How many cybersecurity events occurred in the week of September 15-22, 2025?

During the week of September 15-22, 2025, there were a total of 33 cybersecurity events: 14 advisory/vulnerability events and 19 incident/data breach events.

How did cybersecurity incidents change compared to the previous week?

Comparing week 38 to week 37 of 2025: Advisories increased from 13 to 14 (up by 1), while incidents decreased from 26 to 19 (down by 7). However, the number of impacted individuals increased significantly from 520,000 to 9.145 million.

What was the largest data breach of the week and how many people were affected?

The largest breach was the Shiny Hunters ransomware gang's claimed breach of Kering's Luxury Brands, which exposed data of 7,400,000 individuals. Overall, 9,145,640 individuals were impacted across 7 incidents during the week.

What were the most common causes of cybersecurity incidents this week?

The top causes of incidents were: Malware, Ransomware and Related Attacks (5 incidents), Unauthorized access (3 incidents), followed by Third Party Compromise, Social Engineering and Phishing, and Human bad security behavior (2 incidents each).

Which industry was most affected by cybersecurity incidents?

Healthcare was the most affected industry with 7 incidents, followed by IT/Software/Technology and Finance with 2 incidents each. Other affected industries included Food and Beverage, Government, Insurance, Automotive, Retail, Aviation, and Consulting/Professional Services with 1 incident each.

What types of critical vulnerabilities were reported this week?

Critical vulnerabilities were reported in various systems including Apple iOS/macOS updates, WordPress plugins, Apache HTTP Server, Nokia management platforms, FlowiseAI, Kubernetes tools, Google Chrome (with one actively exploited), and multiple enterprise systems like WatchGuard Firebox and Fortra's GoAnywhere MFT.

What major ransomware attacks occurred during this week?

Major ransomware attacks included: Shiny Hunters gang's breach of Kering's Luxury Brands (7.4M affected), Goshen Medical Center attack (456,385 patients affected), Medical Associates of Brevard hit by BianLian ransomware (246,711 patients), Everest gang's claimed breach of BMW, and attacks on Family & Community Services and SonicWall MySonicWall platform.

Were there any notable breaches in the financial or technology sectors?

Yes, notable breaches included: Former FinWise Bank employee breaching data of 689,000 customers, Google confirming a breach of their Law Enforcement Request System with a fraudulent account created, and an arrested hacker claiming Scattered Spider gang breached Crypto.com (though this incident was not officially reported).

Knowledge

State of (in)security - Week 38, 2025

published: Sept. 22, 2025

Take action: Never try to gag the responsible disclosure white hat hackers with stupid DMCA lawsuits. You are just making a "Streisand Effect". Everyone will learn about the vulnerability and how poor you handled it.

Learn More

In the week between Sept. 15, 2025, midnight and Sept. 22, 2025, midnight we witnessed a total of:

14 advisory/vulnerability events
19 incident/data breach events

Week over Week comparison of week 38 2025 vs week 37 2025:

Total impacted individuals via the events of the week

There were a total of 9,145,640 impacted individuals across 7 incidents, with the largest breach being the Shiny Hunters ransomware gang claims breach of Kering's Luxury Brands incident exposing 7,400,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Unauthorized access	3
Third Party Compromise	2
Social Engineering and Phishing	2
Human bad security behaviour	2
Software Vulnerability and SDLC Exploits	1
System Misconfiguration Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	7
IT/Software/Technology	2
Finance	2
Food and Beverage	1
Government	1
Insurance	1
Other	1
Automotive	1
Retail	1
Aviation	1
Consulting/Professional Services	1

Read the Event Details of the Week

Vulnerabilities

critical vulnerability | Apple releases security updates for iOS 18.7, macOS, iPadOS, and releases iOS 26 and macOS 26
critical vulnerability | Case Theme User WordPress plugin flaw enables authentication bypass
critical vulnerability | Critical Apache HTTP Server vulnerabilities reported in Siemens Industrial Network Management Systems
critical vulnerability | Critical authentication bypass flaw reported in Nokia's CBIS and NCS Management Platforms
critical vulnerability | Critical FlowiseAI password reset flaw exposes accounts to complete takeover
critical vulnerability | Critical vulnerabilities reported in Chaos Mesh tool for Kubernetes Clusters
critical vulnerability | Critical vulnerability reported in Jinjava template engine, enables sandbox bypass, remote code execution
critical vulnerability | Google releases Chrome emergency update; patches four vulnerabilities, one actively exploited
critical vulnerability | LangChainGo template injection vulnerability enables arbitrary file access
critical vulnerability | Maximum severity flaw reported in Fortra's GoAnywhere MFT file transfer solution
critical vulnerability | Multiple vulnerabilities reported in Delta Electronics DIALink, one critical
critical vulnerability | Service-Side prompt injection еxfiltration vulnerability reported in ChatGPT's Deep Research Agent
critical vulnerability | Vulnerabilities reported in CUPS system for Linux
critical vulnerability | WatchGuard Firebox vulnerability allows remote code execution

Incidents

data breach | Workplace drug and alchohol testing administrator exposes data of Frontier Airlines
data breach | York County Email account breach exposes sensitive personal information
data breach | New Jersey Medical Groups report data breach affecting health data
data breach | Former FinWise Bank employee breaches data of 689,000 customers
data breach | Orwell Housing Association employee leaks 853 staff records
data breach | Ontario Medical Supply cybersecurity attack exposes personal data of 200,000 home care patients
data breach | Google confirms breach of their Law Enforcement Request System, fradulent account created
data breach | Medicare Compare USA reports email breach exposing health and financial data
data breach | Florida eye care provider Retina Group reports cyberattack exposing data of over 152,000 patients
data breach | Security vulnerabilities reported in Burger King and other Restaurant Brands International's platforms, then gagged by DMCA
data breach | Arrested hacker claims Scattered Spider gang breached Crypto.com, the incident was not reported
data breach | Goshen Medical Center hit by ransomware attack, 456,385 patients' data exposed
data breach | Medical Associates of Brevard hit by BianLian ransomware; 246,711 patients data exposed
data breach | Hello Cake sexual wellness company reports data breach exposing health data
ransomware | Family & Community Services reports ransomware attack, data breach
ransomware | SonicWall MySonicWall platform breached, firewall config files exposed
ransomware | Everest ransomware gang claims breach of BMW
ransomware | Shiny Hunters ransomware gang claims breach of Kering's Luxury Brands
ransomware | Major cyberattack on Collins Aerospace disrupts european airport operations

Read More
State of (in)security - Week 6, 2025
How to target Security Professionals - Fake exploit …
State of (in)security - Week 1, 2025
State of (in)security - Week 25, 2024
State of (in)security - Week 35, 2023