Top 5 Cybersecurity News Stories June 27, 2025

By Editorial Team | June 27, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Hackers Open Dam Valves in Norway

A cyberattack on a Norwegian water utility resulted in unauthorized access to industrial control systems, allowing hackers to manipulate dam valves. The breach disrupted water flow, though authorities managed to mitigate major damage. Investigations suggest the attackers exploited poor segmentation between IT and OT networks, highlighting persistent vulnerabilities in critical infrastructure.

The incident has spurred governmental calls for enhanced cybersecurity controls, including increased logging, network isolation, and real-time threat detection. It underscores the growing threat of nation-state or criminal actors targeting essential utilities for political or financial gain.

2. OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Security researchers have identified a new malware strain named “OneClik” actively targeting energy sector firms. The malware uses deceptive Microsoft Word documents embedded with macros to deploy remote access trojans (RATs). Once inside, it enables lateral movement, credential theft, and data exfiltration.

OneClik exploits social engineering and zero-day vulnerabilities, aligning with advanced persistent threat (APT) tactics. Notably, affected organizations span North America, Europe, and the Middle East. Experts recommend disabling macros, segmenting networks, and monitoring outbound traffic to counter such threats. The campaign signals a continued escalation of cyber threats against critical energy infrastructure.

3. Cisco warns of max severity RCE flaws in Identity Services Engine

Cisco has issued an urgent advisory addressing multiple high-severity remote code execution (RCE) vulnerabilities in its Identity Services Engine (ISE). These flaws—rated with CVSS scores up to 10.0—could allow unauthenticated attackers to execute arbitrary code or commands on vulnerable systems.

Exploitation risks include full system compromise and lateral movement within enterprise networks. Cisco has released patches and strongly urges customers to update ISE deployments immediately. The vulnerabilities stem from improper validation of user input in specific web-based management interfaces, emphasizing the criticality of secure software design and timely patch management in identity-centric platforms.

4. Hawaiian Airlines hit by cyber attack

Hawaiian Airlines disclosed a cyberattack that affected its internal systems and disrupted flight operations and customer services. The breach has triggered an investigation in collaboration with cybersecurity experts and law enforcement. Although the airline has not confirmed data theft, initial indicators suggest unauthorized access to operational IT infrastructure.

The company is working to restore systems and minimize passenger impact. This incident adds to a growing list of aviation-related cyber threats, reinforcing the need for comprehensive cybersecurity protocols in transportation, including incident response readiness and third-party risk management.

5. Retail giant Ahold Delhaize says data breach affects 2.2 million people

Retail conglomerate Ahold Delhaize revealed a large-scale data breach impacting approximately 22 million individuals across its European operations. The breach involved unauthorized access to customer and employee data, including names, contact information, and encrypted credentials. The company attributes the intrusion to a third-party supplier compromise, reinforcing the systemic risk associated with supply chain vulnerabilities.

Regulatory bodies have been notified, and forensic analysis is underway. Ahold Delhaize is offering identity protection services to affected parties and enhancing vendor oversight. This event exemplifies the ongoing threat posed by third-party risk to consumer-facing enterprises.