June 2025 Headlines
AI Safety in the Real World: Lessons from the Front Lines of Emerging Risks
“Development of Superhuman Machine Intelligence (SMI) is probably the greatest threat to the continued existence of humanity,” says Sam Altman, CEO of OpenAI (Campos, 2025). As artificial intelligence systems become increasingly embedded in everyday life—from chatbots and recommendation engines to autonomous vehicles and fraud detection—their potential for harm is no longer theoretical. The AI Incident Database (AIID), a public repository of real-world AI failures, now catalogs over 1,100 incidents where AI systems have caused or nearly caused harm (incidentdatabase.ai, 2025).
These incidents range from deepfake scams and misinformation to autonomous system failures and privacy breaches, underscoring the urgent need for robust AI safety practices.
What Is AI Safety?
AI safety refers to the design, development, and deployment of AI systems in ways that minimize risks to individuals, organizations, and society. This includes:
Preventing unintended behavior
Ensuring transparency and accountability
Protecting against malicious use
Preserving human oversight
Real-World Incidents: What Can Go Wrong?
Deepfake CEO Scam (Incident 1100) - In June 2025, a LastPass employee was targeted by an audio deepfake impersonating the company’s CEO, attempting to manipulate them into transferring sensitive data (incidentdatabase.ai, 2025). The attack was thwarted, but it highlights how AI-generated voice cloning is now a tool for cybercriminals.
AI Hallucination in Legal Case (Incident 1099) - An Ontario court case cited AI-generated legal references that turned out to be fabricated, raising concerns about the reliability of AI tools in legal contexts (incidentdatabase.ai, 2025).
AI Overviews Misinformation (Incident 1097) - Google’s AI Overview feature incorrectly stated that Airbus was involved in a fatal crash instead of Boeing, demonstrating how automated summarization tools can spread false information at scale (incidentdatabase.ai, 2025).
These examples are not isolated. According to a recent roundup by the AIID, incidents involving voice cloning, identity fraud, and misinformation have surged in 2025, with attackers exploiting AI to bypass traditional security controls (Atherton, 2025).
Why AI Safety Matters for Cybersecurity
AI systems are increasingly used in security-critical applications—from biometric authentication to fraud detection. But when these systems fail or are manipulated, the consequences can be severe:
False positives in fraud detection can lock out legitimate users
Bias in facial recognition can lead to wrongful arrests
AI-generated phishing can deceive even tech-savvy users
As AI becomes more autonomous, the attack surface expands, and traditional cybersecurity tools may not be enough.
Building Safer AI Systems
To mitigate these risks, organizations should adopt the following best practices:
Red teaming AI systems to simulate adversarial attacks
Using AI incident databases like AIID to learn from past failures
Enforcing regulatory compliance and ethical guidelines
Governments and industry leaders are also calling for AI safety standards, such as those proposed by the OECD and NIST, to ensure responsible deployment (NIST.gov, 2025).
Conclusion
AI is transforming the world—but without proper safeguards, it can also amplify risks. By evaluating real-world incidents and implementing safety-by-design, we can ensure that AI serves humanity rather than undermines it.
Apple’s Zero-Click iMessage Flaw: A New Front in Mobile Espionage
In June 2025, Apple confirmed the discovery and patching of a zero-click vulnerability in its Messages app, tracked as CVE-2025-43200 (Quorumcyber.com, 2025). This flaw allowed attackers to compromise iPhones without any user interaction—no taps, clicks, or downloads—raising serious concerns about the security of even the most locked-down mobile ecosystems.
What Happened?
The vulnerability was exploited through maliciously crafted iCloud links sent via iMessage. Once received, the exploit chain allowed spyware to be installed silently, granting attackers access to messages, emails, microphones, cameras, and more—all without the user’s knowledge or consent (Lakshman, 2025).
Security researchers at Citizen Lab confirmed that the exploit was used to target journalists, including Italian reporter Ciro Pellegrino, using Graphite spyware developed by Israeli firm Paragon (Lakshman, 2025). This spyware is known for its ability to conduct deep surveillance and is typically sold to government clients.
