Major Incidents, Exploits, Malware and Industry Updates
Introduction
The cybersecurity landscape continues to evolve at a rapid pace, with major incidents, critical vulnerabilities, and disruptive campaigns shaping the threat environment. Over the past week, attackers targeted high-profile industries including aviation and automotive, where ransomware disrupted European airports and Jaguar Land Rover was forced to halt factory operations. Meanwhile, researchers uncovered new flaws in widely used technologies such as Cisco firewalls, and Salesforce AI tools, underscoring the persistent challenge of patch management. At the same time, phishing and malware campaigns - from large-scale CountLoader attacks to the vast ad fraud network run by Vane Viper - highlighted the creativity and scale of adversaries. This week’s recap brings together the most significant developments that security leaders and defenders need to know.
European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested
The recent cyberattack targeting Collins Aerospace, which disrupted operations at major European airports, has been attributed to the HardBit ransomware. HardBit first surfaced in 2022 and gained notoriety for negotiating ransom amounts based on victims’ cyber insurance policies. A suspect connected to the attack has since been arrested, though the incident highlights ongoing risks in the aviation sector.
Inside the Jaguar Land Rover hack: stalled smart factories, outsourced cybersecurity and supply chain woes
Jaguar Land Rover, the UK’s largest automotive employer, was forced to shut down most of its systems following a cyberattack. The highly connected nature of JLR’s smart factories made isolation impossible, stalling production across multiple plants. The disruption underscores the risks of supply chain complexity and heavy reliance on outsourced cybersecurity functions.
Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks
Two critical flaws in Cisco’s firewall products - CVE-2025-20333 and CVE-2025-20362 - were exploited by suspected China-linked actors in ArcaneDoor attacks. These vulnerabilities affect Cisco ASA and FTD software, enabling remote code execution and privilege escalation on vulnerable devices.
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Libraesva patched a vulnerability (CVE-2025-59689) in its Email Security Gateway following reports that it had been exploited by state-sponsored hackers. While rated medium severity (CVSS 6.1), the flaw’s exploitation shows attackers’ continued interest in email security systems.
Salesforce Patches CRM Data Exfiltration Vulnerability
Salesforce patched a vulnerability in its Agentforce and Einstein AI tools that could have enabled data exfiltration from customer CRM environments. Researchers at Noma Labs discovered a chain of indirect prompt injection vulnerabilities dubbed “ForcedLeak,” with an estimated CVSS score of 9.4.
Researchers Expose Phishing Threats Distributing CountLoader and PureRAT
Phishing emails impersonating Ukrainian government agencies have been used to deliver CountLoader, a malware loader that then deploys Amatera Stealer and PureMiner. Attackers leveraged SVG files to drop password-protected ZIP archives containing malicious CHM files.
Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network
Researchers exposed Vane Viper (aka Omnatuor), a threat group running one of the largest malicious ad networks ever seen. By exploiting vulnerable WordPress sites, the group generated over 1 trillion DNS queries, distributing spyware, riskware, and adware at global scale.
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds
The latest Gcore Radar report revealed a 41% year-over-year rise in DDoS activity during the first half of 2025. Attack volumes peaked at 2.2 Tbps and have become increasingly sophisticated with multi-layered strategies and longer durations. For the first time, the technology sector overtook gaming as the most targeted industry, with financial services also seeing elevated risk.
Cybersecurity
While technology-based defenses continually improve, 82% of data breaches are still caused by social engineering or human error.
Cybersecurity
There is no one-size-fits-all approach when it comes to cybersecurity; every business needs a unique cybersecurity strategy that aligns with its objectives and is suitable for the threats that particular businesses face.
Cybersecurity
To effectively mitigate these risks, CISOs must adopt a proactive approach and implement strategies that address the ever-changing cybersecurity landscape.
Cybersecurity
To have good security, it’s essential to lock down your infrastructure to prevent compromise. This is where the zero trust approach comes in.
Cybersecurity
From small businesses to major corporations, cyberattacks are becoming increasingly sophisticated and prevalent.
Cybersecurity
Data breaches have led to reputational and brand damage for 65% of organizations that failed to protect their customer data and privacy.
Cybersecurity
MSS provides a cost-effective, hassle-free solution to meet cybersecurity needs.
Cybersecurity
The RaaS model makes it incredibly easy to launch ransomware campaigns without technical expertise.
Cybersecurity
Quantum computing is not just a step forward; it’s a leap. While uncertainties remain, one thing is clear: the quantum era will redefine cybersecurity.
Cybersecurity
An insider threat is a potential risk posed by an individual within an organization who might use their privileged access or specialized knowledge to harm the organization.
Cybersecurity
One of the biggest crypto hacks in history just happened—400,000 ETH stolen in a highly sophisticated attack targeting Bybit’s cold-to-warm wallet transfer process.
Cybersecurity
Modern practices—such as Penetration Testing as a Service (PTaaS)—are revolutionizing the field.
Cybersecurity
Explore how to choose the right cybersecurity technology, solutions, and vendors to secure your organization against cyber threats without overspending or exceeding your budget.
Cybersecurity
The cybersecurity industry faces a critical challenge: a global shortage of skilled professionals. With over 4 million unfilled positions, organizations must rethink traditional hiring practices and embrace innovative strategies to bridge this gap.
Cybersecurity
Organizations face a critical disadvantage: while defenders must succeed every time, attackers need only one successful breach.
Cybersecurity
Social engineering remains one of the most potent threats in cybersecurity, exploiting inherent human vulnerabilities to bypass technical defenses.
Cybersecurity
APIs now account for 83% of internet traffic, serving as the backbone of web applications, mobile apps, microservices, and cloud-native architectures.
Cybersecurity
For executive leaders to make informed decisions, cybersecurity metrics must be translated into the language of business: financial impact, risk quantification, and strategic alignment.
Cybersecurity
As organizations navigate these risks, cybersecurity insurance has emerged as a critical financial control to mitigate losses and ensure business continuity.
Cybersecurity
Modern CISOs must align security initiatives with business objectives, translating complex technical risks into strategic decisions that impact revenue, reputation, and operational continuity.
Cybersecurity
This article highlights the limitations of standard email defense and ways to strengthen the email perimeter without disrupting employees’ productivity.
Cybersecurity
This article explores how identity has replaced the network perimeter, and how enterprises can realign their security strategies to better protect critical assets.
Ready to get started? Fill out the form below and we'll get back to you in no time!
risk decrease
To: Paratus
Thank you for reaching out to us. Your request has been received, and we will get back to you within the next 24 hours. Alternatively, you can also reach us at [email protected]
To: Paratus
To: Paratus