State of (in)security - Week 33, 2025
Take action: Keep up with the regular patching process. A bunch of updates for every single platform, and almost immediately hackers begin exploiting them. However tedious patching is, it's still better than being hacked.
Learn More
In the week between Aug. 11, 2025, midnight and Aug. 18, 2025, midnight we witnessed a total of:
- 15 advisory/vulnerability events
- 24 incident/data breach events
Week over Week comparison of week 33 2025 vs week 32 2025:
- Advisories are down and incidents are up from the previous week. Advisories are down from 21 in week 32 to 15 in week 33. Incidents are up from 20 in week 32 2025 to 24 in week 33 2025.
- The number of known impacted individuals is down - from 6.658 million in week 32 to 740 thousand in week 33 2025.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 740,903 impacted individuals across 9 incidents, with the largest breach being the Ransomware attack on dutch medical lab exposes cancer screening data of almost 500K women incident exposing 485,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 8 |
| Software Vulnerability and SDLC Exploits | 4 |
| Human bad security behaviour | 2 |
| Unauthorized access | 2 |
| Social Engineering and Phishing | 1 |
| Third Party Compromise | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 6 |
| Government | 6 |
| Other | 2 |
| Automotive | 2 |
| Consulting/Professional Services | 2 |
| Education | 2 |
| Telecommunications | 1 |
| Entertainment/Leisure | 1 |
| Finance | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | The critical Erlang/OTP SSH flaw actively exploited targeting operational technology networks
Vulnerabilities
- critical vulnerability | Adobe releases August 2025 patches for multiple products
- critical vulnerability | Apache Tomcat "Made You Reset" vulnerability exposes risk of Denial-of-Service attacks
- critical vulnerability | Cisco patches critical RADIUS authentication flaw and multiple high-severity flaws in firewall products
- ransomware | Critical N-able N-central vulnerabilities actively exploited
- critical vulnerability | Critical remote code execution flaw in FortiSIEM actively exploited
- critical vulnerability | Critical WordPress plugin flaw exposes websites to takeover
- critical vulnerability | Critical Zoom windows client vulnerabilities enable privilege escalation
- critical vulnerability | Fortinet authentication bypass flaw enables device takeover
- data breach | FortiWeb authentication bypass flaw allows admin impersonation
- critical vulnerability | Microsoft August 2025 Patch Tuesday fixes 107 vulnerabilities, including 13 critical and one zero-day
- critical vulnerability | Plex warns users to update their Media Server immediately for an undisclosed critical flaw
- critical vulnerability | Researchers report zero-day vulnerability in Elastic Endpoint Detection and Respons Driver that enables system compromise
- critical vulnerability | SAP releases August 2025 security updates, patches 19 flaws, at least three critical
- critical vulnerability | Security Vulnerabilities in Xerox FreeFlow Core enable Server-Side Request Forgery and remote code execution
- critical vulnerability | Vulnerability in 7-Zip archive software enables arbitrary file write and code execution
Incidents
- data breach | Fundamental Administrative Services reports data breach exposing data of 56K patients
- data breach | Ransomware attack on dutch medical lab exposes cancer screening data of almost 500K women
- data breach | Michigan Medicine leaks info of 1,015 patients via postcard mailings
- data breach | Canadian House of Commons breached through Microsoft SharePoint vulnerability
- data breach | Second data breach exposes information of thousands of Afghan refugees and UK officials
- data breach | Colt Telecom hit by ransomware attack, over 1 million documents allegedly stolen
- data breach | Berkshire Health Systems reports data breach, unauthorized employee access to patient records
- data breach | Milwaukee benefits consulting firm Zizzl LLC reports data breach caused by phishing attack
- data breach | Life Care Services senior living facilities report data breach caused by compromised email
- data breach | Seasons Living data breach exposes residents and staff personal information
- data breach | North Korean hacker group Kimsuky allegedly breached, data leaked
- data breach | Manpower staffing agency reports ransomware attack, data breach exposing 145K people
- data breach | Motorcycle manufacturer Royal Enfield hit by ransomware attack
- data breach | Melbourne boys' School Scotch College reports cybersecurity incident, data breach
- data breach | Austrian Foreign Ministry reports data breach affecting travel registration services
- data breach | Kokomo solutions data breach exposes student medical records and safety data from LA schools
- ransomware | Pike County reports third party breach exposing data of over 33,000 Individuals
- ransomware | Pennsylvania Attorney General's Office hit by cybersecurity incident, shuts down digital infrastructure
- ransomware | Healthcare provider Prairie Eye and LASIK Center hit by ransomware attack
- ransomware | Box Elder County hit by ransomware attack exposing over 2 million government files
- ransomware | Yes24 hit by a second ransomware attack in two months
- ransomware | Ransomware attack expoits flaws in SimpleHelp software, hits 300 auto recycling businesses
- ransomware | Croatian research institute Ruđer Bošković hit by ransomware through Microsoft SharePoint vulnerabilities
- ransomware | Caribbean based Venture Credit Union Society hit by ransomware attack
