Cyber Briefing: 2025.08.22

FBI flags FSB Cisco exploit, Apple fixes zero-day, Murky Panda espionage, Microsoft outage, Qilin hits Nissan, DaVita breach, INTERPOL arrests, ex-dev jailed.

Aug 22, 2025

👉 What are the latest cybersecurity alerts, incidents, and news?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Click to Read

🚨 Cyber Alerts

1. FBI Warns FSB Hackers Exploit Cisco Flaws

Static Tundra, a Russian state-sponsored cyber espionage group, has been exploiting a seven-year-old security flaw (CVE-2018-0171) in Cisco network devices to gain and maintain persistent access to target networks. These attacks, which are part of a long-term intelligence-gathering campaign, are aimed at organizations of strategic interest to Russia, including those in the telecommunications, higher education, and manufacturing sectors.

2. Apple Patches New Zero-Day Exploit

Apple recently released urgent software updates to patch a zero-day vulnerability that was actively exploited in sophisticated attacks. The flaw, identified as CVE-2025-43300, is an out-of-bounds write in the Image I/O framework that could allow memory corruption and remote code execution through a malicious image file.

3. Chinese Hackers Boost Cloud Espionage

A China-linked cyber espionage group, Murky Panda, is exploiting trusted relationships in cloud environments to breach enterprise networks, leveraging its ability to quickly weaponize new and existing vulnerabilities. The group, also known as Silk Typhoon, gains initial access by exploiting internet-facing appliances and uses a custom malware, CloudedHope, to maintain persistence and conduct intelligence gathering.

For more alerts, click here!

Check Jobs

💥 Cyber Incidents

4. Microsoft Probes Copilot, Office Outage

Microsoft experienced a critical service outage that affected users in North America, preventing them from accessing Office.com and the Copilot AI assistant. The company identified a recent configuration change as the root cause, and the issue was resolved after reverting the update.

5. Qilin Gang Hits Nissan CBI with Breach

The Qilin ransomware group claims to have stolen 4TB of sensitive data from Nissan's design subsidiary, Creative Box Inc. (CBI), and is threatening to leak it unless a ransom is paid. The leaked samples include car design files, financial spreadsheets, and internal documents, which could give competitors a significant advantage.

6. DaVita Data Breach Hits 2.7M People

Kidney dialysis firm DaVita recently confirmed that a ransomware attack led to the theft of personal and health information belonging to nearly 2.7 million individuals. The Interlock ransomware gang claimed responsibility for the breach, which occurred from late March to mid-April, and leaked a portion of the stolen data after ransom negotiations failed.

For more incidents, click here!

Get Help

📢 Cyber News

7. INTERPOL Nabs 1,209 Cybercriminals

On Friday, INTERPOL announced the arrest of 1,209 cybercriminals across 18 African countries, targeting 88,000 victims in an operation that recovered $97.4 million. The multi-country effort, dubbed Operation Serengeti, focused on combating a variety of cybercrimes, including online scams, ransomware, and business email compromise.

8. Ex-Dev Jailed for Employer Malware Hit

A 55-year-old Chinese national, Davis Lu, was sentenced to four years in prison for sabotaging his former employer's network. He deployed custom malware and a "kill switch" that triggered when his access was revoked, causing significant financial damage and disrupting thousands of users.

9. Microsoft Halts PoC Sharing with China

Microsoft has halted the sharing of proof-of-concept (PoC) exploit code with Chinese firms participating in its Microsoft Active Protections Program (MAPP) following a suspected leak that led to the mass exploitation of SharePoint vulnerabilities in July. Instead, these firms will now only receive written bug descriptions, a change aimed at curbing future leaks while maintaining the program's defensive utility.

For more news, click here!

Check Events

📈Cyber Stocks

In the morning of Friday, August 22, 2025, cybersecurity stocks showed mixed momentum as markets awaited signals from the Jackson Hole symposium and navigated broader tech valuation pressures.

SentinelOne (S) dropped 0.60% to $16.64, following sector-wide retrenchment in AI-exposed names and pre-earnings positioning seen across smaller cybersecurity players.
Check Point Software Technologies (CHKP) eased 0.47% to $188.41, as investor interest waned modestly amid defensive rotation and caution in high-multiple tech sectors ahead of economic data releases
Okta (OKTA) declined 1.34% to $89.78, as concerns over macroeconomic headwinds and uncertainties around interest rates tempered investor optimism in identity security growth stories
Rapid7 (RPD) slipped 0.79% to $20.12, pressured by a broader pullback in growth stocks as markets weighed interest rate uncertainty ahead of the Fed chair’s speech and digestive sentiment on cybersecurity valuations.
Palo Alto Networks (PANW) dipped 0.60% to $183.32, as investors absorbed mixed signals, strong AI-driven growth potential remains amid caution over lofty valuations and potential slowdown in tech momentum following Powell’s upcoming remarks.

💡 Cyber Tip

📱 Update Apple Devices Now to Patch Actively Exploited Zero-Day

Apple has released urgent security updates fixing CVE-2025-43300, an out-of-bounds write vulnerability in the Image I/O framework. This flaw allows attackers to use a malicious image file to corrupt memory and execute code remotely. Apple confirmed it was exploited in targeted attacks against specific individuals.

✅ What you should do:

Update iPhones and iPads to the latest iOS 18.6.2 / iPadOS 18.6.2
Update Macs to macOS Sequoia 15.6.1, Sonoma 14.7.8, or Ventura 13.7.8
Apply available patches for older supported devices
Enable automatic updates and also check manually to confirm installation
Stay alert to new Apple security advisories and patch quickly

🔒 Why this matters:
This is the sixth zero-day Apple patched in 2025, showing that even well-defended platforms are frequent targets. Updating immediately is the only effective way to block this exploit and protect your data from highly sophisticated attacks.