Cybersecurity Weekly Roundup: Key Threats and Developments (June 23-29, 2025)

TL;DR

This week’s cybersecurity roundup highlights significant threats and developments, including Gmail’s multi-factor authentication bypass, exposed private camera feeds, increased sextortion demands, data broker non-compliance, facial recognition opt-outs, ineffective Do Not Call Registry, AI-assisted cybercrime, and phishing attempts via fake DocuSign emails. Stay informed and protected with these critical updates.

Introduction

In the ever-evolving landscape of cybersecurity, staying informed about the latest threats and developments is crucial. This weekly roundup from Malwarebytes Labs highlights significant incidents and trends from June 23 to June 29, 2025, ensuring you are aware of the current risks and how to mitigate them.

Key Cybersecurity Incidents

Gmail’s Multi-Factor Authentication Bypassed

Hackers have found a way to bypass Gmail’s multi-factor authentication, leading to targeted attacks. This development underscores the need for enhanced security measures to protect email accounts.

• Read more: Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks

Private Camera Feeds Exposed Online

Thousands of private camera feeds have been discovered online, raising concerns about privacy and security. Ensure your camera feeds are secure and not accessible to unauthorized users.

• Read more: Thousands of private camera feeds found online. Make sure yours isn’t one of them

Increased Sextortion Email Demands

Sextortion email scammers have increased their financial demands, targeting individuals with threatening messages. Stay vigilant and report any suspicious emails to authorities.

• Read more: Sextortion email scammers increase their “Hello pervert” money demands

Data Brokers Fail to Register

Many data brokers are failing to register with state consumer protection agencies, raising concerns about data privacy and compliance.

• Read more: Many data brokers are failing to register with state consumer protection agencies

Opting Out of Facial Recognition

Learn where and how you can opt out of facial recognition technologies to protect your privacy.

• Read more: Facial recognition: Where and how you can opt out

Ineffective Do Not Call Registry

The Do Not Call Registry has been found to be ineffective in preventing unwanted calls. Explore alternative methods to protect your phone number.

• Read more: Why the Do Not Call Registry doesn’t work

AI-Assisted Cybercrime

Jailbroken AIs are being used by cybercriminals to enhance their skills and tactics, posing new challenges for cybersecurity professionals.

• Read more: Jailbroken AIs are helping cybercriminals to hone their craft

Fake DocuSign Email Phishing Attempt

A fake DocuSign email has been identified as a phishing attempt, highlighting the importance of verifying the authenticity of emails before taking any action.

• Read more: Fake DocuSign email hides tricky phishing attempt

Conclusion

Staying informed about the latest cybersecurity threats and developments is essential for protecting your digital life. By being aware of these incidents and taking proactive measures, you can safeguard your personal and professional data from potential risks.

Additional Resources

For further insights, check:

• Malwarebytes Blog
• Cybersecurity & Infrastructure Security Agency (CISA)
• National Cyber Security Centre (NCSC)

References

No reference is needed!