Summary
As cyber threats grow more sophisticated and rapid in execution, organizations are under constant pressure to minimize patching delays and enhance their defensive posture. In June 2025, the cybersecurity landscape reflected this urgency, with 20 vulnerabilities added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, 7 of which were abused as zero-days.
These exploited flaws affected a broad spectrum of vendors and technologies, from mobile chipsets and CMS platforms to networking gear and operating systems. Notably, vulnerabilities were confirmed in products from Qualcomm, ASUS, Craft CMS, Apple, Microsoft, Google, Linux, D-Link and Fortinet, highlighting the continued targeting of both consumer-facing and enterprise-grade systems by sophisticated threat actors.
Ransomware activity surged this month, with groups such as Qilin, Akira, IncRansom, and DragonForce actively targeting critical sectors. The most affected industries included education, healthcare, government, and manufacturing, highlighting the continued focus of threat actors on organizations with low downtime tolerance and sensitive data.
Subscribe to our Newsletter
%20(1).png)
