Microsoft Azure Outage Causes Global Chaos; CISA Warns of Actively Exploited WSUS Flaw

Publication Date: October 30, 2025

Summary

This cybersecurity brief for October 30, 2025, covers a widespread Microsoft Azure outage triggered by a configuration error, a critical CISA alert for an actively exploited Windows Server vulnerability (CVE-2025-59287), and massive data breaches at government contractor Conduent and consulting giant EY. New threats include the 'Herodotus' Android malware and the 'logins[.]zip' infostealer, while the UK government considers a ransomware payment ban in response to escalating attacks.

Today New Articles

Conduent Data Breach: 10 Million+ Individuals' Personal & Medical Data Exposed

Conduent Business Services, a major contractor for U.S. government agencies, has disclosed a massive data breach impacting over 10 million individuals. The incident, which occurred between October 2024 and January 2025, involved an unauthorized third party gai...

Ad Giant Dentsu's Subsidiary Merkle Hit by Cyberattack, Staff and Client Data Exposed

Global advertising firm Dentsu has confirmed that its US-based customer experience management (CXM) subsidiary, Merkle, was the target of a cyberattack. The company detected 'abnormal activity' on Merkle's network and proactively shut down certain systems to c...

EY Leaks 4TB+ SQL Database Packed with Corporate Secrets via Cloud Misconfiguration

Consulting giant EY (Ernst & Young) inadvertently exposed a massive, 4TB+ SQL Server backup file to the public internet due to a cloud storage misconfiguration. The unencrypted `.BAK` file, discovered by researchers at Neo Security, contained a treasure trove...

IncRansom Claims 20TB Data Heist from Evolve Mortgage Services

The 'incransom' ransomware group has claimed responsibility for a significant data breach at Evolve Mortgage Services, listing the company on its dark web leak site on October 30, 2025. The attackers allege they have stolen over 20 terabytes of data, including...

New 'logins[.]zip' Infostealer Claims 99% Credential Theft in 12 Seconds Using Zero-Days

A new Malware-as-a-Service (MaaS) infostealer named 'logins[.]zip' is being sold on the clear web, boasting incredible speed and efficiency. According to a report from Hudson Rock, its authors claim it can exfiltrate 99% of passwords and cookies from a victim'...

Article Updates

UK's NCSC Warns 'Nationally Significant' Cyber Attacks Have More Than Doubled

Update:Following the NCSC's 2025 Annual Review, which highlighted a doubling of 'nationally significant' cyberattacks, the UK government is consulting on new legislation. Key proposals include a targeted ban on ransomware payments for public sector bodies and Critica...