CISA Warns of 'Ongoing' Brickstorm Backdoor Attacks

Source: Dark Reading

US agencies say Chinese state actors are deploying the Brickstorm backdoor in VMware vSphere environments, enabling persistence, VM snapshot theft, and lateral movement. For SMBs supporting critical sectors: harden vSphere, restrict remote access, enforce MFA, and monitor for anomalous VM and DNS-over-HTTPS activity.

Link to article

Pharma firm Inotiv discloses data breach after ransomware attack

Source: BleepingComputer

Inotiv is notifying thousands that personal data was stolen in an August 2025 ransomware incident. It’s a reminder that research and HR systems are high-value targets. Validate vendor security, tighten backup/restore plans, and ensure contracts require fast breach notifications and cooperation.

Link to article

Zero Day: 700 Instances of Self-Hosted Git Service Exploited

Source: Data Breach Today

Researchers report active exploitation of a zero-day in Gogs, a self-hosted Git service, with at least 700 servers showing compromise signs. Businesses running internal repos should restrict exposure, review logs for unusual activity, and prioritize mitigations or isolation while patches are developed.

Link to article

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Source: The Hacker News

A maximum-severity flaw in React Server Components (CVE-2025-55182) could allow unauthenticated RCE. Teams using React/Next.js with server components should apply vendor guidance, audit exposed endpoints, and add WAF rules or temporary blocks to reduce risk until fully remediated.

Link to article

Personal Information Compromised in Freedom Mobile Data Breach

Source: SecurityWeek

Freedom Mobile disclosed that attackers accessed customer data via its account management platform. For firms relying on telecom partners, revisit contract SLAs, require breach reporting, and implement layered authentication and fraud monitoring to contain downstream risk.

Link to article