The Nature of Zero-Click Exploits
Zero-click exploits are particularly dangerous because they require no interaction from the victim. Unlike phishing attacks, which rely on tricking users into clicking malicious links, zero-click attacks exploit vulnerabilities in background processes—making them nearly impossible to detect or prevent through user awareness alone (Lakshman, 2025).
This is not the first time Apple has faced such threats. In 2023, Citizen Lab documented a similar exploit chain called BLASTPASS, used to deliver NSO Group’s Pegasus spyware to civil society targets 3. These repeated incidents highlight the persistent targeting of iOS devices by state-sponsored actors.
Apple’s Response
Apple patched the vulnerability in February 2025 with iOS 18.3.1 and corresponding updates across macOS, iPadOS, watchOS, and visionOS (Lakshman, 2025). The company also issued threat notifications to affected users, a system it has used since 2021 to alert individuals targeted by sophisticated attacks.
Apple emphasized that such attacks are highly targeted and affect a small number of users globally. However, the implications for privacy and press freedom are significant. The use of zero-click spyware against journalists and civil society members underscores a troubling trend: surveillance tools are increasingly being used to suppress dissent and monitor free expression. The United Nations and digital rights groups have called for a global moratorium on the sale of such spyware until stronger human rights safeguards are in place (Lakshman, 2025).
What you can do
To stay protected against threats like zero-click exploits, users should keep their devices updated, enable Lockdown Mode if at risk, and use secure communication tools to safeguard your privacy.
source: westjet.com
WestJet Cybersecurity Breach: What Happened and What It Means
In mid-June 2025, WestJet, Canada’s second-largest airline, confirmed it had fallen victim to a cybersecurity incident that disrupted access to its mobile app, website, and internal systems. While flight operations remained unaffected, the breach raised serious concerns about the airline’s digital resilience and the broader implications for the aviation sector.
Timeline of the Incident
June 13: WestJet publicly acknowledged the breach, stating that internal systems and the WestJet app were experiencing restricted access. The airline activated specialized cybersecurity teams and began working with Transport Canada and law enforcement to investigate (Westjet.com, 2025)
June 14–15: WestJet issued regular updates, confirming that while flight operations were stable, intermittent issues continued to affect digital services. The company emphasized its commitment to transparency and ongoing remediation (Westjet.com, 2025)
June 16: Reports indicated that the airline was still working to fully restore services, with no confirmation yet on the type of cyberattack, threat actor, or whether sensitive data had been compromised (Westjet.com, 2025)
June 18th: WestJet has engaged with law enforcement and are complying with our regulatory obligations and working to assess any potential data in scope (Westjet.com, 2025)
What We Know So Far
The breach did not affect flight safety or operations, but it did cause disruptions to customer-facing services, including login issues and app errors (Ćemanović, 2025).
WestJet has not disclosed whether the incident involved ransomware, unauthorized access, or data exfiltration.
As of now, no stolen data has been publicly leaked or claimed by known ransomware groups (Ćemanović, 2025).
WestJet’s Response
WestJet has taken several steps in response to the incident:
Engaged internal cybersecurity teams and external partners
Notified regulatory bodies and law enforcement
Issued frequent public updates to maintain transparency
Advised customers to be cautious of phishing attempts and to monitor their accounts for suspicious activity (Ćemanović, 2025)
If you're a WestJet customer or employee:
Change your passwords, especially if reused across platforms
Enable multi-factor authentication (MFA) where possible
Be wary of phishing emails or texts pretending to be from WestJet
Monitor your accounts for unusual activity
As the investigation continues, WestJet has pledged to provide updates regularly (Westjet.com, 2025). The full scope of the breach and its impact remains to be seen.
Stefan Myroniuk, MSc., CISSP
(ISC)2 Alberta Chapter | Communications Director
E: communications@isc2chapter-alberta.org
http://isc2chapter-alberta.org
