Cyber Briefing: 2025.10.02

Cyber incidents include Microsoft Outlook vulnerabilities causing crashes and ransomware threats.

Oct 02, 2025

👉 What are the latest cybersecurity alerts, incidents, and news?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Smishing targets routers in Belgium 2025

Threat actors have exploited vulnerabilities in Milesight Industrial Cellular Routers to launch a new wave of smishing attacks, primarily targeting users in Belgium with phishing messages disguised as official government communications. The attacks abuse the routers’ APIs to send text messages containing malicious links, with more than 570 vulnerable devices identified as being exposed to this unauthenticated access.

2. Outlook Bug Causes Repeated Crashes

Microsoft is currently investigating a significant bug that prevents some users from accessing their email through the classic Outlook for Windows application, displaying an error message that the “attempt to log on to Microsoft Exchange has failed.” The issue, linked to authentication failures on the Exchange server side, disrupts business productivity for affected users, who are advised to use Outlook Web Access or the new Outlook for Windows as temporary workarounds.

3. MatrixPDF Toolkit Turns PDFs Into Lures

A new tool called MatrixPDF is being sold on cybercrime forums that allows attackers to transform regular PDF files into interactive lures. These malicious PDFs, which can bypass email security filters like Gmail, redirect victims to credential theft sites or malware downloads.

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. Dealership Software Breach Hits 766k

Motility Software Solutions, a provider of dealer management software, was the victim of a recent ransomware attack that exposed the sensitive data of 766,000 customers. The company has no evidence of the data being misused but is offering a year of free identity monitoring services to affected customers.

5. Allianz Life July Breach Hits 1.5M

In late July, Allianz Life announced it had suffered a cyberattack after a third party cloud-based CRM system it used was breached. The American insurance giant, which is part of global company Allianz SE, has since completed its investigation and determined that nearly 1.5 million individuals were impacted. The company is now notifying all affected individuals—including customers, financial professionals, and employees—that their personal information, including names, addresses, dates of birth, and Social Security numbers, may have been compromised.

6. Suffolk Website Down After Cyber-Attack

Suffolk County Council’s website and several other online services were taken offline following a cyber-attack. The council confirmed the incident was a denial-of-service attack, and a social media group has claimed responsibility.

For more incidents, click here!

Click to Report

📢 Cyber News

7. Google Drive Gains AI Ransomware Guard

Google has introduced an AI-powered ransomware detection system for its Drive desktop application, a major leap forward in cybersecurity. This new feature automatically stops file synchronization when it detects malicious encryption attempts, effectively preventing ransomware from corrupting data across an entire network.

8. Descope Raises 35M In Seed Extension

Identity and access management provider Descope has secured an additional $35 million in a seed funding extension, bringing its total funding to $88 million. The company, founded in 2022, plans to use the new capital to expand its research into agentic identity and hire more talent globally.

9. Sendit Sued By FTC Over Kids Data

The Federal Trade Commission is suing the company behind the social media app Sendit and its CEO for illegally collecting data from underage users. The lawsuit also alleges the company used deceptive subscription practices to trick users into paying for a premium membership.

For more news, click here!

Check Events

📈Cyber Stocks

On Thursday, 2nd October, cybersecurity stocks traded mostly higher, lifted by optimism around AI-driven security innovation, accelerating demand for cloud and zero-trust solutions, and heightened attention to cyber defense amid ongoing geopolitical tensions. Still, investor caution persisted in names facing competitive pressure and concerns over growth visibility.

Stock Highlights

CrowdStrike closed at $499.96, up 1.9%, driven by enthusiasm for its expanding AI-powered Falcon platform and renewed demand for endpoint security following fresh global cyber incidents.
Zscaler ended at $304.53, up 1.7%, supported by strong enterprise cloud adoption and confidence in its zero-trust security architecture.
Palo Alto Networks finished near $203, slightly lower, as investors weighed its ambitious CyberArk acquisition against cautious forward guidance.
Okta settled around $91, down modestly, with valuation concerns and stiff competition in identity management tempering optimism around its AI-enabled offerings.
Fortinet closed just above $84, fractionally higher, benefiting from geopolitical tensions boosting network security demand, though questions remained over its firewall upgrade cycle.

💡 Cyber Tip

Outlook Bug Causes Repeated Crashes

A significant bug in the classic Outlook for Windows desktop application is preventing some users from accessing their email. This issue is linked to authentication failures on the Exchange server, which results in the program crashing when users try to open it.

✅ What you should do

Use a temporary workaround:

Access your email through Outlook Web Access (OWA) in a web browser.
Switch to the new Outlook for Windows application.

For a permanent fix:

Open a support case through the Microsoft 365 Admin portal to get assistance from the Exchange Online support team.

🔒 Why this matters

This bug significantly impacts business productivity by preventing users from accessing email, calendars, and contacts. The workarounds allow users to maintain access to their accounts and continue their work, minimizing business disruption. The issue is server-side, meaning local troubleshooting is ineffective, and users must rely on Microsoft’s support for a resolution.