Weekly Cybersecurity Briefing (18 – 24 August 2025)
This week saw large-scale data breaches, critical infrastructure attacks, and new zero-day exploits across major platforms. Financial services, telecommunications, and healthcare were among the most affected sectors.
Allianz Life confirmed a Salesforce-linked breach impacting 1.1 million customers, with stolen data later appearing on Have I Been Pwned. Other breaches hit Orange Belgium, iiNet, and Intel, each exposing hundreds of thousands of records. DaVita separately disclosed that ransomware operators accessed 2.7 million patient records.
Apple released emergency updates for CVE-2025-43300, a zero-day flaw in the ImageIO framework exploited in targeted attacks. Microsoft issued urgent fixes for broken Windows recovery tools, while Google and Mozilla patched high-severity browser flaws. Cisco and N-able addressed actively exploited vulnerabilities, and SAP NetWeaver flaws were confirmed to have public exploits.
Law enforcement and policy actions also made headlines. INTERPOL’s Operation Serengeti 2.0 dismantled cybercrime operations across 18 African nations, with over 1,200 arrests. In the United States, a Scattered Spider member was sentenced to ten years in prison, and investigators seized ransomware-linked cryptocurrency.
Threat researchers documented multiple malware and supply chain risks. PipeMagic masqueraded as a ChatGPT desktop app to deploy ransomware. Malicious npm, Python, and Go packages delivered backdoors and credential stealers. Campaigns targeting Redis and GeoServer exploited vulnerabilities to build botnets and monetise bandwidth.
State-sponsored activity continued. Russian group Static Tundra exploited unpatched Cisco devices to infiltrate critical infrastructure, while China-linked Murky Panda leveraged cloud trust relationships for espionage. Pakistani APT36 used malicious Linux files to target defence and government entities.
Source: CyberSecBrief









