))
Massive Spyware Scandal, Discord Malware, and Apple Zero-Click Hack | Cybersecurity News June 2025
Manage episode 488792989 series 3648829
Content provided by Alex Cipher. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Alex Cipher or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
This week’s episode of Cypher Tech Hacks unpacks one of the most intense cybersecurity news cycles of 2025. From spyware scandals rocking European governments to massive web injection campaigns and zero-click iPhone exploits, host Alex Cipher breaks down the most critical hacking incidents and threats from the past 7 days. Whether you’re a cybersecurity enthusiast, an ethical hacker, or just a digital citizen trying to stay informed—this episode is a must-listen.
🔐 TOP STORIES COVERED:
1️⃣ Paragon Graphite Spyware Scandal – Israeli spyware used to infect European journalists’ phones, including those of Italian reporters. Italy has now canceled its Paragon contract amid a looming EU Parliament debate.
2️⃣ Discord Malware Hijacking – Hackers are exploiting Discord vanity URLs to lure users into malware-ridden servers. Threats include AsyncRAT and Skuld Stealer, targeting browser credentials and crypto wallets.
3️⃣ JSFireTruck Malware Injected into 269,000+ Websites – Unit 42 (Palo Alto Networks) exposed a widespread attack campaign embedding heavily obfuscated JavaScript malware on thousands of legitimate sites.
4️⃣ SimpleHelp RMM Exploited by Ransomware Gangs – Critical unpatched flaws in the SimpleHelp tool are being used in real-world ransomware attacks, particularly by the group DragonForce. CISA has issued a formal warning.
5️⃣ Apple Zero-Click Vulnerability (CVE‑2025‑43200) – Attackers used iMessage to deliver malicious payloads requiring zero user interaction. Apple released iOS 18.3.1 with an urgent security fix.
6️⃣ SmartAttack: Stealing Data via Smartwatches – Researchers demonstrated that even air-gapped systems aren’t safe anymore, using ultrasonic signals and wearable tech to extract data covertly.
7️⃣ Interpol’s Operation Secure – A global crackdown on infostealer infrastructure led to 32 arrests and the takedown of nearly 20,000 malicious domains across Asia-Pacific.
8️⃣ Microsoft’s Patch Tuesday – 66 vulnerabilities patched this week, including active zero-days affecting Windows and Office.
🚨 Why This Matters:
The lines between physical and digital security continue to blur. Spyware isn’t just a nation-state tool anymore, Discord servers can host full-scale attacks, and your smartwatch could become a backdoor. Understanding these threats is no longer optional—it’s essential.
🎧 Listen to this full breakdown to stay ahead of the curve on digital threats, attack trends, and what the cybersecurity community is doing to fight back.
💬 Comment your thoughts or any stories we missed.
👍 Like and Subscribe for weekly cyber threat updates.
18 episodes
Share
