A Record-Breaking 16 Billion Credentials Leaked
Researchers uncovered a sprawling compilation of 30 infostealer datasets holding a staggering 16 billion unique login credentials, which is roughly two passwords for every person on Earth! The trove, posted in mid-June, contains fresh credentials for Apple, Google, Facebook, GitHub, and dozens of other notable services, providing criminals with unprecedented fuel for account takeover and phishing.
Analysts warn the leak signals a shift from scattered Telegram drops to centralized “credential warehouses,” making large-scale weaponization far easier. (cybernews.com)
How to protect your organization:
- Enable multi-factor authentication (MFA) on all employee and admin accounts.
- Regularly audit login credentials and reset passwords, especially for critical services.
- Educate your team on phishing attacks and best practices for creating and managing secure passwords.
- Monitor for exposed credentials using services that alert you to breaches.
Why it matters:
Compromised credentials can undermine trust and expose sensitive systems. SSL.com’s Client Authentication Certificates provide strong, certificate-based access control that can’t be phished or guessed.
Microsoft’s June Patch Tuesday Fixes Active WebDAV Zero-Day
On June 10, Microsoft shipped patches for 66 CVEs, including one zero-day vulnerability (CVE-2025-33053) that had already been exploited to gain remote code execution via WebDAV. Nine additional flaws were rated critical, four of them in Office’s Preview Pane, meaning users could be compromised without even opening a file. Security teams rushed to patch Internet-facing servers first, as proof-of-concept exploits were posted on GitHub within 24 hours. (crowdstrike.com)
How to protect your organization:
- Apply all security updates immediately, especially on exposed servers and workstations.
- Audit Internet-facing systems to ensure patch compliance.
- Use endpoint protection that detects behavior-based exploits.
Why it matters:
Staying compliant with patching and digital integrity policies is crucial. SSL.com’s code signing certificates help ensure the software your business develops and distributes is safe and verified.
FBI Alert: Scattered Spider Pivots to the Airline Sector
In a June 28 advisory, the FBI stated the social engineering crew, “Scattered Spider,” is now targeting airlines and their IT vendors by impersonating staff to trick help desks into resetting MFA and adding rogue devices. The group, renowned for the 2023 MGM and Caesars Palace casino breaches, relies on rapid privilege escalation and double-extortion tactics that can paralyze operations within hours.
Aviation companies are urged to harden identity-verification workflows and scrutinize help-desk requests. (thehackernews.com)
How to protect your organization:
- Strengthen employee ID verification, especially for support and help-desk requests.
- Use certificate-based authentication instead of passwords or SMS-based MFA.
- Train support teams to flag suspicious reset or access requests.
- Review and limit admin privileges to essential personnel only.
Why it matters:
SSL.com’s Client Authentication Certificates give organizations a secure, certificate-based login method to prevent impersonation and bypass attacks.
Salt Typhoon Spy Campaign Breaches Viasat
Satellite internet provider Viasat confirmed a breach linked to the China-aligned APT “Salt Typhoon,” disclosed on June 20th after coordination with U.S. agencies. Investigators say the attackers compromised a network device to siphon metadata but found no evidence of customer data loss.
The incident highlights satellite and telecom infrastructure as prime targets for long-dwell espionage operations. (darkreading.com)
How to protect your organization:
- Use encrypted communications for all internal and external data transfers.
- Apply firmware and network security updates promptly to hardware.
- Conduct regular vulnerability scans of all network devices.
- Log and monitor unusual access patterns, especially in infrastructure-related systems.
Why it matters:
Advanced threats often exploit weak authentication to move laterally—SSL.com’s Client Authentication Certificates enforce strong identity verification and access control across sensitive infrastructure.
AT&T Agrees to $177 Million Breach Settlement
On June 30, a U.S. judge granted preliminary approval to AT&T’s $177 million fund compensating 73 million current and former customers hit by its 2019 and 2024 data leaks. Eligible victims can claim up to $5,000 for documented losses, with payouts expected in early 2026, pending final approval.
The deal highlights the increasing legal costs for companies that fail to protect customer data. (malwarebytes.com)
How to protect your organization:
- Review your data retention policies to minimize exposure of old or inactive user data.
- Encrypt customer data at rest and in transit.
- Use secure portals and services for customer communications and identity management.
- Invest in compliance readiness to avoid the high cost of legal settlements.
Why it matters:
Data breaches can lead to long-term legal and financial consequences. Strengthening data protection practices today helps reduce exposure and liability in the future.
Updates & Announcements
CA/Browser Forum (CABF) Developments & Reminders:- S/MIME Developments: Ballot SMC011 proposes allowing European Unique Identifiers (EUID) for EU/EEA organization validation.
- Key deadlines: CAA checking (mandatory since March 15), MPIC validation (May 15), and Legacy profile deprecation (July 15).
- SSL/TLS Validity: The trend toward shorter certificate lifespans continues, reinforcing the importance of automation in certificate management. Learn more about how to prepare for 47-day certificate lifespans.
- Purchase BIMI-compliant Verified Mark Certificates (VMCs). Available soon in Gmail and Apple Mail trust stores.
- Starting September 15, 2025, SSL.com will issue TLS server certificates without the Client Authentication EKU, aligning with Google Chrome’s Root Program Policy. Review our guide to prepare.
