IT News Roundup: Cloud Spending Surge, Chollima APT Expansion, FIFA Ticket Fraud - June 7, 2026

The latest week in technology brings major developments across cloud infrastructure investment, state-sponsored cyber threats, and large-scale online fraud operations. Global cloud spending continues its explosive growth trajectory, while threat intelligence reveals the expanding reach of one of the most persistent APT groups. Meanwhile, the intersection of major sporting events and cybercrime is producing sophisticated fraud campaigns.

Global Cloud Infrastructure Spending Surges 29% in Q4 2025

According to research firm Omdia, global spending on cloud infrastructure services reached US10.9 billion in the fourth quarter of 2025, representing a 29% year-on-year increase. This marks the sixth consecutive quarter of accelerated growth, underscoring the massive capital commitment hyperscalers are making to AI infrastructure.

The report highlights a broader industry shift from AI experimentation to scaled production deployment. Major cloud providers including AWS, Microsoft Azure, and Google Cloud have been investing heavily in data center capacity, GPU clusters, and networking infrastructure to meet surging demand for AI workloads. Google Cloud specifically reported strong AI-fueled revenue growth while acknowledging capacity ceilings due to hardware shortfalls and power limitations.

For IT professionals and homelab enthusiasts, this trend signals continued investment in edge computing and hybrid cloud architectures, as enterprises seek to balance centralized AI processing with distributed workloads.

Source: Omdia via Business Wire

Famous Chollima APT Infiltrates Over 320 Companies in 12 Months

CrowdStrike's 2025 Threat Hunting Report revealed alarming data about the North Korean-linked hacking group known as Famous Chollima. The threat actor infiltrated more than 320 companies over a 12-month period — representing a staggering 220% spike in activity compared to the previous year.

What makes this campaign particularly concerning is the group's increased use of AI-assisted techniques to accelerate their operations. The report indicates that Famous Chollima has been leveraging artificial intelligence tools to automate reconnaissance, credential harvesting, and lateral movement across targeted networks, significantly reducing the time between initial compromise and data exfiltration.

Security experts recommend that organizations review their endpoint detection and response configurations, implement stricter network segmentation, and ensure all systems are patched against known exploitation techniques used by state-sponsored threat actors.

Source: CRN / CrowdStrike 2025 Threat Hunting Report

Over 4,300 Fraudulent FIFA World Cup Sites Tracked by Group-IB

Cybersecurity firm Group-IB has documented one of the largest sports-related fraud campaigns on record, tracking more than 4,300 fraudulent FIFA World Cup domains registered by a single criminal operator. The operation involves cloned websites designed to mimic official FIFA ticket sales platforms, capitalizing on the excitement and urgency surrounding the tournament.

The investigation reveals a sophisticated operation where tickets appear scarce, fans grow anxious, and money moves quickly — creating the perfect conditions for fraud. The cloned sites use convincing designs, fake inventory systems, and urgency-driven messaging to pressure victims into making payments before they can verify legitimacy.

Organizations hosting ticketing or event-related services should implement domain monitoring, set up official channels clearly, and educate users about verification procedures. IT teams managing web infrastructure should be alert for newly registered domains that mimic legitimate brands.

Source: The Hacker News / Group-IB

Meta Considers Tens of Billions in Stock Offering to Fund AI Ambitions

Meta Platforms is reportedly considering raising tens of billions of dollars through a stock offering to fund its aggressive artificial intelligence ambitions, according to a report from the Financial Times. The potential capital raise would represent one of the largest equity offerings in tech history and signals the enormous financial commitment required to compete in the AI infrastructure race.

The move comes as Meta continues to invest heavily in custom AI chips, data center construction, and large language model development. The company has been building out its AI infrastructure at a pace that rivals the largest cloud providers, with significant investments in GPU clusters and specialized training hardware.

For the broader technology ecosystem, Meta's capital strategy underscores the intensifying competition for AI supremacy and the massive capital requirements involved. IT professionals should note the downstream effects on cloud pricing, chip availability, and energy infrastructure as major tech companies race to build AI capacity.

Source: Reuters / Financial Times

SonicWall Supply Chain Breach Impacts Multiple Organizations

A significant supply chain security incident involving SonicWall has come to light, with breach notifications issued in multiple states in 2026 for a compromise that was originally detected in 2025. The affected organization has filed suit against SonicWall, alleging that the network security vendor's own systems were the entry point for the attack.

This incident highlights the ongoing challenges of supply chain security in the IT industry. Organizations that rely on third-party security vendors face the paradoxical risk that those same vendors could become attack vectors. The delayed disclosure — with the breach detected in 2025 but notifications not issued until 2026 — also raises questions about incident response timelines and regulatory compliance.

IT teams should review their vendor risk management programs, assess dependencies on security product providers, and ensure that third-party access controls are properly segmented and monitored.

Source: PKWARE

TransUnion Data Breach Exposes 4.4 Million Customer Records

Credit reporting agency TransUnion disclosed a data breach that impacted the sensitive information of more than 4.4 million customers. The incident occurred after attackers gained unauthorized access to a targeted Salesforce database, exposing customer data including personal identifiers and financial information.

The breach underscores the persistent risks associated with cloud-based CRM and database platforms. While Salesforce is a widely trusted platform, misconfigured access controls, compromised credentials, or API vulnerabilities can create entry points for attackers. Organizations using Salesforce or similar platforms should audit their access controls, review integration security, and implement additional monitoring for sensitive data repositories.

Individuals affected by credit bureau breaches should consider placing fraud alerts or credit freezes, monitoring their credit reports regularly, and reviewing account statements for unauthorized activity.

Source: Guardz

GitHub 2025 Open Source Security Report Shows Shifting Threat Landscape

GitHub's 2025 open source vulnerability report reveals a complex picture of the security landscape. The platform published 4,101 reviewed advisories in 2025 — the fewest number since 2021. However, this decrease does not necessarily indicate improved security. Instead, the report points to a surge in malware distribution through open source channels and an increase in CVE publications.

The shifting threat model suggests that while traditional vulnerability disclosure may be declining through GitHub's channels, attackers are increasingly focusing on supply chain compromise, dependency confusion, and malicious package injection. Organizations relying on open source components should implement software bill of materials (SBOM) tracking, use dependency scanning tools, and maintain updated vulnerability management processes.

Source: GitHub Blog