Cybersecurity researchers have uncovered and detailed two vulnerabilities in SAP’s Graphical User Interface (GUI) for Windows and Java, tracked as CVE-2025-0055 and CVE-2025-0056.

A federal judge has granted preliminary approval for AT&T to settle numerous data breach lawsuits for $177 million. U.S. District Court Judge Ada E. Brown ruled that the settlement appears “fair, reasonable and adequate” and in the best interest of the plaintiffs.

Aflac, the largest provider of supplemental insurance in the United States, has disclosed a cyberattack that affected its systems, according to a June 12, 2025, SEC filing.

Stolen cryptocurrency was sent to domain registrars as payment to create fake cryptocurrency investment domains and to Meta as payment for Facebook advertisements that promoted fraudulent cryptocurrency investment opportunities.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

Unknown threat actors have compromised Microsoft Exchange Servers accessible from the internet, injecting keylogging code into the Outlook on the Web (OWA) login pages used by government agencies and private companies worldwide.

Cryptocurrency may be nearing the point where it poses a systemic risk to the global financial system, according to Klaas Knot, outgoing chair of the Financial Stability Board (FSB). Speaking in Spain, Knot acknowledged that despite previous disruptions in the crypto space—including bankruptcies, liquidity issues, and fraud—the FSB had not considered the sector a systemic threat until now.