🚨Week 24 Debrief: Microsoft Critical Vulnerabilities Patched, Google Cloud Outage Affects Millions, INTERPOL Takes Down 20,000+ Malicious IPs & Domains and more

Major Google Cloud Outage Disrupts Global Services

A global Google Cloud IAM outage on June 12 disrupted access to key services like Spotify, Discord, Google Workspace, and Cloudflare. The issue, traced to an automated quota misconfiguration, caused authentication failures that affected users and developers worldwide. The outage began at 1:51 PM ET and was mostly resolved within five hours. The disruption underscores the risks of centralizing identity systems and highlights the need for improved resiliency in cloud-dependent platforms.

Here are some key takeaways:

• Spotify: Peaked at 46,000+ Downdetector outage reports.

• Discord: Over 11,000 user reports.

• Google services (Gmail, Drive, Meet, etc.): ~10,800 reports.

• Cloudflare: Hit due to Google Key Management Service dependency.

• Snapchat, Twitch: Thousands affected.

• Cause: Misconfigured quota in IAM API.

• Restoration:

  • Partial recovery by 6:16 PM ET.

  • Full service resumed around 9:30 PM ET.

💻 Malware and Vulnerabilities

Zero-Click AI Flaw Exposes Microsoft Copilot Data: Researchers uncovered a critical zero-click vulnerability (CVE-2025-32711) in Microsoft 365 Copilot that lets attackers silently extract corporate data from Outlook and SharePoint. No user interaction is needed, raising serious concerns about emerging AI integrations in enterprise systems. Link

Salesforce Misconfigurations Spark Five CVEs: Over 20 misconfiguration issues, including five CVEs, were discovered in Salesforce Industry Cloud platforms. Researchers warn these flaws expose customer and internal data. While some fixes are automatic, others require urgent administrator action. Link

Microsoft June Patch Tuesday Fixes Active 0‑Day: Microsoft’s June 2025 security updates fix 66 vulnerabilities, including a WebDAV zero-day (CVE-2025-33053) actively exploited in the wild. This month’s update fixes vulnerabilities in Windows OS, Microsoft Exchange Server, and Microsoft Edge, among others. Notably, a critical remote code execution vulnerability in the Windows Print Spooler service continues to be a major focus, as attackers exploit it for network-wide compromise.

Key Patches Include:

• Zero-Day Exploit Fix: A critical zero-day vulnerability used in active attacks was patched, mitigating remote code execution risks.

• Windows Print Spooler: Multiple elevation of privilege and denial-of-service fixes to harden print services.

• Microsoft Exchange Server: Security updates addressing flaws that could allow unauthorized access or data leakage.

• Microsoft Edge: Browser security improvements to prevent memory corruption and remote code execution.

• Other Fixes: Various patches across Office apps, Windows Defender, and other components addressing elevation of privilege, information disclosure, and security feature bypass. Link

Chrome & Firefox Fix High‑Severity Memory Bugs: New updates for Chrome 137 and Firefox 139 address multiple high-severity memory issues, including type confusion and use-after-free bugs. These could allow attackers to execute code or escape browser sandboxes. Link

South Korean Book Retailer Hit by Ransomware: Ransomware disrupted YES24, South Korea’s top online bookseller, causing widespread outages. The company is working to restore services while investigating potential customer data exposure. Link

BrowserVenom Attack Mimics DeepSeek to Bypass Defenses: A campaign dubbed BrowserVenom is deploying proxy-based malware resembling DeepSeek techniques to bypass detection. Targets include government and research entities in Asia and the Middle East. Link

📈 Breaches and Incidents

Google Cloud Outage Disrupts Spotify, Smart Devices: A Google Cloud IAM misconfiguration caused global service outages impacting Spotify, Google Home, Snapchat, Discord, and Gmail. The issue lasted hours but exposed critical dependency risks. Link

Cyberattacks Hit Thomasville and Ogeechee District: Municipal systems in Thomasville, NC and Ogeechee, GA were hit by cyberattacks disrupting services and prompting digital investigations. Link

NHS Professionals Breach Exposed Active Directory: NHS Professionals confirmed a breach dating back to May 2024 that compromised its Active Directory systems. Personal information may have been accessed. Link

🚨 Threat Intel & Info Sharing

Chinese Antenna in France Suspected of Espionage: French officials suspect a large Chinese-built antenna near Toulouse is intercepting communications from Airbus satellites. Intelligence services are now investigating its true purpose. Link

Sweden Responds to Ongoing Cyberattacks: Sweden’s Prime Minister warned of a sustained cyber campaign targeting government and media institutions, calling for heightened national digital defenses. Link

INTERPOL Seizes 20K Malicious Domains in Infostealer Crackdown: INTERPOL, working with 26 nations, dismantled infrastructure linked to infostealer malware—20,000 domains taken down, 32 arrested, and 70 servers seized. Link

Turkey Arrests 145 Suspects in Massive Cybercrime Raid: Turkey’s interior ministry detained 145 individuals across 52 provinces and seized ₺5 billion in assets linked to cyber fraud, phishing, and illegal betting. Link

Organizations Mostly Unprepared for Quantum Era, ISACA Survey Finds: ISACA’s Quantum Pulse Poll reveals that 95% of organizations lack a quantum-computing roadmap and only 5% treat post-quantum encryption as a near-term priority, despite 62% fearing current encryption could be compromised. Link

⚖️ Laws, Policies and Regulations

Denmark Ditches Microsoft for Digital Sovereignty: Denmark’s government is migrating from Microsoft to open-source platforms like Linux and LibreOffice. The move aims to reduce dependence on U.S. vendors and regain control over public-sector digital infrastructure. Link

CISA Executive Director Resigns Amid Budget Uncertainty: CISA executive director Bridget Bean is leaving the agency amid leadership restructuring and funding debates. Her departure could affect continuity in cybersecurity initiatives. Link

France Proposes Rules for Email Tracking Pixels: France’s CNIL is collecting public input on new rules governing tracking pixels in emails. The draft guidance seeks to clarify consent requirements under GDPR. Consultation runs through July 24. Link

EU Opens Consultation on High-Risk AI Regulation: The European Commission has launched a public consultation on defining and regulating “high-risk” AI systems. This is part of the broader rollout of the EU AI Act. Link

EU Advances Cybersecurity Crisis Management Plans: The European Commission introduced new steps to enhance collective cybersecurity crisis response, including coordinated EU-wide frameworks and rapid response tools. Link

⚖️ Cybersecurity Start Ups and VCs

Data-security company Cyera raised just over half a billion dollars in its latest funding round, as security chiefs grapple with the implications of information proliferation in the era of artificial intelligence Link

German startup Baobab Insurance, a provider of insurance against cyber and other digital risks, announced today a €12 million Series A financing round to advance their active risk mitigation platform. Link

📊 Trends, Reports, Analysis

Forensic Study Reveals Paragon’s iOS Spyware Targeted Journalists: For the first time, Citizen Lab confirmed forensic evidence that Paragon Solutions’ iOS “Graphite” spyware targeted at least two European journalists—Ciro Pellegrino of Fanpage.it and a prominent anonymous reporter—via zero-click iMessage exploits using CVE-2025-43200. Analysis links both infections to the same Paragon operator. Italy’s government suspended its Paragon contract. Link

📅 Upcoming Events

If you would like to sponsor any of our future in person or virtual events then please email us on [email protected] 

We hope you enjoyed our email briefing! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].

Thank you for being a part of our newsletter community and you can be part of the community by joining our LinkedIn Group.