Date of Incident: 2025-09-02 Overview: In September 2025, Jaguar Land Rover experienced a significant cyberattack that disrupted production activities and resulted in data theft. The attackers exploited vulnerabilities in their systems to gain access, using techniques such as valid accounts and public-facing application exploits. They then moved laterally within the network, deploying custom malware for… Read More »Jaguar Land Rover Cyberattack 2025
The cybersecurity landscape during September 3-9, 2025, was dominated by several critical developments that demand immediate attention from security leaders. Most notably, a massive npm supply chain attack compromised over 18 widely-used JavaScript packages with billions of weekly downloads, while two actively exploited Android zero-day vulnerabilities (CVE-2025-38352 and CVE-2025-48543) underscored the persistent threat of mobile… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 03 Sep – 09 Sep, 2025
September 2025 has exposed the catastrophic vulnerability of supply chain ecosystems and education infrastructure, with over 71.5 million individuals affected across eight major cybersecurity incidents. The reporting period demonstrates an unprecedented escalation in nation-state operations orchestrated by UNC6395 (Chinese-linked APT) through sophisticated OAuth token supply chain attacks, while education technology platforms suffered the largest data… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 02 Sep – 08 Sep, 2025
The final week of August 2025 witnessed a convergence of sophisticated supply chain attacks, critical infrastructure targeting, and state-sponsored campaigns that collectively demonstrated the accelerating sophistication and impact of modern cyber threats. The most significant developments include the first-ever AI-assisted supply chain attack through the Nx build platform compromise, the widespread Salesloft Drift OAuth token… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 26 Aug – 01 Sep, 2025
The past week has witnessed a sophisticated escalation in nation-state and organized crime group activities, with over 5 million individuals affected across six major cybersecurity incidents. The reporting period is dominated by supply chain attacks targeting OAuth integrations, advanced ransomware campaigns against critical infrastructure, and coordinated credential harvesting operations orchestrated by the Chinese-linked threat actor… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 26 Aug – 01 Sep, 2025