Issue #158 - July 14, 2025
- Weekly INK
- Jul 14
- 2 min read
Marks & Spencer hackers hit US retailer Belk
Source: Cyber News
Belk, the popular US department store chain, has allegedly been targeted by the DragonForce hacker group. This is the same group that struck UK retailer Marks & Spencer with a cyberattack, costing the company hundreds of millions of dollars. Belk was posted on DarkForce’s dark web blog, which it uses to showcase its latest victims. The attackers claim they’ve obtained over 156 gigabytes of company data, ranging from backups to employee profiles.
Chinese hackers breached National Guard to steal network configurations
Source: Bleeping Computer
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks.
Serious Google Gemini flaw: it obeys hidden prompts in malicious emails
Source: Cyber News
If hackers hide malicious commands in an email, Google Gemini for Workspace will “faithfully obey” them when interacting with the content. Researchers tricked Gemini into alerting users about account compromise and directing them to call scammers. Researchers at 0din, a security firm, warn that attackers can inject prompts in emails and hijack Gemini responses to provide malicious content.
Printer Security Gaps: A Broad, Leafy Avenue to Compromise
Source: Dark Reading
Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — despite more and more cyberattackers targeting printers as a matter of course.
Attackers Now 'Scanning Extensively' for Citrix Bleed 2
Source: Data Breach Today
Attackers have ramped up their collective attempts to find exploitable Citrix NetScaler devices that remain unpatched to fix a flaw first publicly detailed last month. The scanning activity appears to be heavily focused on finding a pre-authentication remote memory disclosure vulnerability in Citrix NetScaler ADC and Gateway appliances, tracked as CVE-2025-5777 and assigned a CVSS score of 9.3, which makes it "critical”.