CISA Warns of Actively Exploited Zero-Days in Fortinet & Dassault Systems; Massive Infostealer Dump Exposes 183M Credentials
Summary
This 24-hour period is marked by critical zero-day vulnerabilities and massive data exposure events. CISA has added actively exploited flaws in Fortinet's FortiWeb and Dassault Systèmes' DELMIA Apriso products to its KEV catalog, demanding urgent patching from federal agencies. Concurrently, a colossal dataset of 183 million credentials, harvested by infostealer malware like RedLine and Vidar, has been discovered, heightening the risk of widespread credential stuffing attacks. Other significant events include a supply chain breach at healthcare vendor Cerner, new ransomware attacks by Safepay and BlueNoroff, and disclosures of vulnerabilities in Apache Tomcat and OpenAI's new Atlas browser.
Today New Articles
Infostealer Malware Campaign Dumps 183 Million Credentials Online
A colossal 3.5-terabyte dataset named "Synthient," containing 183 million unique email and password combinations, has been indexed by Have I Been Pwned. The credentials were not stolen from a single service breach but were aggregated over time from devices inf...
Cerner Discloses Patient Data Breach at Alaskan Hospital Months After Initial Intrusion
Electronic health records (EHR) vendor Cerner Corporation has informed Mat-Su Regional Medical Center in Alaska of a data breach affecting patient information. The security incident, which involved unauthorized access to legacy Cerner systems, was first detect...
Slow Email Breach Response Leads to 79% Higher Ransomware Risk, Report Finds
A new report from Barracuda Networks reveals a strong correlation between slow incident response times for email breaches and the likelihood of a subsequent ransomware attack. Organizations that take over nine hours to remediate an email compromise face a 79%...
CISA Warns of Actively Exploited Flaws in Dassault Systèmes' Manufacturing Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities in Dassault Systèmes' DELMIA Apriso manufacturing software to its Known Exploited Vulnerabilities (KEV) catalog. The flaws, CVE-2025-6205 (CVSS 9.1) and CVE-2025-620...
Apache Tomcat Flaws Expose Servers to Path Traversal and RCE Risk
The Apache Software Foundation has disclosed two new vulnerabilities impacting Apache Tomcat versions 9, 10, and 11. The most severe flaw, CVE-2025-55752, is a directory traversal vulnerability rated 'Important' that could allow an attacker to bypass security...
North Korean APT BlueNoroff Uses AI-Driven Spyware in New 'GhostCall' and 'GhostHire' Campaigns
The North Korean APT group BlueNoroff is conducting two new financially motivated campaigns, 'GhostCall' and 'GhostHire,' targeting the cryptocurrency and venture capital sectors. According to research from Kaspersky, the group is using sophisticated social en...
Hacking Team Successor Memento Labs Linked to Chrome Zero-Day and 'Dante' Spyware
Kaspersky researchers have linked Memento Labs, the Italian company that succeeded the notorious surveillance vendor Hacking Team, to a cyber-espionage campaign that used a Google Chrome zero-day (CVE-2025-2783). The campaign, dubbed "Operation ForumTroll," ta...
Cisco and Citrix VPNs Linked to 5-7x Higher Ransomware Risk, At-Bay Report Finds
A new report from cyber-insurance provider At-Bay identifies email and remote access as the entry points for 90% of cyber claims in 2024. The 2025 InsurSec Rankings Report found that organizations using on-premise VPNs from vendors like Cisco and Citrix were f...
Fortinet Silently Patches Critical, Actively Exploited FortiWeb Zero-Day
Fortinet has quietly released a patch for a critical, actively exploited zero-day vulnerability in its FortiWeb Web Application Firewall (WAF). The flaw, tracked as CVE-2025-64446 (CVSS 9.8), is a path traversal vulnerability that allows an unauthenticated rem...
City of Gloversville, NY, Pays Partial Ransom After Attack Compromises Employee Data
The City of Gloversville, New York, has suffered a ransomware attack that was discovered on October 27, 2025. The attack disrupted city computer systems and compromised the personal and payroll information of current and former employees, including bank accoun...
Article Updates
Microsoft Report: AI-Generated Phishing Now 4.5x More Effective, Bypassing Traditional Defenses
Update:A colossal collection of 183 million unique email and plaintext password combinations, dubbed 'Synthient Stealer Log Threat Data,' has been discovered on underground forums and added to Have I Been Pwned. This data was aggregated from numerous infostealer malw...
18 Minutes to Mayhem: Ransomware Attacks Now Fully Automated, Slashing Defender Response Time
Update:A new report from Coveware indicates a significant shift in the ransomware landscape. The percentage of victims paying ransoms dropped to a historic low of 23% in Q3 2025, with average payments plummeting by 66%. This decline is attributed to large enterprises...
CISA Orders Federal Agencies to Patch New Actively Exploited Vulnerability
Update:CISA has now identified the previously unspecified actively exploited vulnerability as two critical flaws (CVE-2025-6204, code injection; CVE-2025-6205, missing authorization) affecting Dassault Systèmes' DELMIA Apriso manufacturing software. These vulnerabili...