State of (in)security - Week 27, 2025

The week of June 30 - July 7, 2025 had 11 vulnerability advisories and 14 security incidents affecting approximately 6.7 million individuals, dominated by the Qantas Airways cyberattack potentially impacting up to 6 million customers and a suspected ransomware attack causing global outages at IT distributor Ingram Micro. The week featured critical vulnerabilities in enterprise systems including Cisco's Unified Communications Manager with hardcoded credentials, HIKVISION security platforms, and Bluetooth devices enabling remote eavesdropping.

**This week malware code was reported to have a vulnerability that can be exploited against the owners of the malware. Obviously, we don't really care if the criminals patch their software. But this is a prime example that all software can be flawed, and that input validation IS ALWAYS A GREAT IDEA.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-27-2025-z-j-o-5-m/gD2P6Ple2L

State of (in)security - Week 26, 2025

The week of June 23-30, 2025 saw 16 vulnerability advisories and 14 security incidents affecting approximately 7.4 million individuals, dominated by Paraguay's catastrophic data breach where hacktivists leaked personal information of the entire population (7.4 million citizens) and active exploitation of critical Citrix NetScaler vulnerabilities dubbed "Citrix Bleed 2."

**Infostealers are a nightmare, especially if they stumble on a computer with system accounts. Suddenly the entire country's data can be at risk. Work both on technical prevention and on very diligent awareness of people to persuade them not to be optimists and download crap, click on links and save passwords in browsers.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-26-2025-y-2-t-a-u/gD2P6Ple2L

State of (in)security - Week 25, 2025

The week of June 16-23, 2025 saw 16 vulnerability advisories and 17 security incidents affecting approximately 9.7 million individuals, with major ransomware attacks hitting organizations like Aflac Insurance and Tonga's Ministry of Health. Critical vulnerabilities are actively exploited in WordPress themes, TP-Link routers, and multiple enterprise systems.

**AI integrations require rock-solid tenant isolation at every layer of the system, and experimental AI features need extra security safeguards and logging to track data access patterns. As a user, be cautious with AI features, understand exactly what data your favorite AI can access, don't over-share because AI implementations are far from well understood and controlled - even when the developer has only the best intentions.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-25-2025-k-9-6-v-6/gD2P6Ple2L

State of (in)security - Week 24, 2025

During the week of June 9-16, 2025, there were 31 total cybersecurity events (10 vulnerabilities and 21 incidents/breaches) affecting over 3.3 million individuals. Malware and ransomware attacks are the primary cause (9 incidents) and IT, government, healthcare, and insurance sectors being most heavily targeted.

**Attackers are hiding malicious AI commands in messages to people, hoping people will use AI to parse messages. Read your messages! Before an AI does that! Be very careful about messages with content that looks like AI prompt instructions to do something which makes little sense to you. If not needed, fully delete such messages and content and report it to your admins so it's possibly not loaded into the AI.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-24-2025-7-g-s-e-6/gD2P6Ple2L

State of (in)security - Week 23, 2025

During the week of June 2-9, 2025, cybersecurity incidents surged with 23 data breach events impacting over 212 million individuals (up from 2.44 million the previous week), driven primarily by malware/ransomware attacks (6 incidents) and a massive unsecured database exposure affecting 100 million users. The week was marked by active exploitation of critical vulnerabilities in widely-used systems including Roundcube, Wazuh, and Chrome and destructive supply chain attacks targeting software packages.

**External packages can be compromised. Always vet them and make sure to use packages with a lot of contributors and and a lot of users. Avoid brand new packages and packages with a single contributor and NEVER just trust packages suggested by AI.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-23-2025-x-v-d-k-o/gD2P6Ple2L

State of (in)security - Week 22, 2025

During the week of May 26 - June 2, 2025, there were 14 vulnerability advisories and 20 security incidents/data breaches, impacting approximately 2.44 million individuals across various sectors including healthcare, retail, and government. The primary attack vectors were malware/ransomware (7 incidents), software vulnerabilities (3), and third-party compromises (3).

**Nobody wants to give you money - EVER! If someone offers you thousands or millions, it's a scam. Never pay any fees or "verification" charges to access the supposed money. You'll only be sending your real money to criminals.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-22-2025-f-4-4-p-o/gD2P6Ple2L

State of (in)security - Week 21, 2025

During the week of May 19-26, 2025, cybersecurity incidents surged with 13 vulnerability advisories and 17 data breach incidents affecting over 184 million individuals—nearly double the previous week's impact of 93 million. The incidents were primarily driven by malware and ransomware attacks (5 cases). A massive stolen credentials database leak exposing 184 million records are the largest single breach.

