Hear from top cybersecurity leaders at Pentera, AWS, Armis, Recorded Future, and SecurityScorecard. Featured keynotes include Jen Easterly, Former Director of the Cybersecurity and Infrastructure Security Agency, and Erik Nost, Senior Analyst at Forrester. Don’t miss this chance to learn how to reduce cyber risk exposure. Register now and earn up to 3.5 CPE credits!
Digital forensics is shifting from reactive to strategic. Join CyberWire Daily host Dave Bittner this Wednesday, June 11 at 1:00pm ET for a live discussion with experts from Magnet Forensics on key insights from the State of Enterprise DFIR Report. Learn how top teams are evolving their tools, workflows, and talent to reduce risk and respond faster to complex incidents. Register now to join live or access it on-demand.
The UK's National Health Service (NHS) issued a call yesterday for one million blood donors to make up for shortages caused by a July 2024 ransomware attack against pathology service provider Synnovis, the Record reports. The NHS says there is an urgent need for O-negative donors, and for donors of Black heritage who have the Ro blood subtype.
The NHS stated, "In July 2024, NHSBT issued an Amber alert due to a severe shortage of O negative blood triggered by the cyber-attack on London hospitals. Blood stocks have remained low and following several bank holidays in quick succession, there is now a pressing need to avoid a Red Alert which would mean demand far exceeds capacity, threatening public safety. This can be avoided if more donors come forward to fill the available appointment slots – particularly in the town and city centre donor centres."
The Qilin ransomware attack against Synnovis last July disrupted pathology services across London, preventing hospitals from performing blood matching tests and forcing them to rely on universal O-negative blood for transfusions.
ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
Researchers at UpGuard discovered an exposed Chroma database belonging to Russian AI chatbot company My Jedai. Notably, the database contained "thousands of responses to a survey of 571 participants in the Canva Creators program, including their email address, country of residence, rating for different components of the Creators program, and descriptions of their specific experiences and challenges with the program." The database has since been secured.
Chroma is a document embedding database used to provide AI chatbots with tailored information that may not be in the chatbot's general knowledge base, such as a business's hours of operation. In this case, the exposure was caused by a misconfiguration rather than a vulnerability in Chroma. Upguard notes, "While Chroma is a database specifically designed to support AI applications, the practices for securing it are common to all databases."
Nearly 85,000 instances of the Roundcube webmail software are still vulnerable to a critical post-authentication remote code execution flaw that was disclosed on June 1st, BleepingComputer reports. The vulnerability (CVE-2025-49113) was assigned a CVSS score of 9.9, and "allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization."
According to the Shadowserver Foundation, most of the vulnerable instances are located in the US, India, Germany, France, Canada, and the UK. Threat actors are selling a working exploit on underground forums, and users are urged to update to version 1.6.11 and 1.5.10 or apply mitigations as soon as possible.
Today's issue includes events affecting Canada, France, Germany, India, the United Kingdom, and the United States.
Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets (SentinelOne) This report uncovers a set of related threat clusters linked to PurpleHaze and ShadowPad operators targeting organizations, including cybersecurity vendors.
Canva Creators’ Data Exposed Via AI Chatbot Company Database (Cyber Security News) A significant data breach involving personal information from hundreds of Canva Creators program participants, exposed through an unsecured AI chatbot database operated by a Russian company.
Librarian Ghouls carry out attacks with data theft and crypto miner deployment (Securelist) According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.
Sensitive Information Stolen in Sensata Ransomware Attack (SecurityWeek) Sensata Technologies has shared an update on the recent cyberattack and revealed that the hackers managed to steal sensitive information from its systems.
Brett Leatherman to follow Bryan Vorndran as head of FBI Cyber Division (The Record) A longtime FBI official with deep cybersecurity experience is the new leader for the bureau's Cyber Division.
For a complete running list of events, please visit the Event Tracker.
2025 Space Regulatory Bootcamp (Albuquerque and Virtual, New Mexico, USA, Jun 10 - 11, 2025) ACSP's Bootcamps educate new and established space professionals on must-know fundamentals and arm them for success. The 2025 Space Regulatory Bootcamp, hosted in Albuquerque, New Mexico, is a two day comprehensive industry deep dive with advanced training and meaningful networking. Learn directly from leading subject matter experts on topics including space law, export controls, space telecommunications, government contracting, and more.
AWS re:Inforce 2025 (Philadelphia, Pennsylvania, USA, Jun 16 - 18, 2025) AWS re:Inforce is our annual, immersive, cloud-security learning event delivering hands-on training and collaboration with AWS experts. It’s your opportunity to learn about the latest AWS security innovations, get direct access to the AWS teams and partners who build the security tools you rely on, and connect with cloud security peers from around the world. You’ll leave with actionable next steps to raise your security posture.
