Author: Staff Writer

Fast Facts Ransomware attacks in 2025 have increased by 36% compared to 2024, reaching 5,186 incidents, with a quarterly rise of 6%. The manufacturing sector remains the most targeted industry, with a 13% increase in attacks from Q2 to Q3 2025, totaling 296 incidents. Attack patterns show a shift towards healthcare-related entities like medical device manufacturers and billing providers, with a 60% surge in targeting these non-clinical healthcare companies. The most active ransomware gangs are Qilin, Akira, INC, and Play, with Qilin and INC leading in confirmed attacks, and over 335 terabytes of data stolen across all incidents. Key Challenge…

Top Highlights Supply chain threats are escalating due to increased reliance on open-source, cloud-native, and third-party software, necessitating advanced security tools with real-time monitoring, threat intelligence, and compliance automation. The top security companies in 2025—such as Sonatype, Snyk, Synopsys, and JFrog—offer specialized solutions like AI-driven vulnerability detection, binary and artifact scanning, as well as managed third-party risk management, catering to enterprise and developer needs. Key features across these platforms include deep dependency analysis, behavioral malware detection, API and application security, and predictive risk analytics, which collectively aim to prevent supply chain attacks before they cause damage. Choosing the right solution…

Summary Points Renault revealed a cyberattack targeting a third-party provider led to the theft of U.K. customer data, including personal and vehicle details, but no financial information was compromised. The company confirmed that affected data includes names, addresses, DOBs, gender, phone numbers, and vehicle info, while asserting that only this data was stolen and not their core systems. Authorities, including the U.K. ICO, have been notified, and Renault is actively contacting affected customers to caution them against potential scams. This incident follows a series of cyberattacks on automakers like Jaguar Land Rover and Stellantis, highlighting the increasing cybersecurity risks in…

Fast Facts Microsoft has enhanced its Sentinel platform into an AI-ready security system with customizable agents and a new Security Store, improving threat detection and response. A BBC journalist was approached with money by hackers aiming to breach BBC networks; the security team responded by isolating the journalist as a precaution. The CitrixBleed 2 vulnerability led to data theft at FEMA and CBP, with some personnel reportedly dismissed over mishandling the incident. LinkedIn plans to share user data with Microsoft for AI training by November 3, but users can opt out through privacy settings. Underlying Problem Recently, a series of…

Summary Points Sure! Here are the key points from the article: Extortion Campaign: Oracle is investigating extortion emails targeting its E-Business Suite customers, linked to vulnerabilities disclosed in July. Clop Ransomware Group: Hackers claiming affiliation with the Clop ransomware have been sending threatening emails to corporate executives, alleging stolen data without immediate proof. Call to Action: Oracle’s CSO advises customers to review and patch their systems following the July updates to mitigate risks. Serious Threat: Researchers from Google, Mandiant, and Kroll highlight the seriousness of the situation, recommending organizations investigate potential data breaches. Understanding the Threat Oracle is currently investigating…

Essential Insights Renault and Dacia UK customers were notified of a data breach caused by a cyberattack on a third-party provider, exposing personal information such as names, contact details, and vehicle data. The breach did not include banking or financial information, but exposed data could be used for phishing and social engineering scams. Renault has identified and isolated the threat; authorities including the UK’s ICO have been informed, but the affected provider’s identity and the number of impacted customers remain undisclosed. This incident follows a similar cyberattack on Jaguar Land Rover, which severely disrupted operations and led to the company…

Top Highlights A new malware campaign, SORVEPOTEL, targets Brazilian WhatsApp users, spreading via phishing emails and malicious ZIP files, primarily aiming at enterprises rather than consumers. Upon opening a malicious attachment, it silently executes a PowerShell script that downloads and installs additional payloads, establishing persistence on Windows systems. The malware propagates automatically through WhatsApp Web, sending spam to contacts and groups, leading to account bans without data theft or ransomware activity. The campaign exemplifies how cybercriminals exploit popular messaging platforms for rapid, large-scale malware spread with minimal user engagement. What’s the Problem? The story reports that in Brazil, a new…

Quick Takeaways NIST’s guide emphasizes implementing procedural, physical, and technical controls to securely manage the use of portable storage devices like USBs in industrial control systems, minimizing cybersecurity risks. Organizations should enforce strict policies on device procurement, authorization, and sanitization, including asset management, access control, logging, and staff training. Physical controls include secure storage and labeling of devices, while technical controls involve malware scanning, encryption, disabling unnecessary ports, and restricting device functions to prevent malware spread. Transportation and sanitization procedures, such as encryption during transit and thorough device sanitization before disposal, are critical to reducing risks associated with portable media…

Summary Points DrayTek has released patches for CVE-2025-10547, a critical unauthenticated RCE flaw in DrayOS routers that can be exploited via crafted HTTP/HTTPS requests. Successful exploitation may cause memory corruption, system crashes, or remote code execution, posing significant security risks. The vulnerability can be exploited locally on the network even if remote access is disabled, though some access controls (VLANs, ACLs) can mitigate this. The company urges immediate firmware updates for 35 affected Vigor router models, noting no current reports of active exploitation but highlighting the severe threat to SMBs and prosumers. What’s the Problem? On Thursday, DrayTek announced that…

Quick Takeaways Oracle links an extortion campaign by the Clop ransomware gang to vulnerabilities in its E-Business Suite patched in July 2025, although official attribution is pending. Customers received extortion emails claiming data was stolen from Oracle EBS systems, with the attackers referencing a bug in an Oracle product and demanding ransom. Oracle advised clients to update their software following the discovery of nine security flaws, including three that could be exploited remotely without user credentials. Clop has a history of targeting zero-day vulnerabilities in big software platforms, with the US State Department offering a $10 million reward for links…