Cyber Briefing: 2025.08.22

👉 What are the latest cybersecurity alerts, incidents, and news?

FSB-linked hackers exploited Cisco devices. Apple patched a zero-day flaw. Chinese groups Murky, Genesis, and Glacial Panda targeted cloud and telecom systems. Microsoft faced a Copilot and Office.com outage. Qilin ransomware hit Nissan CBI, and DaVita reported 2.7M records stolen. INTERPOL arrested 1,209 cybercriminals in Africa. A former developer was jailed for malware sabotage, and Microsoft halted SharePoint PoC sharing with China.

Listen to our podcast here ⏬

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe

🚨 Cyber Alerts

1. FBI Warns FSB Hackers Exploit Cisco Flaws

Static Tundra, a Russian state-sponsored cyber espionage group, has been exploiting a seven-year-old security flaw (CVE-2018-0171) in Cisco network devices to gain and maintain persistent access to target networks. These attacks, which are part of a long-term intelligence-gathering campaign, are aimed at organizations of strategic interest to Russia, including those in the telecommunications, higher education, and manufacturing sectors.

2. Apple Patches New Zero-Day Exploit

Apple recently released urgent software updates to patch a zero-day vulnerability that was actively exploited in sophisticated attacks. The flaw, identified as CVE-2025-43300, is an out-of-bounds write in the Image I/O framework that could allow memory corruption and remote code execution through a malicious image file.

3. Chinese Hackers Boost Cloud Espionage

A China-linked cyber espionage group, Murky Panda, is exploiting trusted relationships in cloud environments to breach enterprise networks, leveraging its ability to quickly weaponize new and existing vulnerabilities. The group, also known as Silk Typhoon, gains initial access by exploiting internet-facing appliances and uses a custom malware, CloudedHope, to maintain persistence and conduct intelligence gathering.

For more alerts, click here!

💥 Cyber Incidents

4. Microsoft Probes Copilot, Office Outage

Microsoft experienced a critical service outage that affected users in North America, preventing them from accessing Office.com and the Copilot AI assistant. The company identified a recent configuration change as the root cause, and the issue was resolved after reverting the update.

5. Qilin Gang Hits Nissan CBI with Breach

The Qilin ransomware group claims to have stolen 4TB of sensitive data from Nissan's design subsidiary, Creative Box Inc. (CBI), and is threatening to leak it unless a ransom is paid. The leaked samples include car design files, financial spreadsheets, and internal documents, which could give competitors a significant advantage.

6. DaVita Data Breach Hits 2.7M People

Kidney dialysis firm DaVita recently confirmed that a ransomware attack led to the theft of personal and health information belonging to nearly 2.7 million individuals. The Interlock ransomware gang claimed responsibility for the breach, which occurred from late March to mid-April, and leaked a portion of the stolen data after ransom negotiations failed.

For more incidents, click here!

📢 Cyber News

7. INTERPOL Nabs 1,209 Cybercriminals

On Friday, INTERPOL announced the arrest of 1,209 cybercriminals across 18 African countries, targeting 88,000 victims in an operation that recovered $97.4 million. The multi-country effort, dubbed Operation Serengeti, focused on combating a variety of cybercrimes, including online scams, ransomware, and business email compromise.

8. Ex-Dev Jailed for Employer Malware Hit

A 55-year-old Chinese national, Davis Lu, was sentenced to four years in prison for sabotaging his former employer's network. He deployed custom malware and a "kill switch" that triggered when his access was revoked, causing significant financial damage and disrupting thousands of users.

9. Microsoft Halts PoC Sharing with China

Microsoft has halted the sharing of proof-of-concept (PoC) exploit code with Chinese firms participating in its Microsoft Active Protections Program (MAPP) following a suspected leak that led to the mass exploitation of SharePoint vulnerabilities in July. Instead, these firms will now only receive written bug descriptions, a change aimed at curbing future leaks while maintaining the program's defensive utility.

For more news, click here

📈Cyber Stocks

In the morning of Friday, August 22, 2025, cybersecurity stocks showed mixed momentum as markets awaited signals from the Jackson Hole symposium and navigated broader tech valuation pressures.

