Heimdal
article featured image

Contents:

From courtroom breaches to cockpit infiltration, here’s this week’s Cyber Snapshot. Five critical stories you need on your radar, with safety advice included.

We’ve got insider revenge, MFA manipulation, rogue browser extensions, and state-sponsored email theft, all in one rapid-fire rundown. Whether you’re in IT, cybersecurity compliance, or just trying to keep your team one step ahead, here’s your five-minute pulse check on what matters most this week.

Scattered Spider Targets US Airlines

Scattered Spider is back and this time, it’s the airline industry under attack. You might remember this crew from their hits on the UK retail sector. Now, they’re impersonating airline employees, sweet-talking help desks into enrolling rogue MFA tokens.

Once they’re in? They move laterally to vendors managing flight operations and loyalty programs. Think passenger data. Think operational chaos.

Safety Advice: Step Up Your MFA Game

These Scattered Spider guys are pros at social engineering. So, you’ve got to be better. Require video or face ID on a separate device or communication channel before allowing any new MFA devices. No exceptions.

Ex-IT Admin Gets Jail Time for Revenge Wipeout

A UK-based IT administrator has been sentenced to seven months in prison. Why? After leaving his job, he used backdoor credentials to wipe hundreds of Microsoft 365 accounts and shared files.

This wasn’t just a blip-global customers were impacted, and the damage ran the company a cool £200,000.

Safety Advice: Offboarding Is Zero-Lag

When IT staff leave, don’t wait. Immediately revoke all credentials and access. Waiting even an hour gives a disgruntled admin enough time to create chaos. Feels like you need another cybersecurity horror story before you make access audit a priority? Here’s one that I’ve witnessed myself:

Chrome’s Zero-Day + Malicious Firefox Extensions

Google rushed out an emergency patch this week for a Chrome zero-day vulnerability already being exploited in the wild. And if that’s not enough browser drama, researchers also uncovered malicious Firefox extensions siphoning off cookies, credentials, and crypto wallets.

Worse? Seven of these extensions are still live in the Mozilla add-on store.

Safety Advice: Patch and Whitelist

Don’t leave updates up to your users. Force-push browser updates the moment they drop. And when it comes to extensions? Whitelist them by signer and hash. No exceptions.

International Criminal Court Data Breach

The International Criminal Court has suffered a breach. Details are still sketchy, but the attack highlights just how bold cyber actors have become-even global legal institutions aren’t safe.

This is another sign that sensitive legal and geopolitical systems need rock-solid digital defenses.

Safety Advice: Classify and Segment

Sensitive systems deserve sensitive treatment. Make sure your most critical systems are air-gapped, segmented, and rigorously monitored.

Iranian Hackers Claim 100GB of Trump-Linked Emails

An Iranian group claims it’s nabbed 100GB of email data tied to political operatives close to President Trump. They’re threatening ransom or public release and reportedly organizing a sale.

This one’s a stark reminder: attackers often go after the softest link in the chain-not the high-profile target.

Safety Advice: Protect the Inner Circle

Your biggest risk? Not your top execs. It’s the assistant, the consultant, the temp. Make sure everyone in the circle follows the same high security standards-especially those with access to inboxes or calendars.

That’s a Wrap

So, there you have it – courts, cockpits, cloud admins, and the browsers we all live in. If this saved you scrolling through 20 blog posts, hit that Like button, share it with your network, and drop a comment on what you want to see next week.

Stay sharp. Stay secure.

If you liked this article, follow us on LinkedIn, Reddit, X, Facebook, and Youtube.

Author Profile

Livia Gyongyoși

Communications and PR Officer

Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity. Always interested in being up to date with the latest news regarding this domain, Livia's goal is to keep others informed about best practices and solutions that help avoid cyberattacks.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE