Biggest Cyberthreats This Week

The Biggest Cybersecurity Threats You Need to Know About Now

Every day, hackers are finding new ways to break into computers and hold data hostage. Are you protected?

At A Faster PC Live Technical Support, we’re breaking down the biggest cybersecurity threats from the past week—showing you what to watch for and the steps you need to take to secure your computer and network.

Let’s dive in.

1. Microsoft Entra Vulnerability: Guest Accounts Hijacking Admin Rights

A major flaw in Microsoft Entra-ID (used for Microsoft Admin) allows guest users to escalate privileges and take control of admin accounts.

How It Works:

  • Attackers create and transfer subscriptions into directories where they were only invited as guests.
  • With just billing permissions and a guest invite, they gain subscription owner rights.
  • They can then modify security policies, register devices, and persist undetected.

What’s at Risk?

If compromised, hackers could:

  • Send fraudulent emails from your company’s accounts.
  • Redirect invoice payments to their own accounts.

How to Protect Yourself:

Enforce policies blocking guest-initiated subscriptions.

Audit and limit guest access.

Monitor for unexpected guest-owned subscriptions.

2. SonicWall & ConnectWise Targeted in Remote Access Attacks

SonicWall SSL VPN NetExtender Trojanized

  • Hackers are distributing fake SonicWall websites that trick users into downloading malware.
  • Once installed, the malware steals VPN credentials and bypasses certificate checks.
  • Attackers gain access to usernames, passwords, and network domains.

ConnectWise Abused via "Authenticode Stuffing"

  • A campaign called Evil Own embeds malicious code into legitimate-looking installers.
  • Digital signatures remain valid, making the malware appear trusted.
  • Attackers gain remote access while evading detection.

How to Stay Safe:

Only download software from official sources.

Verify website URLs before downloading VPN clients.

Monitor network traffic for unusual activity.

3. Click-Fix Attacks Surge by 500% in 2025

How the Scam Works:

  • Users see fake error messages prompting them to paste malicious PowerShell code into the Windows Run dialog.
  • Once executed, the script installs:
    • Info stealers
    • Ransomware
    • Crypto miners
    • Remote access tools

New Variant: "File Fix" Expands to Mac, iOS, Android

  • Attackers hide payloads in copied file paths.
  • Drive-by downloads infect devices silently.

How to Avoid It:

Never run commands from untrusted sources.

Use script-blocking policies.

Train employees to recognize social engineering.

4. Microsoft Exchange Keylogger Attack

What’s Happening?

  • Attackers inject JavaScript keyloggers into Exchange servers.
  • Every keystroke (usernames, passwords, SSNs) is logged and stolen.
  • Data is sent via DNS tunnels or Telegram bots.

Who’s Affected?

  • At least 65 servers in 26 countries, including government and IT sectors.
  • Hackers exploit old vulnerabilities (some from 2014!).

Protect Your Exchange Server:

Patch immediately.

Enforce multi-factor authentication (MFA).

Inspect login pages for malicious scripts.

5. Citrix Bleed 2: Hijacking Sessions & Bypassing MFA

A new Citrix NetScaler ADC/Gateway flaw lets attackers:

  • Steal session cookies to hijack user sessions.
  • Bypass MFA and gain remote access.

What You Should Do:

Patch affected Citrix devices ASAP.

Terminate all active sessions.

Monitor for unusual connections.

6. Scattered Spider Targets Insurance Companies (Aflac Breach)

Latest Victim: Aflac (June 12 Attack)

  • Hackers used phone-based social engineering to trick employees.
  • Social Security numbers, health data, and claims may have been exposed.

How They Do It:

  • Spoofed calls impersonating IT support.
  • AI voice cloning makes scams scarily convincing.

Protect Your Business:

Verify unexpected IT calls by hanging up and calling back.

Train staff to recognize impersonation scams.

7. Spark Kitty Spyware on App Store & Play Store

How It Works:

  • Spyware hides in fake TikTok mods and crypto apps.
  • Once installed, it:
    • Steals all device images.
    • Scans for crypto wallet seed phrases using OCR.
    • Sends data to hacker-controlled servers.

How to Stay Safe:

Only download apps from official stores.

Delete suspicious crypto/social media mods.

Need Help Securing Your System?

If you’re worried about these threats and don’t know where to start, A Faster PC can help!

🔹 Call us at 772-878-5978

🔹 Visit AFasterPC.com

Got a cybersecurity question? Drop it in the comments below!

Don’t wait until it’s too late—protect your data today. 🚨

Get Protected Today:

For IT support, managed services, patch management, and cybersecurity, contact A Faster PC:

📞 Call us: 772-878-5978.

📅 Book a FREE discovery call

🛡️ Download Our FREE Cybersecurity Report.

💻 Get tech support help today!

🌐 Sign Up for Our FREE 'Cyber Security Tip of the Week'

🔒 Need help with password management? You need A Faster PC! If you want to take your cybersecurity to the next level, call A Faster PC at 772-878-5978 or visit AFasterPC.com today.