Cybersecurity Decrypted #37: June 12, 2025

Joel Witts Laura Iannini
Joel Witts, Laura Iannini Last updated on Jun 12, 2025

👋  Welcome to Cybersecurity Decrypted—your weekly recap of the latest cybersecurity headlines and industry news from Expert Insights. Each week we collect all the latest news so that you can stay ahead in cybersecurity.

Our Partners

Proofpoint Logo

This issue is sponsored by Proofpoint

📰 This weeks’ cyber headlines:

  • Texas DoT breached: 300k records stolen 🔗
  • Trump signs new cybersecurity EO, rolling back Biden and Obama-era regs around Zero Trust, SBOM, and more 🔗
  • CISA and Microsoft have warned of a zero-day vulnerability used in a major attack on a Turkish defense org 🔗
  • US grocery distribution giant hit by ongoing cyberattack; customer orders affected 🔗
  • USA offers $10m reward for info on RedLine malware developers 🔗
  • Play” ransomware gang hit 900 orgs since 2023, says FBI 🔗
  • The DoJ is trying to reclaim $7.74m linked to fake North Korean IT Workers 🔗

Read on for new threats to watch, our industry news breakdown, and a roundup of this week’s top patches and disclosed vulnerabilities.

You can listen to this briefing on the Decrypted Podcast.

📢 Calling All Cyber Experts

Expert Insights is launching a new series of Q&As with CISOs and cybersecurity professionals.

We want your insights on the challenges you are facing, how you keep your organization secure, and your thoughts on the state of the cybersecurity world.

If you’d like to share your insights with our community, register here.

📡 Threat Watch

 What vulnerabilities and attacks are making the news this week?

  • Majority of data breaches still caused by stolen credentials and no MFA: A new report from Rapid7 revealed that 56% of all data breaches in Q1 2025 involved compromised credentials with no MFA in place, making this the leading cause of data breaches. 🔗
  • SentinelOne catches China-linked attack: SentinelOne revealed this week that Chinese Government-backed hackers made two attempts to breach its systems. S1 linked the attackers to 70 further breaches of government and critical infrastructure organizations globally. 🔗
  • Google fixes exploit exposing user phone numbers: Google has patched a series of vulnerabilities that could have been used to reveal the phone numbers of Google users. The exploit involved a complex workflow using a Looker Studio document to reveal the display name of victims. Google awarded the researcher $5,000 for catching the exploit. 🔗

🤝 From Our Partners

Industry Leading Email Security From Proofpoint

proofpoint+banner

Proofpoint gives you protection and visibility for your greatest asset and security risk, your people. We deliver the most effective tools available to protect against the threats that target people, to protect the information they create and access, and to protect the users themselves.

Our cybersecurity and compliance solutions span email, social media, the web, networks, and cloud platforms, including Microsoft Office 365. We also have strategic technology integrations with the industry’s best security providers. This helps you better protect your people, data and brand.

Download the data sheet to learn more.

🚨 Industry News

Digging into the major industry news this week…

  • Cyera raises $540m USD: Data security company Cyera has announced a major $540m USD funding round, bringing its total raised to over $1.3 billion and its total valuation to $6bn USD. 🔗
  • Cellebrite to acquire Corellium for $200m USD: Isreal-based digital forensics company Cellebrite will acquire Corellium, a US-based virtualization provider. The companies are no strangers to controversy. Cellebrite made the news for the exploitation of software vulnerabilities as part of spyware campaigns, while Corellium was involved in a legal dispute with Apple for replicating it’s iOS operating system. 🔗
  • OneSpan acquires Nok Nok Labs: Identity and access management provider OneSpan has acquired Nok Nok Labs, a provider of FIDO passwordless authentication solutions and one of the leading original developers of the FIDO authentication standard. Terms were not disclosed. 🔗
  • Horizon.ai raises $100m: Horizon3.ai has announced a Series D funding round bringing their total raised to over $218 million. Horizon3.ai offers a fully autonomous security system operating in live production environments to catch and prevent attacks. 🔗
  • Swimlane raises $45m; total raised now $215m: Popular Security Orchestration, Automation and Response (SOAR) provider Swimlane has announced a $45m USD funding round. The company is on track to become profitable in Q3 2025. 🔗
  • Guardz raises $56m: Guardz, an Isreal-based cybersecurity startup has announced a $56m USD funding round, bringing their total raised to $85m. Guardz provides a unified platform designed specifically for MSPs. 🔗
  • MIND Raises $30m: Data Loss Prevention (DLP) vendor MIND has announced a $30M USD funding round, bringing its total raised to $41m just 7 months after emerging from stealth. MIND is investing in automating DLP processes with AI. 🔗

🗞️ In Other News…

  • Microsoft Outlook to block file types often used for phishing attacks 🔗
  • Over 70 companies targeted by China-linked espionage campaign 🔗
  • Hacker discovers minor Nintendo Switch 2 exploit just one day after launch 🔗
  • Adobe patches 254 vulnerabilities 🔗
  • “More Eggs” malware is being delivered via fake resumes hosted on AWS 🔗
  • Microsoft’s Patch Tuesday for June pushes 66 security updates 🔗
  • Microsoft launches a new European Security Program, providing threat intelligence to European governments 🔗
  • Researchers find 5 zero-day vulnerabilities and 15 misconfigurations in Salesforce Industry Cloud 🔗
  • Interpol takes down 20,000+ malicious IPs 🔗
  • WhatsApp joins Apple in a legal case against the UK Government’s request for a “back door” to end-to-end encrypted services 🔗
  • 84,000+ Roundcube webmail installations are vulnerable to a critical remote code execution with a public exploit 🔗

🔍 Expert Insights Podcast

This week on the Expert Insights Podcast:

  • Game Changers: Abnormal Security’s Field CISO Mike Leach talks through the company’s rapid growth and “abnormal approach to email security. Listen now.
  • The road to quantum security: Nils Gerhardt, CTO at Utimaco, explores the looming threat of Q-Day, when quantum computers may undermine current cryptographic systems. Listen here.
  • Passwordless isn’t the future; it’s the present: Andrew Shikiar, Executive Director and CEO of the FIDO Alliance, discusses why 87% of organizations in the US and UK are already deploying or planning to deploy Passkeys—and why those that aren’t, should be. Listen here.

That’s all for this week! 👋

How did you find this newsletter? Please click below to let us know your thoughts to help us improve.

Thanks for your support.

Expert Insights’ Cybersecurity Resources