Top 5 Cybersecurity News Stories October 03, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Threat actors are abusing Milesight industrial cellular routers’ exposed APIs to send phishing SMS campaigns across several European countries. Attackers access the router’s SMS inbox and outbox functions to distribute malicious links, impersonating credible services like postal or government platforms.

SEKOIA reports that of approximately 18,000 routers publicly accessible, 572 may be vulnerable—about half located in Europe. The campaign has likely been active since February 2022. Security professionals warn that routers with weak API access controls are dangerous footholds in multi-vector attacks.
Read more on The Hacker News

2. Red Hat confirms security incident after hackers breach GitLab instance

Red Hat has confirmed a security breach involving a self-hosted GitLab instance used by its consulting division. A hacker group calling itself the Crimson Collective claimed responsibility, alleging theft of approximately 570 GB of data from more than 28,000 private repositories. The attackers published samples as proof and suggested customer projects may be included.

Red Hat stressed that its product engineering environments, software supply chain, and Red Hat Enterprise Linux source code remain unaffected. The company is working with forensic experts to investigate the incident, assess potential customer impact, and strengthen protections around its developer environments.
Read more on BleepingComputer

3. Google says hackers are sending extortion emails to corporate executives

Google disclosed that a large-scale email extortion campaign is targeting executives across multiple industries. The attackers claim affiliation with the Cl0p ransomware gang and allege they have stolen sensitive business data from Oracle’s E-Business Suite systems. Emails demand payment to prevent exposure of stolen information, though Google has found no evidence verifying these claims.

The campaign is notable for its scale, with high-volume messages aimed at creating panic among leadership teams. Google advises recipients to treat the threats seriously, preserve evidence, and engage internal security teams, while ongoing investigations attempt to confirm the attackers’ true capabilities.
Read more on Reuters

4. Nursery hackers delete children’s data following backlash, UK media reports

A UK nursery chain, Kido Schools, suffered a cyberattack that exposed sensitive data belonging to more than 8,000 children and their families. Information compromised included names, photos, and home addresses. The hacker group, calling itself Radiant, initially demanded a ransom of £600,000 but faced widespread public condemnation for targeting children.

In response, the group issued an apology and claimed to have deleted all stolen data. Kido confirmed it did not pay the ransom and is cooperating with law enforcement. Experts caution, however, that such deletion claims cannot be independently verified and residual risks may remain.
Read more on CNN

5. CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the critical vulnerability CVE-2025-32463 in sudo to its Known Exploited Vulnerabilities list.

The flaw allows local users to escalate privileges to root by exploiting sudo’s -R (–chroot) option, even if they are not explicitly permitted in the sudoers file. The vulnerability affects sudo versions before 1.9.17p1. Evidence indicates active exploitation is underway. Organizations are urged to update sudo immediately and audit any anomalous privilege escalations.
Read more on The Hacker News

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!