Saturday Security: Manufacturing Under Attack - Why 2025 Is the Worst Year Yet for Ransomware

 

Manufacturers are deep in their 2025 Golden Quarter — but it’s not just production that’s surging. Cyberattacks on the manufacturing sector have hit an all-time high. More than half of all compromised manufacturers paid ransomware demands this year, with average payouts topping $1 million and recovery costs adding another $1.3 million. For the first time in years, exploited vulnerabilities beat phishing and stolen credentials as the top attack vector. And experts agree the biggest gaps are clear: limited cybersecurity expertise, unseen vulnerabilities, and slow adoption of essential protections. From Jaguar Land Rover shutting down production for nearly a month to major beverage operations grinding to a halt, the impact is massive. And with AI and automation expanding across factory floors, the attack surface is only growing. This is your Saturday Security Story. I’m Peter — like, sub, and share to stay ahead of what’s happening in cybersecurity. https://www.darkreading.com/cyberattacks-data-breaches/threat-landscape-increasingly-dangerous-manufacturers https://industrialcyber.co/reports/half-of-2025-ransomware-attacks-hit-critical-sectors-as-manufacturing-healthcare-and-energy-top-global-targets/

Saturday Security: OpenAI Breach - What Threat Actors Stole & How to Protect Yourself

 

A new security incident involving OpenAI has exposed user data — but not in the way you might think. This breach didn’t hit OpenAI’s own systems, but instead targeted Mixpanel, a third-party analytics provider used for OpenAI’s API platform. Attackers accessed a limited set of user information including names, email addresses, user IDs, approximate locations, and device details. No chats, passwords, API keys, payment data, or government IDs were compromised — and only API users were affected. OpenAI has since removed Mixpanel from production and launched a full investigation. But stolen personal data still opens the door to phishing attacks, identity targeting, and social engineering attempts. Stay aware. Stay secure. https://openai.com/index/mixpanel-incident/ https://www.bleepingcomputer.com/news/security/openai-discloses-api-customer-data-breach-via-mixpanel-vendor-hack/ 00:00 – The OpenAI Data Breach: What Happened 00:23 – What Hackers Accessed (and What They Didn’t) 00:43 – OpenAI’s Response & Investigation 00:53 – How This Data Can Be Used Against You 01:03 – Security Steps to Take Right Now 01:09 – Final Thoughts

Saturday Security: Zero-Day Logitech Breach Exposes 1.8TB of Data

 

Logitech, a prominent PC accessories brand, has recently confirmed a major data breach after cybercriminals exploited a zero-day vulnerability in a third-party platform. While Logitech assures that exposed data was limited and credit card numbers, as well as national IDs, were not stored on the impacted systems, the situation remains concerning. The notorious Clop ransomware gang has taken responsibility for the attack and claims to have stolen an alarming 1.8TB of data, potentially compromising internal information related to employees, customers, consumers, and suppliers. Despite Logitech's insistence that manufacturing operations and products were unaffected, this incident highlights the persistent threat of ransomware attacks. Moreover, the same zero-day vulnerability has been utilized in recent attacks on several high-profile organizations, including Envoy Air and The Washington Post. As this threat continues to spread, it is crucial for individuals and companies alike to prioritize cybersecurity measures. To safeguard your personal data, remember to freeze your credit, avoid reusing passwords, and enable multifactor authentication with passkeys whenever possible. Stay aware and secure in this ever-evolving digital landscape. https://ir.logitech.com/press-releases/press-release-details/2025/Logitech-Cybersecurity-Disclosure/default.aspx https://www.pcworld.com/article/2974738/logitech-confirms-large-customer-data-breach-what-that-means-for-you.html 00:00 – Cloudflare Outage & Logitech Breach Intro 00:25 – Zero-Day Exploit & Clop Ransomware Claim 00:45 – What Data Was Stolen 01:02 – Growing Zero-Day Campaign Hits Other Companies 01:20 – How to Protect Yourself 01:31 – Final Thoughts: Stay Secure

Saturday Security: Socially Engineered Supply Chain Attack Exposes DoorDash Data

 

