{"id":10159,"date":"2025-09-15T09:43:45","date_gmt":"2025-09-15T06:43:45","guid":{"rendered":"https:\/\/cyberone.bg\/?p=10159"},"modified":"2025-11-10T13:37:33","modified_gmt":"2025-11-10T10:37:33","slug":"weekly-cybersecurity-report-week-37-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-37-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 37, 2025"},"content":{"rendered":"<p>As your dedicated cybersecurity services provider,<strong>\u00a0<a href=\"https:\/\/cyberone.bg\/\">Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n<h2>Weekly Cybersecurity Report | Week 37, 2025<\/h2>\n<p><strong><u>Information security updates and events from the past we<\/u><\/strong><strong><u>ek<\/u><\/strong><\/p>\n<h3 id=\"1\"><a href=\"#1\"><strong>Supply chain attack on British railway company LNER &#8211; customer details leaked<\/strong><\/a><\/h3>\n<p><strong>\u00a0<\/strong>LNER, the operator of one of the busiest railway lines in the UK, between London and Scotland, announced that it had experienced a supply chain attack that led to the exposure of customer details through an external supplier.<br \/>\nAccording to the company&#8217;s announcement, Bridgestone, the world&#8217;s largest tire manufacturer, has confirmed a cyber-attack that affected its manufacturing systems in North America.<br \/>\nThe attack caused the temporary shutdown of factories in South Carolina and Quebec, with employees being transferred to maintenance activities or sent home.<br \/>\nAccording to the company, this was a targeted incident in which the attackers attempted to penetrate operational systems (OT\/IT), the systems were identified as being under attack at an early stage, which allowed for rapid isolation and prevention of spread.<\/p>\n<ul>\n<li>The attackers gained unauthorized access to files managed by a third-party provider.<\/li>\n<li>The information exposed includes customer contact details and data on past trips.<\/li>\n<li>No passwords, bank details or credit cards were leaked.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.travelandtourworld.com\/news\/article\/london-north-eastern-railway-and-transport-for-london-cyber-incidents-raise-concerns-over-public-transport-data-security\/\">https:\/\/www.travelandtourworld.com\/news\/article\/london-north-eastern-railway-and-transport-for-london-cyber-incidents-raise-concerns-over-public-transport-data-security\/<\/a><\/p>\n<h3 id=\"2\"><a href=\"#2\"><strong>Cyber-attack on official FIFA website &#8211; concerns about user data exposure<\/strong><\/a><\/h3>\n<p><strong>\u00a0<\/strong>The official FIFA website for purchasing tickets for the 2026 World Cup (access.tickets.fifa.com) has been temporarily disabled after reports of a concern about an attack.<br \/>\nAccording to initial information, the website may be vulnerable to exploitation of an XSS (Cross-Site Scripting) vulnerability, which allows attackers to inject malicious code into users&#8217; browsers.<br \/>\nWhat has happened so far- The website displays a \u201cplanned maintenance\u201d message, but this is apparently an initial response to an attempted attack.<\/p>\n<ul>\n<li>XSS vulnerability allows attackers to execute malicious code through the browser, stealing login credentials, credit card details and other sensitive information.<\/li>\n<li>Users who logged in to the site during the attack may be exposed to the risk of data theft.<\/li>\n<\/ul>\n<h3 id=\"3\"><a href=\"#3\"><strong>Plex announces attack &#8211; users are asked to change their passwords immediately<\/strong><\/a><\/h3>\n<p>Plex, the popular streaming platform for movies and series, announced an attack that allowed an unauthorized party to access sensitive user information. The company is urging all users to change their passwords immediately.<\/p>\n<p>The information exposed includes:<\/p>\n<ul>\n<li>Email addresses<\/li>\n<li>Usernames<\/li>\n<li>Encrypted (not visible) passwords.<\/li>\n<li>Plex emphasizes that there is no evidence of malicious use of the information but recommends changing your password as soon as possible.<\/li>\n<\/ul>\n<h3 id=\"4\"><a href=\"#4\"><strong>Devman Group Claims: Large-Scale Cyber \u200b\u200bAttack on Shimao Group Holdings &#8211; $91 Million Ransom Demand<\/strong><\/a><\/h3>\n<p>The Devman attack group announced that it had carried out a cyber-attack on Shimao Group Holdings Ltd, one of the largest real estate groups in China. According to the attackers&#8217; statement, during the attack, which began in May 2025, 12 terabytes of sensitive information were removed from the systems.