Date of Incident: August 9, 2025 Overview: In August 2025, F5 Networks experienced a breach by nation-state hackers who accessed and stole the source code, undisclosed vulnerabilities, and some customer configuration details of their BIG-IP products. Occurring on August 9 and reported on October 15, the attack involved advanced persistent threat actors utilizing specific MITRE… Read More »F5 BIG-IP Source Code and Vulnerabilities Breach
The final week of September 2025 saw critical cybersecurity incidents impacting global aviation, automotive, retail, and manufacturing sectors. Key events include a crippling ransomware attack on Collins Aerospace that disrupted European airports, a major data breach at Stellantis exposing 18 million customer records via a compromised Salesforce platform, and a system-wide outage at Japan’s Asahi… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 23 Sep – 29 Sep, 2025
A critical vulnerability, CVE-2025-54253, was discovered in Adobe Experience Manager (AEM) Forms on JEE, a widely used enterprise Java application platform. This vulnerability arises from improper handling of OGNL expressions in an exposed debug servlet, allowing attackers to bypass authentication and remotely execute arbitrary code. With a maximum severity rating of CVSS 10.0, this vulnerability… Read More »CVE-2025-54253: Pre-Auth RCE – Adobe AEM Forms on JEE Critical OGNL Injection
Date of Incident: September 2025 Overview: In September 2025, SonicWall experienced a security incident affecting less than 5% of its firewall install base. The breach involved unauthorized access to firewall configuration backup files via brute-force attacks on the company’s cloud API service. Attackers potentially gained access to sensitive information such as credentials and tokens. While… Read More »SonicWall Firewall Configuration Backup Breach
The final week of August 2025 witnessed a convergence of sophisticated supply chain attacks, critical infrastructure targeting, and state-sponsored campaigns that collectively demonstrated the accelerating sophistication and impact of modern cyber threats. The most significant developments include the first-ever AI-assisted supply chain attack through the Nx build platform compromise, the widespread Salesloft Drift OAuth token… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Aug – 01 Sep, 2025