Major Incidents or Breaches

  • Jaguar Land Rover (JLR) has suffered a significant cyberattack, resulting in halted vehicle production. The disruption has caused substantial financial losses and forced parts suppliers to lay off workers.
  • A cyberattack targeting Collins Aerospace software has disrupted airport operations across Europe, impacting passenger check-in, boarding pass printing, baggage tagging, and luggage dispatch.

Newly Discovered Vulnerabilities

  • Microsoft patched a critical vulnerability in Entra ID (formerly Azure Active Directory) involving a token validation failure. The flaw could have allowed attackers to impersonate any user, including Global Administrators, and hijack any organisation’s tenant globally through exploitation of legacy components.

Notable Threat Actor Activity

  • Threat actors linked to North Korea (DPRK) have used ClickFix-style lures in cryptocurrency job scams to deliver BeaverTail and Invis malware.

Trends, Tools, or Tactics of Interest

  • Unusual web requests containing the “X-Forwarded-App” header have been observed in honeypot data, indicating potential new reconnaissance or exploitation techniques targeting proxy servers.