Major Incidents or Breaches

• Logitech confirmed a data breach following an attack by the Clop extortion group, which targeted Oracle E-Business Suite systems and resulted in data theft.
• Checkout.com disclosed a breach of a legacy cloud storage system by the ShinyHunters threat group, which is now attempting to extort the company. The breach did not impact payment processing systems.
• The Washington Post reported that nearly 10,000 employees were affected by a data breach linked to the Oracle hack, with attackers attempting extortion after stealing personal information.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• DoorDash disclosed a data breach in October affecting user information across the US, Canada, Australia, and New Zealand.
• The Washington Post is notifying nearly 10,000 employees and contractors of personal and financial data exposure following the Oracle data theft attack.
• Synnovis confirmed patient information was stolen in a ransomware attack that disrupted pathology services at several London hospitals.
• The NHS is investigating claims of an Oracle E-Business Suite (EBS) hack after hackers named over 40 alleged victims, with the National Cyber Security Centre involved.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• Synnovis, a UK pathology services provider, has notified healthcare providers of a data breach resulting from a ransomware attack in June 2024, which led to the theft of patient data.
• Over 67,000 fake npm packages have been published in a large-scale, worm-like spam attack, likely financially motivated, flooding the npm registry since early 2024.
• DanaBot malware has resumed activity, infecting Windows systems after a six-month hiatus following law enforcement disruption in May 2024.
• A campaign targeting Microsoft 365 users is leveraging Quantum Route Redirection to bypass email security and steal credentials, impacting victims in over 90 countries.
• Phishing emails disguised as spam filter alerts are being used to steal user credentials.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• GlobalLogic, a Hitachi group company, is notifying over 10,000 current and former employees of data theft following a breach of Oracle E-Business Suite (EBS).
• The Rhadamanthys infostealer malware operation has been disrupted, with operators and customers losing access to their servers.
• A Chinese national known as the “Bitcoin Queen” was sentenced in London to over 11 years in prison for laundering Bitcoin from a $7.3 billion cryptocurrency investment scam.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• Nearly 30 organizations, including Logitech, The Washington Post, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland, have been named as alleged victims of an Oracle E-Business Suite (EBS) hack on the Cl0p ransomware leak site.
• The US Congressional Budget Office (CBO) confirmed a data breach.
• Many Forbes AI 50 companies were found to have leaked sensitive secrets, including training data and private models, on public GitHub repositories.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• The Swiss National Cyber Security Centre (NCSC) has issued a warning about an ongoing phishing campaign targeting iPhone owners. Attackers are sending text messages claiming a lost or stolen iPhone has been found, attempting to harvest Apple ID credentials.

Newly Discovered Vulnerabilities

• Three vulnerabilities have been disclosed in the runC container runtime, which is widely used by Docker and Kubernetes. These flaws enable attackers to escape container isolation and gain access to the underlying host system.

Notable Threat Actor Activity

Major Incidents or Breaches

• The GlassWorm malware campaign has resurfaced on the OpenVSX marketplace with three new malicious Visual Studio Code extensions. These extensions have already been downloaded over 10,000 times. The campaign previously targeted both OpenVSX and Visual Studio Code marketplaces last month.

Newly Discovered Vulnerabilities

• Microsoft has disclosed a new side-channel attack named ‘Whisper Leak’ targeting remote AI language models. The attack enables passive adversaries monitoring encrypted network traffic to infer chat topics discussed with AI models, potentially exposing sensitive information despite encryption.

Trends, Tools, or Tactics of Interest

Major Incidents or Breaches

• The U.S. Congressional Budget Office confirmed it was hacked, with potential exposure of sensitive government data.
• Multiple Russian state-sponsored groups expanded destructive cyberattacks against Ukrainian entities, now targeting the grain sector and associated European organisations.
• 18 individuals were arrested in connection with international credit card fraud rings, responsible for defrauding 4.3 million cardholders in 193 countries of approximately €300 million between 2016 and 2021.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• The U.S. Congressional Budget Office (CBO) confirmed a cybersecurity incident attributed to a suspected foreign threat actor. Sensitive data may have been exposed.
• SonicWall disclosed that a nation-state actor breached its cloud backup service, stealing firewall configuration files of all customers using the service. This incident is not connected to recent Akira ransomware activity.
• Hyundai AutoEver America reported a data breach from February, with attackers stealing Social Security Numbers and other personal information.
• The State of Nevada completed recovery from a ransomware attack that began as early as May 2025 and was discovered in August. The attack impacted 60 state agencies and disrupted critical health and public safety services.
• The DeFi protocol Balancer began recovering funds after hackers exploited a vulnerability to steal $128 million in cryptocurrency.
• New data revealed that UK water systems have been targeted by hackers five times since 2024, highlighting increased risks to critical infrastructure.

Newly Discovered Vulnerabilities

Major Incidents or Breaches

• SonicWall confirmed that state-sponsored threat actors were responsible for the September 2025 breach, which resulted in the exposure of customers’ firewall configuration backup files.
• Hyundai AutoEver America reported a data breach in which attackers accessed sensitive personal information, including Social Security numbers and driver’s license details.
• The University of Pennsylvania disclosed that a cyberattack led to the compromise and theft of data from internal systems related to development and alumni activities.
• Nikkei, a major Japanese media company, suffered a breach via compromised Slack credentials, impacting approximately 17,000 employees and business partners.
• International law enforcement dismantled three large credit card fraud and money laundering networks, linked to losses exceeding €300 million and affecting over 4.3 million cardholders.
• Check Point Research detailed an incident where an attacker exploited a rounding error in Balancer V2’s ComposableStablePool, resulting in the theft of $128 million in cryptocurrency.

Newly Discovered Vulnerabilities