Cybersecurity Weekly Roundup (July 5 – 12, 2025)
One of the biggest password leaks in the world happened this week, with headlines featuring the threat landscape evolving by the second with youth-led ransomware gangs. With the rise of AI-based phishing attacks, Ransomware-as-a-Service (RaaS), and deepfake scams, staying informed has ceased to be optional-it has become the need of the hour.
Our weekly cyber review brings you all the latest trends, breaches, scams, and updates, helping you keep a step ahead.
Ethically hacking, protecting IT, or being a student, this is all for awareness and keener preparedness in this battle call.
Major UK Arrests – M&S, Co‑op, Harrods
In April, Marks & Spencer’s online clothing services were held hostage for nearly 46 days by the decryptor ransomware attack-turned-extortion, with the damages estimated in the range of £300 million.
Co‑op and Harrods faced very similar attacks, but Co‑op managed to avert encryption by immediately shutting down the systems that had been exposed, and Harrods had some kind of network limitation that contained the damage.
The breach was said to have started with social engineering, including phishing links and exploited RDP accesses via a third-party vendor, highlighting that even the smallest IT lapses may present a major threat.
The National Crime Agency later arrested four suspects (aged 17–20), seizing devices and charging them under the Computer Misuse Act, blackmail, money laundering, and organized-crime laws.
This incident underscores how critical retailers must fortify IT defenses and incident response to protect trust and supply chains.
Source: Reuters
Scattered Spider – Qantas Attack
Scattered Spider was reported to have SIM-swapped a call-centre worker and broke help-desk procedures by pretending to be employees resetting MFA.
That tactic enabled access to Qantas’ third-party systems via an AI-driven vishing attack.
The group, which was behind the Westfield breach impacting MGM, Caesars, and Okta, utilized AI voice cloning to replicate what sounded to be real voices to talk call-centre workers into granting access.
Along with help-desk bypassing of Qantas’ systems, this breach also compromised personally identifiable information for about 6 million customers, including names, email addresses, phone numbers, dates of birth, and customer loyalty program details payment information was not included.
Security experts globally now recommend organizations should stop SMS-based 2FA, thus allowing both social-engineering attacks and SIM swapping attacks to defeat that MFA as simply described.
More robust could involve the application-based authentications, along with biometrics to support MFA stages of verification.
Source: The Guardian
16 Billion Credentials Dumped
Cybersecurity researchers found an incredible collection of nearly 16 billion login credentials from about 30 datasets obtained through info stealer malware and poorly formed cloud storage.
Leaked platforms included Google, Apple, Facebook, Telegram, GitHub, VPNs, government sites, as well as session cookies and tokens. Attackers generally conduct automatic mass credential stuffing attacks, as well as test any stolen credentials against hundreds of services.
If you want to be safe, experts suggest using password managers to generate strong, unique passwords, disabling SMS verification in favor of preferably passkeys or app-based authentication, and using dark-web monitoring services for alerts, if your data has been compromised.
Source: Cyber News
AI-Driven Deepfake Voice Phishing
AI voice deepfakes are changing vishing attacks. In 2019, a UK energy firm lost €220,000 when an energy company piped in the German CEO’s voice through an AI voice cloning technology.
More recently, the U.S. government, including Secretary of State Marco Rubio, have been victims of AI generated voice scams doing their encryption through Signal and other apps. The cost of vishing attacks are significant.
In one case, a bank manager was tricked into transferring $35 million based on a deepfake voice call. Organizations can help mitigate these types of attacks with training solutions like KnowBe4 for current employees and Respeecher’s detection technology to know the voice was synthetic, as well as use multifactor authentication (MFA) and to verify requests via authentication channels.
Source: The Washington Post
Pig Butchering Crypto Scams
Pig butchering scams have emerged as complex forms of investment fraud where scammers develop an emotional bond with victims before they introduce them to their fake cryptocurrency platforms. Scammers operate in stages:
Building emotional connections: The scammers reach out by social media or dating apps. Trust is built when the scammers share personal stories and experiences or when they have similar interests.
Introducing false ROI: The scammers suggest their victims log onto a fake investment trading platform which shows high returns and that they should make larger investments in the future.
Time pressure: The scammers induce urgency by threatening victims that they will miss out on an opportunity if they do not invest their money immediately.
Source: Central Bank
Concerning case examples globally:
India: A man living in Mangaluru lost ₹4.5 lakh after he joined a fake cryptocurrency trading group via Telegram, and WhatsApp. The Times of India.
Source: The Times of India
United States: An American veteran was scammed of $120,000 by a fake crypto advisor on LinkedIn.
