Weekly Cybersecurity Briefing (20 October ā 26 October 2025)
A week marked by widespread cloud disruption, active exploitation of critical server flaws, and an escalation in developer supplyāchain threats.
AWS experienced a DNS and loadābalancer outage that disrupted major consumer and developer services and spurred opportunistic phishing campaigns.
CISA added multiple actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalogue, including a Windows SMB privilege escalation and Adobe/Oracle issues.
A critical WSUS deserialisation flaw (CVEā2025ā59287) was patched after proofāofāconcept exploits and active attacks were reported.
Developer supplyāchain risks intensified as GlassWorm selfāpropagating malware and TARmageddon tarāparser flaws targeted extension ecosystems and libraries.
Stateālinked espionage and ransomware activity continued, with new toolkits and resurgent RaaS operations observed across multiple campaigns.