**Three examples of insider threats in a single week. However unpleasant, insider controls are very important and insider abuse is a very real thing.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-21-2025-x-z-p-a-s/gD2P6Ple2L

State of (in)security - Week 20, 2025

During the week of May 12-19, 2025, there were 31 cybersecurity events (12 advisory/vulnerability events and 19 incident/data breach events) affecting over 93.8 million individuals. System Misconfiguration Exploits are the most common incident cause and the IT/Software/Technology sector experiencing the highest number of incidents.

**We all like to consider our colleagues good people, and we don't want to insult them by assuming they can do something bad. But this week we had two examples why controls against malicious insiders are important. However painful it is to consider that your colleagues may be malicious, you still need controls against it.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-20-2025-i-w-u-u-d/gD2P6Ple2L

State of (in)security - Week 19, 2025

The weekly cybersecurity report (May 5-12, 2025) shows increases in both advisories (13, up from 9) and incidents (22, up from 18) and 2.8 million individuals reported to be impacted. Leading cause of attack are malware/ransomware attacks (6). Most impacted industries are IT/Technology and Education sectors (4 incidents each).

**Three rules this week: (1) Your company MUST have responsible disclosure channel to be able to quickly react to reported issues. (2) There is no honor among criminals. This is why it's usually pointless to pay a ransom for stolen data. Criminals will most likely retain the data and extort everyone as much as possible. (3) Never try to write your own cryptography, because that usually ends up with a flawed implementation. Use well known deeply tested libraries.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-19-2025-2-e-s-i-g/gD2P6Ple2L

State of (in)security - Week 18, 2025

Between April 28 and May 5, 2025, there were 9 advisory/vulnerability events and 16 incident/data breach events in cybersecurity, with over 20 million individuals impacted (up from 396,000 the previous week). The largest breach affecting UK retailer Co-op where ransomware forced IT systems shutdown exposing 20 million people.

**When installing new code libraries or packages, always verify their legitimacy by checking for active development, multiple contributors, and an active development history of at least 2-3 years. Organizations should maintain approved package lists and educate developers about security risks. Individual developers should research packages on trusted platforms like StackOverflow before implementation.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-18-2025-p-t-o-u-l/gD2P6Ple2L

State of (in)security - Week 17, 2025

During the week of April 21-28, 2025, there was an increase in cybersecurity advisories (19, up from 10 the previous week) and a slight decrease in incidents (16, down from 18), with a total of 396,281 impacted individuals across various sectors including healthcare, government, and telecommunications, primarily due to human bad security behavior, system misconfiguration exploits, and third party compromise.

**Be very conscious about third party vulnerabilities. There are a lot of vulnerable libraries that we are using, and even some that hackers have actively breached and injected malicious code. Keep third party code in your risk plan, and try to monitor it regularly. It's hard, but checking will let you sleep better.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-17-2025-n-4-5-z-a/gD2P6Ple2L

State of (in)security - Week 16, 2025
During the week of April 14-21, 2025, cybersecurity incidents decreased compared to the previous week, with 10 vulnerability events and 18 data breach/incident events affecting 8.5 million individuals across various sectors. Healthcare was the most targeted industry with 5 incidents, while malware and ransomware attacks were the most common cause (6 incidents), followed by software vulnerabilities and system misconfiguration exploits.

**When you are in the business of trolling and insulting a bunch of people, make sure to patch your infrastructure. Because everyone has a beef against you. And your old PHP version from 2016 will be hacked, like it did for 4chan. And MAKE SURE TO UPDATE ALL WINDOWS. They are actively hacked.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-16-2025-4-l-v-6-6/gD2P6Ple2L

State of (in)security - Week 15, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-15-2025-g-h-k-o-o/gD2P6Ple2L

State of (in)security - Week 14, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-14-2025-n-w-p-p-o/gD2P6Ple2L

State of (in)security - Week 13, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-13-2025-b-u-6-5-c/gD2P6Ple2L

State of (in)security - Week 12, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-12-2025-l-n-3-7-3/gD2P6Ple2L

State of (in)security - Week 11, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-11-2025-v-d-o-c-b/gD2P6Ple2L

State of (in)security - Week 10, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-10-2025-x-m-s-o-1/gD2P6Ple2L

State of (in)security - Week 9, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-9-2025-i-5-f-u-a/gD2P6Ple2L

State of (in)security - Week 8, 2025
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-8-2025-v-x-g-d-f/gD2P6Ple2L