In early 2025, China-linked APT group Jewelbug infiltrated a Russian IT service provider, operating undetected for months. The campaign demonstrates the evolution of Chinese espionage and the rising threats to supply chain integrity across borders.
The UK now endures four nationally significant cyber attacks every week. Here’s the verified picture behind the surge, the sectors feeling the pressure, why the threat curve steepened, and how security teams should respond without delay.
In October 2025, Microsoft rolled out updates for a remote code execution vulnerability in IIS, catalogued as CVE-2025-59282. This flaw affects the handling of Inbox COM objects, where critical memory operations do not include sufficient synchronization. Attackers can exploit this by triggering a race condition combined with a use-after-free scenario. Though Microsoft rates it as…
Security researchers discovered a critical vulnerability in Oracle E-Business Suite (EBS) that enables privilege escalation across enterprise systems. The flaw, tracked under CVE-2025-31245, could allow attackers to execute administrative actions without proper authorization if left unpatched.
Hackers have leaked data stolen from Qantas Airways after the airline missed a ransom deadline. The leak includes customer identifiers, flight data, and communication logs. Authorities are working with ACSC and AFP Cybercrime Operations to contain exposure and verify authenticity.
Researchers now track a widespread compromise of SonicWall SSL VPN accounts. Because attackers authenticate with valid credentials, defenders face rapid lateral movement and limited warning windows. Therefore, teams must review access logs, reissue secrets, and re-establish trust at the remote edge.
The ChaosBot malware campaign is exploiting Cisco VPN credentials and Active Directory passwords to infiltrate enterprise environments. By combining brute-force attacks with credential reuse, ChaosBot’s operators are building a fast-spreading botnet focused on corporate VPN and identity systems.
A new Cl0p ransomware breach has hit dozens of organizations across finance, energy, and logistics sectors. Analysts warn the campaign marks a resurgence of the group’s dark-web leak operations, signaling a return to large-scale, supply-chain-style extortion attacks.
The newly discovered ClayRat Android spyware represents one of 2025’s most sophisticated state-sponsored mobile espionage tools. Designed to collect device data, intercept communications, and monitor app activity, ClayRat’s discovery highlights how Android remains a prime target in global intelligence operations.
Google has disclosed a widespread Oracle-linked hacking campaign impacting dozens of organizations across sectors including energy, tech, and logistics. The operation, active since mid-2025, exploited software integrations between vendors and clients marking one of the year’s most significant supply chain cyberattacks.