top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #153 - June 9, 2025

Updated: Jun 12

Supply Chain Attacks Really Are Surging

Source: Data Breach Today

Hackers are doubling down on software supply chain attacks. In the first five months of this year, Cyble said roughly two thirds of the 79 software supply chain attacks it documented directly targeted IT, technology or telecommunications firms. They are "rich potential targets for threat actors hoping to exploit downstream users."




Whole Foods Distributor United Natural Foods Hit by Cyberattack

Source: Security Week

United Natural Foods, Inc. (NYSE: UNFI), the main distributor for Amazon’s Whole Foods, has been targeted in a cyberattack that has caused some disruptions to business operations. United Natural Foods has taken some systems offline after detecting unauthorized activity on its IT systems, causing disruptions to operations.




SentinelOne Sees No Breach After Hardware Supplier Hacked

Source: Data Breach Today

Cybersecurity firm SentinelOne said suspected Chinese attackers infiltrated a logistics firm that it used to supply hardware to its employees. The intrusion doesn't appear to have resulted in an infiltration of its own, corporate network, the company said.




Google Bug Allowed Brute-Forcing of Any User Phone Number

Source: Dark Reading

The weakness in Google's password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.




Password-spraying attacks target 80,000 Microsoft Entra ID accounts

Source: Bleeping Computer

Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike.


 
 

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page