Subject:
🚨 Top Cyber Incidents of the Week | SharePoint Ransomware, Chrome 0‑Day & More
🧠 Headline Highlights
1. 🔐 Microsoft SharePoint Zero-Day Under Active Exploitation
A critical zero-day (ToolShell vulnerabilities CVE‑2025‑53770, 53771) has led to ransomware deployment across U.S. federal agencies and private firms. Threat actors Storm‑2603, Linen Typhoon, and Violet Typhoon are distributing Warlock and LockBit ransomware via SharePoint servers. Microsoft issued emergency patches, but full mitigation requires key rotation, endpoint scanning, and server isolation.Reddit+15IT Pro+15Tom’s Hardware+15
2. 🌐 Qantas Data Breach Hits 6 Million Customers
Qantas disclosed a breach via an offshore call-center platform, compromising personal data of 6M customers (names, birthdates, loyalty numbers). Stolen data excluded payment or credential information. Attack attributed to Scattered Spider’s SIM‑swap social engineering.Boston Institute of Analytics+5Acronis+5Boston Institute of Analytics+5
3. 🛠️ Chrome V8 Zero-Day Patched (CVE‑2025‑6554)
An actively exploited type confusion flaw in Chrome’s V8 engine allowed arbitrary memory access via malicious HTML. CISA included it in the KEV catalog—immediate patching across all Chromium browsers is strongly recommended.Acronis
4. 🇨🇸 Romanian Gang Arrested for HMRC Tax Scam (£47M Fraud)
Romanian authorities arrested 13 individuals involved in crafting fake HMRC tax refund claims. The scam targeted 100,000 UK citizens, resulting in £47M in fraudulent payouts.Cyber News Centre+1Cyber News Centre+1
5. 💉 Texas Medical Center Breach Exposes 41,000+ Patient Records
Texas Digestive Specialists suffered a ransomware breach reportedly by InterLock gang, exposing personal and medical data of ~41,500 patients. Impacted individuals have been offered credit monitoring.mysanantonio.com+1en.wikipedia.org+1
🧰 Security Insights
| Threat | What You Should Do |
|---|---|
| SharePoint Vulnerability | Patch immediately, rotate machine keys, use AMSI, isolate servers |
| Browser Exploits | Update Chrome/Edge and monitor memory-access anomalies |
| Call-Center Breaches | Restrict remote MFA reset, enforce app-based/bio MFA |
| Remote Fraud via Phishing | Require ID verification, audit PII controls and refunds |
| Ransomware / Data Theft | Isolate backups, notify authorities, offer identity protection |
Cyberdudebivash 
Leave a comment