By Ashwani Mishra, Editor-Technology, 63SATS Cybertech
AI-powered attacks are surging across India, with nearly 72% of firms hit by sophisticated threats. China-linked espionage targeted over 70 global entities, while United Natural Foods faced a major cyber disruption. Jackson Health reported a five-year insider breach impacting 2,000 patients. Paraguay’s President’s X account was hijacked in a Bitcoin scam. Texas DOT saw 300,000 crash records stolen.
Worldcoin launched its biometric Orb in the UK to combat AI misuse. Meanwhile, hacker group DarkGaboon used LockBit ransomware to strike Russian companies, signalling a new era of geopolitical cybercrime. These incidents underscore the rising complexity and global reach of cyber threats.
AI-Powered Cyberattacks Surge Across India
Nearly 72% of Indian organizations experienced AI-driven cyberattacks in the past year, according to a joint report by Fortinet and IDC. These attacks have become faster, more adaptive, and harder to detect, leveraging AI to automate credential stuffing, deepfake impersonations, phishing scams, and polymorphic malware.
Unlike traditional threats, these assaults target weaknesses in human behavior and identity management, bypassing conventional security tools. The report calls for stronger AI-aware defense strategies and deeper investments in behavioral analytics to combat this evolving threat landscape.
China-Linked Espionage Campaign Hits 70+ Global Targets
SentinelOne has uncovered a sweeping cyber espionage campaign attributed to China-linked actors, including groups like APT15 and UNC5174. The campaign spanned from July 2024 to March 2025, targeting over 70 entities across manufacturing, government, finance, and media sectors. Victims include a South Asian government, a European media house, and a SentinelOne contractor.
Researchers identified advanced tactics used by a threat cluster known as PurpleHaze, indicating a structured and sustained offensive with geopolitical motives. This activity underscores the growing sophistication of Chinese cyber espionage across borders.
United Natural Foods Hit by Disruptive Cyberattack
United Natural Foods (UNFI), a major distributor to retailers like Amazon, Whole Foods, and Target, reported a cyberattack that disrupted its operations and delayed order fulfillment.
Detected on June 5, the breach led the company to take certain systems offline as part of its containment strategy. While operations are still impacted, UNFI is working with third-party experts and law enforcement to investigate and restore services. The $8.2 billion distributor emphasized that customer safety and system integrity remain a top priority amid this ongoing response.
Jackson Health System Suffers Five-Year Insider Breach
Jackson Health System revealed a five-year-long insider breach involving over 2,000 patients’ personal and medical information. The incident, disclosed on June 6, 2025, involved a trusted employee who accessed and misused sensitive data to promote a personal healthcare venture.
Exposed information includes names, birth dates, addresses, medical records, and clinical details. Jackson has since terminated the employee, reported the incident to authorities, and is reviewing internal protocols. However, it remains unclear how the breach went undetected for so long, raising concerns about monitoring and data governance within healthcare institutions.
Paraguay President’s X Account Likely Hacked in Bitcoin Scam
Paraguay’s government reported a likely breach of President Santiago Pena’s X (formerly Twitter) account after it posted misleading content about adopting Bitcoin as legal tender. The now-deleted post included fabricated government statements promoting a $5 million Bitcoin reserve fund. Officials stated the irregular activity suggests unauthorized access.
The incident highlights growing risks of social media account hijackings targeting public figures and the use of such platforms to spread crypto misinformation, potentially influencing public perception or market behavior.
Texas DOT Breach Exposes 300,000 Crash Reports
Hackers infiltrated the Texas Department of Transportation’s Crash Records Information System (CRIS), stealing nearly 300,000 crash reports. The breach, detected in May 2025, involved unauthorized use of a compromised account to access and download data including driver names, addresses, license and insurance details, and incident narratives.
CRIS is a legally mandated system used to maintain all state traffic crash data. The breach puts thousands of residents at risk and underscores vulnerabilities in state-operated data systems that require urgent security enhancements.
Worldcoin’s Biometric Orb Rolls Out in the UK
Worldcoin, the biometric ID project co-founded by OpenAI CEO Sam Altman, is expanding to the UK. Starting in London and soon reaching cities like Manchester and Glasgow, the initiative uses a spherical device called the Orb to scan irises and verify human identity.
The aim is to distinguish real users from AI bots and prevent deepfake-driven abuse. The project, which generates a unique digital code from biometric data, is part of a broader push to secure digital identities in an AI-powered world.
New Hacker Group Targets Russian Firms with LockBit Ransomware
A cybercrime group known as DarkGaboon is actively targeting Russian companies using LockBit 3.0 ransomware, according to Positive Technologies. Active since 2023, the group has hit sectors including banking, tourism, and public services.
Although Positive Technologies is under U.S. sanctions, it continues to track domestic threats. DarkGaboon’s operations represent a rare reversal—where a threat actor traditionally seen targeting global entities is now focusing on Russian organizations, deploying ransomware variants once associated with Western attacks.
