underground forums and contacted employees directly to apply pressure. Scania has since disabled the affected system, launched an internal investigation, and informed data protection authorities. This incident underscores the growing threat of third-party compromise and the importance of credential hygiene and supply chain security.

Read more on BleepingComputer.

5. UBS and Pictet report data leak after cyber attack on provider, client data unaffected

UBS has confirmed a data leak resulting from a cyberattack on its external service provider, Chain IQ. The breach exposed personal information of UBS employees, including names, email addresses, and phone numbers, but no client data was compromised. Threat actors posted the stolen data on darknet forums, affecting tens of thousands of staff members.

UBS responded by securing affected systems, launching an internal investigation, and notifying regulatory authorities. This incident highlights the growing cybersecurity risks associated with third-party service providers and reinforces the need for rigorous vendor risk management practices.

Read more on Reuters.

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!