Singapore: A senior software engineer lost over $350,000 after interacting with a stranger that sent him a unexpected wrong number message where a relationship developed.
Source: Cyber Tech Journals
What can you do to protect yourself?
Reverse Image Lookup: Search Google Images to verify profile pictures are legitimate and not identified as a common search result.
Report: Report it to your local CERTs, and consider filing a report to Interpol.
Do not engage with unsolicited messages regarding investments: Be wary of unsolicited messages and offers that promise high returns.
Job Scams & KYC Phishing
Employment scams are becoming more sophisticated and may reach the advanced level of faux recruitment methods, where a scammer is a fake recruiter offering a remote job that requires a deposit or pre-payment or personal information.
These scams may even escalate to KYC (Know Your Customer) phishing, when the scammer either states (or details) that they need to submit documents with personal information like ID or selfies “for verification that you are employed”.
The scammers typically use this info for identity theft or crypto wallet credentials. Additionally, a lot of recruitment bots don’t have as much protection around them, and so scammers are able to exploit that.
Things You Can Do:
Verify Job Portals: Use verified, reputable platforms, and check the job posting on the company’s official website to cross-check.
Scrutinize Sensitive Requests: be suspicious of any unsolicited requests for documents or fundraising.
Report the Incident: Notify the relevant authorities and reported through the relevant platforms.
Self-Calibration: Remain cognizant of frequently used strategies for scams and recognize red flags.
Being an informed, wilful job seeker may result in more protection against the scammers’ behaviours.
Source: APNews
Gurgaon Cyber Crime Surge
During 2021 ‐ 2024, the number of cybercrimes reported in Gurgaon increased substantially from 79 to 1,358 including arrests for cybercrimes/sprawling up from zero to just over 1,064 though arrests did not keep up with the number of incidents.
The number of cybercrimes largely, comprised various bursting entrepreneurship and investment scams, digital arrest call-center fraud, job phishing, vishing, parcel scams and bogus marketplaces, which may involve highly organized criminal activity using encrypted networks and crypto-wallets.
Officials deployed a ‘Cyber Marshal Group’ formed by RWA and village heads, and enhanced the local IT cell. police commissioner Vikas Arora publicly stated that “awareness is the first line of defence”.
The increase of cybercrimes are a function of India’s rapidly evolving digital economy and highlight the need for additional state CERT initiatives, digital literacy programs, and scalable cyber-policing capabilities.
Source: Times of India
Stats of the Week
Ransomware growth: There was a 46% increase in incidents, and 2,472 incidents in Q1 2025 just focusing on OT and manufacturing incidents. In 2024 there were 6,130 incidents total.
This suggests OT and manufacturing are becoming more vulnerable. The average ransom paid is somewhere between $1 million – $1.85 million. The average recovery cost for organizations is around $1.5 million in terms of recovery.
Most affected sectors: Ransomware attacks in healthcare increased by 45%, education increased by 30%, financial services increased by 25%, manufacturing had about a 59% increase, as well as energy and the public sector.
QR code phishing (quishing): About 2% of scanned QR codes contain malware, with a surge in attacks of over 50% in 2023. Executives faced 42× more phishing attempts than staff. 26% of email phishing campaigns used QR codes with reports of Parking scammers have doubled.
Zero-day patching delay: 32% of cyberattacks exploit unpatched vulnerabilities. Attackers exploit vulnerabilities before patches can be applied.
Tips:
- Focus on patching CRITICAL systems, especially OT and mission-critical infrastructure.
- Turn off auto QR scanning and manually check URL’s before visiting.
- Train staff in QR-phishing awareness-spotting fake parking codes.
Conclusion
Anyways, this week’s events revolve around major risks: 16 billion credentials leaked into the wild, the ever-growing alienation of deep fake scams from AI, and continued retail threats of ransomware.
These challenges account for the importance of vigilance: regularly updating systems, applying patches for zero days well, and keeping users trained to spot social-engineering attacks. Application of layered defense tools such as password managers, phishing-resistant MFA, and threat intelligence can go a long way in reducing risks.
Want to learn how to defend against these threats? Check out our Cyber Security and Ethical Hacking Course in India for hands-on training and cyber security + ethical hacking dual certification.
Also read:
What is Ethical Hacking? Benefits, Career Opportunities & Trends in 2025
Here are some key Trending Cybersecurity News from the past week:
Cyber Security Course in Mumbai | Cyber Security Course in Bengaluru | Cyber Security Course in Hyderabad | Cyber Security Course in Delhi | Cyber Security Course in Pune | Cyber Security Course in Kolkata | Cyber Security Course in Thane | Cyber Security Course in Chennai