<\/p>\n<p>A damage to the company on such a scale could affect not only its operations, but also the entire Chinese real estate market.<\/p>\n<h3 id=\"5\"><a href=\"#5\"><strong>Ransomware attack on Michigan Sugar, the third largest sugar producer in the United States: Akira claims the theft of 40GB of sensitive information<\/strong><\/a><\/h3>\n<p>What was stolen?<\/p>\n<ul>\n<li>Financial statements, invoices and sensitive business information<\/li>\n<li>Employee and customer information, including driver&#8217;s licenses, addresses and telephone numbers<\/li>\n<li>Medical information and death certificates<\/li>\n<li>Non-disclosure agreements (NDAs) and legal documents<\/li>\n<\/ul>\n<p>Another significant attack on a critical American industry. If the information held by Akira is indeed exposed, it poses a real risk to employees, customers and business partners<\/p>\n<h3 id=\"6\"><a href=\"#6\"><strong>Rose Acre Farms, the second largest egg producer in the US, has been hit by a cyberattack<\/strong><\/a><\/h3>\n<p>The attackers breached systems via the company\u2019s website goodegg.com.<br \/>\nIt is currently unclear whether business or personal information was stolen, but the attack could cause supply chain disruptions and affect food distribution on a large scale.<br \/>\nLynx Group is responsible for the attack.<\/p>\n<h3 id=\"7\"><a href=\"#7\"><strong>Wealthsimple, a Canadian investment and fintech platform, confirmed a security breach<\/strong><\/a><\/h3>\n<p>The incident was caused by a breach in a third-party package and allowed unauthorized access to personal information of less than 1% of the company\u2019s customers (about 30,000 out of about 3 million).<br \/>\nThe information exposed includes contact details, dates of birth, IP addresses, account numbers and government identification documents (including SIN \u2013 Canadian National Insurance Number).<br \/>\nHowever, no passwords were stolen, and no damage was recorded to the customers&#8217; own funds.<br \/>\nThe company informed the affected customers and offered them a two-year protection package that included credit monitoring, dark web monitoring, identity theft protection and insurance.<br \/>\nIn addition, customers were asked to activate two-factor authentication (2FA), not use repeated passwords and beware of phishing messages.<\/p>\n<h3 id=\"8\"><a href=\"#8\"><strong>Bridgestone, the world&#8217;s largest tire manufacturer, confirmed a cyberattack that affected its production systems in North America.<\/strong><\/a><\/h3>\n<p>The attack caused the temporary shutdown of factories in South Carolina and Quebec, with employees being transferred to maintenance activities or sent home.<\/p>\n<p>According to the company, this was a targeted incident in which the attackers attempted to penetrate operational systems (OT\/IT), the systems were identified as being under attack at an early stage, which allowed for rapid isolation and prevention of spread.<\/p>\n<p><strong><em>The cybersecurity attacks highlighted in this report aren&#8217;t just incidents, they&#8217;re blueprints of the adversary&#8217;s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 37, 2025 Information security updates and events from the past week Supply chain attack on British railway company [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8612,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[65],"class_list":["post-10159","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates","tag-weekly-cybersecurity-report"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10159","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=10159"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10159\/revisions"}],"predecessor-version":[{"id":10160,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/10159\/revisions\/10160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8612"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=10159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=10159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=10159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}