A critical vulnerability (CVE-2025-5086) in DELMIA Apriso factory software is being actively exploited in the wild. The flaw, a deserialization of untrusted data issue, enables remote code execution and affects versions from 2020 through 2025.

In Vietnam, the CIC was breached, with attackers claiming to have stolen 160 million records. In Panama, the Ministry of Economy and Finance (MEF) was targeted by the INC ransomware group, which claims to have exfiltrated 1.5 TB of data.

A new phishing-as-a-service platform, VoidProxy, has emerged as a significant threat by enabling attackers to bypass multifactor authentication (MFA) and compromise high-value accounts.

HybridPetya mimics Petya/NotPetya and introduces the ability to bypass UEFI Secure Boot using CVE-2024-7344. Although not yet seen in the wild, it demonstrates a significant evolution in ransomware capabilities by targeting UEFI-based systems.

These attacks are highly sophisticated, often leveraging zero-day bugs and requiring no user interaction. The primary targets include high-risk individuals such as journalists, lawyers, activists, politicians, and executives in strategic sectors.

Cisco has addressed multiple high- and medium-severity vulnerabilities in its IOS XR software. These flaws include a DoS bug via ARP broadcast storms, an image verification bypass vulnerability, and an ACL bypass issue in the management interface.

Google has released a critical security update for Chrome addressing two high-severity vulnerabilities: CVE-2025-10200 and CVE-2025-10201. These flaws could potentially allow remote code execution and compromise user systems.

VMSCAPE undermines the isolation between virtual machines and the hypervisor, allowing attackers to extract sensitive data such as cryptographic keys used for disk encryption.

Akira ransomware affiliates continue to exploit SonicWall firewalls by leveraging a combination of vulnerabilities and misconfigurations. Despite the availability of a patch for CVE-2024-40766, many systems remain unpatched.

The ICO analyzed 215 insider threat breach reports from the education sector between January 2022 and August 2024 and identified a pattern of student involvement in cyber incidents. Approximately 57% of these breaches were caused by students.