Incident: Microsoft confirms exploited zero-day vulnerability in WebDAV service Event Date: April 2025 Report Date: June 10, 2025, at 1 p.m. ET Summary: Microsoft disclosed an actively exploited remote code execution vulnerability (CVE-2025-33053) in WebDAV used by the APT group Stealth Falcon to attack a Turkish defence organization. Source: www.helpnetsecurity.com/2025/06/1…
Incident: Microsoft releases June 2025 Patch Tuesday addressing two zero-days Event Date: June 10, 2025 Report Date: June 10, 2025, at 1 p.m. ET Summary: Microsoft released security patches for 66 vulnerabilities, including an actively exploited WebDAV flaw and a publicly disclosed Windows SMB client remote code execution flaw (CVE-2025-33073). Source: www.crowdstrike.com/en-us/blo…
Incident: Ivanti discloses multiple high-severity vulnerabilities in Workspace Control Event Date: June 10, 2025 Report Date: June 10, 2025, at 11 a.m. ET Summary: Ivanti released security updates for three high-severity privilege escalation vulnerabilities (CVE-2025-5353, CVE-2025-22463, CVE-2025-22455) in its Workspace Control product due to hardcoded cryptographic keys. Source: www.cyber.gc.ca/en/alerts…
Incident: Advanced persistent threat group Rare Werewolf targets Russian enterprises Event Date: October 2024 to June 2025 Report Date: June 10, 2025, at 9:45 a.m. ET Summary: The advanced persistent threat group Rare Werewolf attacked hundreds of Russian industrial organizations to install cryptocurrency miners and establish remote access using legitimate third-party software tools. Source: thehackernews.com/2025/06/r…
Incident: Sensata Technologies discloses ransomware attack and data breach Event Date: May 25, 2025 Report Date: June 10, 2025, at 8:30 a.m. ET Summary: Industrial technology firm Sensata Technologies confirmed a ransomware attack resulted in a data breach exposing Social Security numbers, financial account details, and passport information for employees. Source: www.securityweek.com/sensitive…
Incident: Alabama dermatology practice discloses breach affecting 86,000 patients Event Date: March 5 to March 11, 2025 Report Date: June 9, 2025, at 4 p.m. ET Summary: Dermatologists of Birmingham began notifying 86,414 patients of a data breach involving medical and health insurance information, with the Qilin ransomware group claiming responsibility for the attack. Source: www.hipaajournal.com/data-brea…