F5 Breach: BIG-IP Source Code and Vulnerabilities Stolen by Sophisticated Nation-State Actor

Executive Summary: On October 15, 2025, F5 Networks disclosed a major security breach involving a long-term compromise of its corporate systems by a highly sophisticated state-sponsored threat actor. The attackers maintained persistent access for over a year, notably into F5’s BIG-IP development environment, and exfiltrated sensitive data including portions of BIG-IP source code and details…

October 2025 Patch Tuesday – 172 flaws fixed including 6 zero-days (Windows 10 end-of-support)

Microsoft’s October 2025 Patch Tuesday delivered fixes for 172 vulnerabilities across Windows and related products, including six zero-day flaws (vulnerabilities publicly disclosed or exploited before a patch was available). The updates also address eight “Critical” issues (five remote code execution and three elevation of privilege vulnerabilities)  . Notably, this is the final Patch Tuesday that…

UAC-0239 Conducts Cyberattacks in Ukraine Using the OrcaC2 Framework and FILEMESS Stealer

Since the second half of September 2025, the National Cybersecurity Response Team of Ukraine (CERT-UA) has observed a new wave of targeted cyberattacks against Ukrainian defense forces and local government institutions.These attacks have been attributed to the UAC-0239 group, believed to be operating on behalf of or in cooperation with Russian threat actors. The attackers…

RFC 9794: Terminology for Post-Quantum Traditional Hybrid Schemes

Executive Summary RFC 9794 establishes standardized terminology for hybrid cryptographic schemes that combine post-quantum and traditional algorithms. As organizations prepare for the quantum computing threat, this reference document ensures consistent communication across protocols, standards, and security teams. It defines key concepts including PQ/T hybrid schemes, composite constructions, security properties (hybrid confidentiality, hybrid authentication), and certificate…

Red Hat data breach: analysis for CISOs, CERTs, CSIRTs and SOC teams

Executive summary On 2 October 2025, the extortion group Crimson Collective announced on Telegram that it had compromised Red Hat Consulting’s private Git repositories. Reports indicate that the attackers stole approximately 570 GB of compressed data from around 28 000 internal repositories. Among the stolen files were Customer Engagement Reports (CERs), which contain architecture diagrams, configuration details, authentication tokens and network maps. The leak…