• SentinelOne (S) dropped 0.60% to $16.64, following sector-wide retrenchment in AI-exposed names and pre-earnings positioning seen across smaller cybersecurity players.
• Check Point Software Technologies (CHKP) eased 0.47% to $188.41, as investor interest waned modestly amid defensive rotation and caution in high-multiple tech sectors ahead of economic data releases
• Okta (OKTA) declined 1.34% to $89.78, as concerns over macroeconomic headwinds and uncertainties around interest rates tempered investor optimism in identity security growth stories
• Rapid7 (RPD) slipped 0.79% to $20.12, pressured by a broader pullback in growth stocks as markets weighed interest rate uncertainty ahead of the Fed chair’s speech and digestive sentiment on cybersecurity valuations.
• Palo Alto Networks (PANW) dipped 0.60% to $183.32, as investors absorbed mixed signals, strong AI-driven growth potential remains amid caution over lofty valuations and potential slowdown in tech momentum following Powell’s upcoming remarks.

💡 Cyber Tip

📱 Update Apple Devices Now to Patch Actively Exploited Zero-Day

Apple has released urgent security updates fixing CVE-2025-43300, an out-of-bounds write vulnerability in the Image I/O framework. This flaw allows attackers to use a malicious image file to corrupt memory and execute code remotely. Apple confirmed it was exploited in targeted attacks against specific individuals.

✅ What you should do

• Update iPhones and iPads to the latest iOS 18.6.2 / iPadOS 18.6.2
• Update Macs to macOS Sequoia 15.6.1, Sonoma 14.7.8, or Ventura 13.7.8
• Apply available patches for older supported devices
• Enable automatic updates and also check manually to confirm installation
• Stay alert to new Apple security advisories and patch quickly

🔒 Why this matters

This is the sixth zero-day Apple patched in 2025, showing that even well-defended platforms are frequent targets. Updating immediately is the only effective way to block this exploit and protect your data from highly sophisticated attacks.

📚 Cyber Book

IoT and IIoT: The origin, evolution and future by RAVI SHARMA

Get book: https://amzn.to/3YMwUqp

💼 Cyber Jobs

Today’s 10 curated cybersecurity job openings: 

1. 🇺🇸 Ford Motor Company – Cybersecurity Engineer, Dearborn, MI, USA – Apply
2. 🇺🇸 Dakota State University – Cybersecurity Engineer, Madison, SD, USA – Apply
3. 🇺🇸 MicroVision® – Security Analyst, Redmond, WA, USA – Apply
4. 🇺🇸 GM Financial – Cybersecurity Engineer, Arlington, TX, USA – Apply
5. 🇺🇸 Refactor Talent – Cyber Security Analyst, Waterford, MI, USA – Apply
6. 🇬🇧 Spektrum – Cybersecurity Specialist, Matlock, England, UK – Apply
7. 🇬🇧 Deutsche Bank – Cyber Hygiene Cloud Security Specialist, London, England, UK – Apply
8. 🇬🇧 M Group Telecom – Security Engineer, United Kingdom – Apply
9. 🇨🇦 Infenox Technologies – Cybersecurity Analyst, Mississauga, ON, Canada – Apply
10. 🇨🇦 MDA Edge – Network Security Engineer, Montreal, QC, Canada – Apply

If you know someone on the job hunt, share this with them!

📅 Cyber Events

Find global upcoming cybersecurity events here.

1. 🇬🇧 #CS4CA – London, UK – September 30, 2025 – RSVP
2. 🇬🇧 International Cyber Expo – London, UK – September 30 – October 1, 2025 – RSVP
3. 🇨🇦 SECTOR – Toronto, Canada – September 30 – October 2, 2025 – RSVP
4. 🇺🇸 Innovate Cybersecurity Summit – Scottsdale, AZ – October 5–6, 2025 – RSVP
5. 🇪🇺 European Cybersecurity Challenge (ECSC) – Europe – October 6–10, 2025 – RSVP
6. 🇫🇮 Cyber Security Nordic – Helsinki, Finland – November 4–5, 2025 – RSVP
7. 🇧🇷 CS4CA LatAm Summit – São Paulo, Brazil – November 4–5, 2025 – RSVP
8. 🇨🇦 Cyber Summit – Banff, Canada – November 4–6, 2025 – RSVP
9. 🇩🇪 Enterprise AI Security Transformation Assembly Europe – Munich, Germany – November 5, 2025 – RSVP
10. 🇺🇸 SecureWorld Seattle – Bellevue, WA – November 5–6, 2025 – RSVP

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium