CISA Mandates Patches for Exploited Flaws; Nation-State Actors Breach F5 and Prosper Suffers Massive Data Leak

CISA Adds Five Vulnerabilities in Apple, Kentico, Microsoft, and Oracle Products to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The flaws affect a range of widely used products, including Apple devices, Kentico Xperience, Microsoft Windows SMB Client, and Oracle E-Business Suite. Federal agencies are now mandated to apply patches by a specified deadline, and CISA strongly urges all organizations to prioritize remediation to mitigate significant cyber risk.

KEVCISABOD 22-01PatchingVulnerability Management +2 more

8 min read

CISA Mandates Patching for 5 New Actively Exploited Flaws in Apple, Microsoft, Oracle, and Kentico

Patch Management

Vulnerability

Regulatory

AWS Outage in us-east-1 Knocks Major Global Services Offline

Widespread Internet Outage Linked to AWS us-east-1 Infrastructure Failure

A significant infrastructure fault within Amazon Web Services' (AWS) us-east-1 region in North Virginia on October 20, 2025, triggered a global outage affecting numerous major online services. Platforms including Snapchat, Fortnite, Disney Plus, and various banking applications experienced widespread disruptions. The incident, caused by issues with core services like DynamoDB and EC2, highlights the critical dependency of the digital economy on a few major cloud providers and underscores the importance of robust architectural resilience.

AWSOutageCloud SecurityResilienceBusiness Continuity +2 more

6 min read

AWS Outage in us-east-1 Knocks Major Global Services Offline

Cloud Security

Incident Response

Anubis Ransomware Hits Australian Engineering Firm Aussie Fluid Power

Anubis Ransomware Group Claims Attack on Australian Industrial Firm Aussie Fluid Power

The Australian industrial engineering company, Aussie Fluid Power, has confirmed it was hit by a ransomware attack claimed by the emerging 'Anubis' ransomware group. The incident, which has impacted company operations and stakeholder data, aligns with warnings from the Australian Cyber Security Centre (ACSC) about increasing cyber threats to critical infrastructure and the industrial sector. This attack underscores the growing risk posed by new ransomware gangs targeting operational technology (OT) environments.

RansomwareAnubisICSOT SecurityAustralia +1 more

7 min read

Ransomware

Industrial Control Systems

Cyberattack

EU and Ukraine Deepen Cyber Defense Alliance in Face of Russian Aggression

INFORMATIONAL

EU and Ukraine Strengthen Cybersecurity Cooperation at 4th Cyber Dialogue

The European Union and Ukraine have reaffirmed their strategic partnership on cybersecurity during their 4th Cyber Dialogue held in Kyiv. Against the backdrop of Russia's ongoing war, both parties committed to deepening cooperation on cyber defense, policy alignment with EU standards like the NIS2 Directive, and the protection of critical infrastructure. Ukraine will continue to share threat intelligence gained from defending against Russian cyberattacks to bolster the EU's collective security.

EUUkraineRussiaCyber DiplomacyNIS2 +2 more

EU and Ukraine Deepen Cyber Defense Alliance in Face of Russian Aggression

Policy and Compliance

Regulatory

Threat Intelligence

Updated Articles (5)

Lending Platform Prosper Breached, 17.6 Million Accounts Exposed

Prosper Confirms Massive Data Breach Affecting 17.6 Million Users; Data Added to 'Have I Been Pwned'

Further investigation into the Prosper data breach has revealed that the compromised data set is far more extensive and sensitive than initially reported. In addition to names, emails, and phone numbers, the breach now includes the exposure of Social Security Numbers, physical addresses, and income levels for all 17.6 million affected users. This critical update significantly elevates the risk of identity theft, sophisticated financial fraud, and targeted phishing campaigns, as attackers now possess the necessary information to open new lines of credit or file fraudulent tax returns. Users are strongly advised to freeze their credit immediately.

October 17, 2025

Data BreachPIIProsperFinTechHave I Been Pwned +2 more

4 min read

Lending Platform Prosper Breached, 17.6 Million Accounts Exposed

Phishing

Regulatory

Clop Ransomware Claims Harvard University Breach, Threatens Data Leak

Notorious Ransomware Group Clop Adds Harvard University to its Dark Web Leak Site

The Clop ransomware attack on Harvard University has been confirmed to stem from the exploitation of a critical zero-day vulnerability, CVE-2025-61882, in Oracle's E-Business Suite. This complex RCE flaw served as the initial access vector for the breach. The vulnerability is now being actively and widely exploited by Clop, with mass scanning reported across the internet. In addition to Harvard, another victim, Envoy Air, has also been linked to this exploit. Organizations using Oracle EBS are at immediate and significant risk and are urged to apply mitigations, including restricting access and deploying WAF/IPS, as an official patch is not yet available. This update provides crucial technical details and expands the scope of the incident.

October 12, 2025

RansomwareClopTA505Harvard UniversityData Leak +2 more

Ransomware

Threat Actor

F5 Breached by Nation-State Actor; BIG-IP Source Code Stolen, CISA Issues Emergency Directive

CRITICAL

F5 Discloses Major Breach by Nation-State Actor; CISA Issues Emergency Directive After BIG-IP Source Code and Vulnerability Data Exfiltrated

A new report further emphasizes the F5 breach as a critical supply-chain attack preparation by a nation-state actor. The analysis reiterates the severe future risk of new zero-day vulnerabilities being discovered and exploited due to the stolen BIG-IP source code. Check Point Research noted that a small number of F5 customers were also impacted by the data theft, aligning with previous disclosures. The incident continues to highlight the urgent need for organizations to implement CISA's directive and harden F5 product configurations against potential future exploitation.

October 14, 2025

Nation-StateAPTSource Code LeakCISAEmergency Directive +1 more

F5 Breached by Nation-State Actor; BIG-IP Source Code Stolen, CISA Issues Emergency Directive

Supply Chain Attack

Threat Actor

Massive Airline Data Breach Hits 13 Million Vietnam Airlines and Qantas Customers

Third-Party Breach at Salesforce Partner Exposes Personal Data of 7.3M Vietnam Airlines and 5.7M Qantas Customers

New details reveal the 'Scattered Lapsus$ Hunters' group demanded a ransom from Qantas, setting an October 11 deadline. Upon non-payment, the group proceeded to leak the personal information of 5.7 million Qantas customers. This confirms the use of double-extortion tactics, where data is stolen and then leaked if a ransom is not paid, escalating the threat to affected individuals and highlighting the full materialization of the threat.

October 16, 2025

Data BreachVietnam AirlinesQantasSalesforceScattered LAPSUS$ Hunters +3 more

Supply Chain Attack

Microsoft Report: AI-Generated Phishing Now 4.5x More Effective, Bypassing Traditional Defenses

AI-Powered Phishing Emails Achieve 54% Click-Through Rate, Microsoft's 2025 Digital Defense Report Reveals

A new ISACA report reveals that 63% of IT and cybersecurity professionals now consider AI-driven social engineering the top cyber threat for 2026, surpassing ransomware. Despite this consensus, only 13% of organizations feel 'very prepared' to manage generative AI risks. The report highlights the urgent need for updated defense strategies, training, and a shift towards behavioral analysis to counter hyper-personalized lures and deepfakes, indicating a significant preparedness gap in the face of evolving AI-powered attacks.

October 18, 2025