

70 Microsoft Exchange servers targeted, Apple, Netflix, Microsoft sites hacked, data breach hits Aflac
7 snips Jun 25, 2025
Hackers have compromised over 70 Microsoft Exchange servers to gather sensitive credentials using keyloggers. High-profile sites like Apple, Netflix, and Microsoft were involved in tech support scams. The discussion includes a notable data breach at AFLAC and concerns over a vulnerable VPN app. Additionally, the urgency surrounding the Citrix Bleed 2 vulnerability is highlighted, urging immediate action to protect against potential data breaches.
AI Snips
Chapters
Transcript
Episode notes
Microsoft Exchange Credential Theft
- Hackers exploit over 70 Microsoft Exchange servers using JavaScript keyloggers to steal credentials.
- They use local file storage, telegram bots, and DNS tunnels to evade detection and exfiltrate data.
Tech Support Scam via Google Ads
- Scammers manipulate Google Ads to show fake tech support numbers on Apple, Netflix, and Microsoft search results.
- They link to real support pages but with spoofed numbers to trick users into calls and data theft.
Critical Infrastructure Defense Ended
- The initiative by Cloudflare, CrowdStrike, and Ping Identity helped defend critical infrastructure from Russia-linked cyber threats.
- The project ended amid warnings of retaliatory Iranian cyber and physical attacks on U.S. networks.