Cyber Briefing: 2025.10.14

Oracle zero-day linked, SpyChain shows satellite risk, Oracle fix issued, Unity & SimonMed breached, RDP botnet, NK IT workers, Edge patched, JPM $10B plan.

Oct 14, 2025

👉 What’s happening in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Google And Mandiant Uncover Oracle Hack

Google and Mandiant identified that Oracle E-Business Suite extortion emails were linked to a likely zero-day vulnerability, CVE-2025-61882, along with other already patched flaws. Threat actors, possibly a Cl0p affiliate, exploited these vulnerabilities to steal data and demand money from company executives.

2. Unverified COTS Hardware Risks Satellites

SpyChain, a new research framework, demonstrates how unverified commercial hardware on small satellites can enable persistent, multi-component supply chain attacks. Using NASA’s NOS3 simulator, it shows how malicious parts can remain dormant and then activate covertly to exfiltrate mission data or disrupt operations.

3. Oracle Issues Urgent E Business Suite Fix

Oracle has issued an emergency security update for a new vulnerability in its E-Business Suite. The flaw, tracked as CVE-2025-61884, has a CVSS score of 7.5 and could allow unauthenticated attackers to steal sensitive data.

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. Unity SpeedTree Site Data Breach

Malicious code on Unity Technologies’ SpeedTree website stole sensitive information, including credit card numbers, from 428 customers over a five-month period. Unity Technologies discovered and removed malicious code from its SpeedTree checkout page that had been capturing customer data, such as names, addresses, and credit card numbers,

5. SimonMed Imaging Reports Data Breach

In a significant healthcare data breach, the Medusa ransomware group stole 200 GB of data from SimonMed Imaging, impacting over 1.2 million individuals. The exposed information includes highly sensitive patient details like medical records, diagnoses, and personal identification numbers, raising concerns about potential identity theft and fraud.

6. Multi Country Botnet Hits RDP Services

A large-scale botnet with over 100,000 IP addresses is targeting Remote Desktop Protocol (RDP) services in the U.S. using two types of RDP attacks: RD Web Access timing attacks and RDP web client login enumeration.

For more incidents, click here!

📢 Cyber News

7. North Korean IT Workers Evade Verification

Over 10,000 North Korean IT professionals are secretly working for global tech companies and freelance marketplaces. They use VPNs and fake identities to hide their location and fund North Korea’s weapons programs.

8. Microsoft Updates IE Mode In Edge

Following reports in August 2025 that threat actors exploited its backward compatibility feature to gain unauthorized device access, Microsoft updated Edge’s Internet Explorer (IE) mode. This urgent patch addressed a critical security vulnerability that allowed attackers to compromise user devices via remote code execution.

9. JPMorgan To Invest In US Security Firms

JPMorgan Chase plans to invest up to $10 billion directly in U.S. companies critical to national security, focusing on key sectors like defense, energy, and advanced manufacturing. This initiative, part of a broader $1.5 trillion plan, aims to bolster America’s economic and supply chain resilience.

For more news click here

Check Events

📈Cyber Stocks

On Tuesday, 14th October, cybersecurity stocks broadly rallied, fueled by renewed optimism around AI-driven security innovations, escalating demand for identity and cloud defenses, and positive earnings signals across the sector. The gains suggest that investors remain confident in the long-term secular trends in cybersecurity, despite short-term volatility in broader tech markets.

SentinelOne closed at $17.15, down 0.5%, pressured by investor caution over growth execution in autonomous endpoint solutions.
Rapid7 ended at $18.72, up 0.46%, supported by steady enterprise demand for its security analytics and cloud-based detection capabilities.
CyberArk finished at $504.02, up 2.05%, buoyed by renewed faith in identity and privileged access management as essential next-gen security.
CrowdStrike settled at $508.61, up 3.0%, driven by enthusiasm for its AI-enhanced Falcon platform and strong threat defense demand.
Zscaler closed at $313.04, up 0.9%, underpinned by robust cloud security momentum and investor confidence in zero-trust architectures.

💡 Cyber Tip

Oracle Issues Urgent E-Business Suite Fix

Oracle has released an emergency security update for a new flaw in its E-Business Suite, tracked as CVE-2025-61884. The vulnerability, rated 7.5 on the CVSS scale, allows unauthenticated attackers to steal sensitive data from affected systems running versions 12.2.3 through 12.2.14. Oracle urges all customers to apply the patch immediately to prevent potential exploitation.

🔐 What You Should Do

Apply Oracle’s latest security patch for E-Business Suite without delay.
Verify your system version and ensure it is updated to the latest release.
Audit all accounts and disable default or unused credentials.
Restrict network exposure of EBS systems and enable multi-factor authentication.
Monitor for suspicious password resets, email access, or admin logins.

⚠️ Why This Matters

E-Business Suite is used by enterprises to manage finance, HR, and operations.A remotely exploitable flaw could expose sensitive corporate data and enable large-scale extortion or ransomware attacks.Timely patching and stronger authentication controls are critical to protect business systems.