Critical Infrastructure Under Fire: CISA Warns of Major ICS Flaws, State-Sponsor Breaches F5 BIG-IP

Publication Date: November 5, 2025

Summary

This cybersecurity brief for November 5, 2025, covers a series of high-stakes threats targeting critical infrastructure and enterprise security. CISA has disclosed severe vulnerabilities in industrial control systems from five vendors, while a state-sponsored actor has breached F5, compromising its BIG-IP source code and creating a significant supply chain risk. Other major developments include the evolution of the DragonForce ransomware group into a 'cartel' with ties to Scattered Spider, the indictment of cybersecurity insiders for deploying BlackCat ransomware, and a massive data breach at a Swedish IT firm exposing 1.5 million individuals' data. These events underscore the growing threats to OT environments, the sophistication of ransomware actors, and the persistent danger of insider threats and cloud misconfigurations.

Today New Articles

CISA Warns of Critical ICS Flaws in Fuji, Delta, and Radiometrics Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released five advisories detailing critical vulnerabilities in Industrial Control Systems (ICS) from Fuji Electric, Survision, Delta Electronics, Radiometrics, and IDIS. The flaws, which incl...

CISA Adds Actively Exploited Gladinet and CWP Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming they are under active attack. The flaws include an information disclosure bug in Gladinet Centre...

Swedish IT Firm Breach Exposes Data of 1.5 Million, Sparks GDPR Probe

The Swedish IT services firm Miljödata has suffered a severe data breach, exposing the personal and potentially sensitive information of over 1.5 million people. The incident, which occurred in late August, resulted in the stolen data being published on the da...

Identity is the New Perimeter: Stolen Credentials and Over-Privileged Accounts Drive Cloud Breaches

A consensus is forming across the cybersecurity industry: identity is the new security perimeter in the cloud. New reports from ReliaQuest and Amazon Web Services (AWS) reveal that identity-based attacks are the leading driver of cloud security incidents. Key...

Hackers Claim Breach and Full Database Theft from Russian Nuclear Waste Facility 'Radon'

A threat actor has posted on a data leak forum claiming to have breached Radon, a Russian state-owned enterprise responsible for nuclear waste management and operated by the nuclear giant Rosatom. The attackers allege they have stolen the company's entire data...

Article Updates

F5 Hacked by Nation-State Actor; BIG-IP Source Code Stolen

Update:New information reveals the F5 BIG-IP breach by UNC5221 also compromised some customer data and is now confirmed as a supply chain attack, contradicting earlier reports. This significantly escalates the threat, particularly for critical infrastructure sectors,...