State of (in)security - Week 5, 2025
Take action: Track the discipline of patching of your vendors. In the previous week we are seeing multiple vendors which have ignored advisories and don't patch vulnerabilities. Those products need to be being heavily isolated in trusted networks, and then replaced. Those vendors don't deserve your trust.
Learn More
In the week between Jan. 27, 2025, midnight and Feb. 3, 2025, midnight we witnessed a total of:
- 13 advisory/vulnerability events
- 23 incident/data breach events
Week over Week comparison of week 5 2025 vs week 4 2025:
- Advisories are up and incidents are down from the previous week. Advisories are up from 8 in week 4 2025 to 13 in week 5 2025. Incidents are down from 25 in week 4 2025 to 23 in week 5 2025.
- The number of known impacted individuals is significantly down - from over 7.884 million in week 4 2025 to 1.763 million in week 5 2025.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 1,763,996 impacted individuals across 4 incidents, with the largest breach being the Community Health Center reports data breach exposing 1M patients incident exposing 1,060,936 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 7 |
| Human bad security behaviour | 2 |
| Software Vulnerability and SDLC Exploits | 1 |
| System Misconfiguration Exploits | 1 |
| Unauthorized access | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| IT/Software/Technology | 4 |
| Government | 4 |
| Education | 2 |
| Retail | 2 |
| Manufacturing | 1 |
| Utilities | 1 |
| Finance | 1 |
Read the Event Details of the Week
Knowledge
- awareness | Researchers discover undocumented parameter exploit flaw in Lightning.AI development platform
- active attack | Version of Mirai botnet exploits vulnerability in Mitel SIP Phones
Vulnerabilities
- critical vulnerability | Apple releases iOS 18.3, iPadOS 18.3, and macOS Sequoia 15.3, fixing multiple flaws, one actively exploited
- critical vulnerability | Critical remote code execution flaw reported in MyQ Print Server
- critical vulnerability | D-Link patches remote code execution flaw in DSL-3788 models
- critical vulnerability | Google releases update for Chrome and Chromium browsers, fixes two high severity flaws
- critical vulnerability | Meta and researchers in dispute about severity of flaw in Meta's LLM code - better to patch
- critical vulnerability | Multiple flaws, one critical found in Contec Health CMS8000 Patient Monitor
- critical vulnerability | Researchers discover flaw in Subaru STARLINK onnected vehicle system
- critical vulnerability | Researchers report active exploitation of unpatched Zyxel CPE Devices via CVE-2024-40891 flaw
- critical vulnerability | Researchers report still unpatched vulnerabilities PHP Laravel management package Voyager
- critical vulnerability | Rockwell Automation reports flaws in FactoryTalk View Machine Edition system, one critical
- critical vulnerability | Rockwell Automation reports multiple flaws in DataMosaix Private Cloud platform
- critical vulnerability | Security rearchers discover old critical flaw still active in Check Point Security Gateways
- critical vulnerability | Vulnerabilities reported in Cacti framework, one critical remote code execution
Incidents
- critical vulnerability | Wacom reports breach of e-commerce platform, customer data potentially breached
- data breach | Engineering company Smiths Group reports cyberattack
- data breach | The City of Dover, Delaware declares a state of emergency due to potential cybersecurity breaches
- data breach | Japanese retailer Hands Corporation reports data breach
- data breach | Heritage Health Care in Ohio reports data breach
- data breach | IntelBroker claims second breach of HP Enterprise just 10 days after previous attack
- data breach | Behavioral Health Resources reports data breach
- data breach | Researchers discover DeepSeek servers exposed unprotected leaking sensitive records
- data breach | Squamish-Lillooet Regional District reports email account compromise
- data breach | Albany Gastroenterology Associates reports data breach
- data breach | Community Health Center reports data breach exposing 1M patients
- data breach | TD Bank reports data breach caused by former employee
- data breach | Kenyan government Business Registration Services reports cyberattack, data breach
- data breach | NorthBay Healthcare Corporation reports data breach exposing half a million people
- data breach | Regional Obstetrical Consultants reports data breach eight months after incident
- ransomware | Frederick Health in Maryland hit by ransomware attack
- ransomware | Hamilton-Wentworth District School Board investigating potential cyberattack
- ransomware | Matagorda County, Texas declares state of disaster after cyberattack
- ransomware | Mizuno USA reports cyberattack, says hackers lurked in its network for two months
- ransomware | New York Blood Center reports ransomware attack disrupting blood donations
- ransomware | Douglasville-Douglas County Water and Sewer Authority reports ransomware attack
- ransomware | Rhysida ransomware group claims breach Pembina Trails School Division
- ransomware | Tata Technologies hit by ransomware attack