When it rains, it pours. DoorDash is once again in the cybersecurity spotlight after confirming a brand-new data breach—this time caused by a compromised third-party vendor. Attackers used social engineering to trick an employee into giving up credentials, then slipped through weaker defenses to access customer names, emails, delivery addresses, and partial payment info. What makes this breach different? 👉 DoorDash wasn’t directly hacked. 👉 The attackers went through the supply chain, proving—again—that vendors can be the biggest vulnerability in the security ecosystem. DoorDash says it has cut off the vendor’s access and is tightening monitoring and supply-chain controls. But the real takeaway is clear: even top brands can be blindsided when a trusted partner becomes the weakest link. https://www.bleepingcomputer.com/news/security/doordash-hit-by-new-data-breach-in-october-exposing-user-information/ https://www.webpronews.com/doordashs-data-debacle-social-engineering-strikes-again-in-2025-breach/ Stay sharp out there. 💡 Lock down your credit. 📱 Watch for phishing, smishing, and credential-stealing scams. 🔐 Be aware, stay protected. I’m Peter — Like, Sub, and Stay Secure. 0:00 – When It Rains, It Pours 0:08 – DoorDash Confirms New Breach 0:20 – Social Engineering Strikes Again 0:35 – Vendor With Weak Defenses Compromised 0:49 – DoorDash Response & Mitigation 1:00 – The Big Takeaway: Supply Chain Risks 1:15 – Stay Safe: Phishing & Smishing Alerts 1:21 – Like, Sub & Stay Secure

Saturday Security: Three Breaches, Three Lessons and How Attackers Keep Adapting

 

This week, three very different data breaches proved one thing: no sector is safe. From nation-state espionage to data theft to social engineering, the tactics vary — but the results are the same: exposed data, shaken trust, and hard lessons. Here’s what happened: 🔒 SonicWall — A nation-state actor breached its cloud backup service, stealing firewall configuration files via an exploited API call. Even cybersecurity vendors can have blind spots. 🚗 Hyundai AutoEver America — Hackers had access for more than a week, exposing Social Security numbers and driver’s licenses across its IT environment. 🎓 University of Pennsylvania — A social engineering attack led to over a million donor records stolen and a fraudulent mass email sent to 700,000 recipients. Three breaches. Three methods: API abuse, network intrusion, and human deception. Different industries, same message — security is everyone’s job. https://www.darkreading.com/cyberattacks-data-breaches/sonicwall-firewall-backups-nation-state-actor https://www.bleepingcomputer.com/news/security/hyundai-autoever-america-data-breach-exposes-ssns-drivers-licenses/ https://www.bleepingcomputer.com/news/security/university-of-pennsylvania-confirms-data-stolen-in-cyberattack/ What’s your takeaway? Which breach worries you most? Drop a comment. Like, subscribe, and stay updated on the stories shaping cybersecurity. 0:00 – Intro: Three breaches, one message 0:08 – SonicWall breach: API exploited by nation-state actor 0:20 – Hyundai AutoEver hack: SSNs and driver’s licenses exposed 0:32 – University of Pennsylvania: Social engineering and data theft 0:42 – The takeaway: No one is immune

October 2025 Data Breach Roundup

 

October 2025 was another tough month for cybersecurity — with millions of personal and enterprise records leaked worldwide. From Qantas and Red Hat to Discord, Williams & Connolly, and SonicWall — threat actors targeted some of the world’s most trusted brands. According to bright defense, these are the five biggest breaches of October 2025: https://www.brightdefense.com/resources/recent-data-breaches/ 1. Qantas: 5.7M customer records leaked after ransom demands ignored 2. Red Hat: 570GB stolen from GitHub/GitLab systems, hitting NASA, Cisco & more 3. Discord: Vendor breach exposes 70K users’ data 4. Williams & Connolly: FBI investigating suspected China-linked law firm hacks 5. SonicWall: All cloud backup customers affected in major exposure Takeaway: Visibility and response speed are everything. Stay patched, stay alert, never assume your backups are bulletproof and of course, check out Plixer One to combat breaches. Subscribe for more cybersecurity updates, breach breakdowns, and threat intel every week. #CyberSecurity #DataBreach #InfoSec #Qantas #RedHat #Discord #SonicWall #HackingNews #NetworkSecurity #CyberAttack #CyberThreats #CloudSecurity #Ransomware #TechNews

Nation-State Breach Exposes “Imminent Threat” to Networks

 

One of the biggest cybersecurity stories of the week: thousands of networks — including U.S. government agencies and Fortune 500 companies — are facing an “imminent threat” following a major breach at Seattle-based software maker F5. Investigators say a China-linked nation-state actor maintained long-term, covert access to F5’s systems for nearly a year, stealing BIG-IP source code, customer configurations, and data on unpatched vulnerabilities. While F5 insists the threat is contained — and firms like CrowdStrike and Mandiant have validated their findings — the potential exposure is massive. CISA and the UK’s NCSC have issued emergency directives urging organizations to patch immediately, harden BIG-IP appliances, and tighten network visibility. Given BIG-IP’s critical role in global infrastructure, this isn’t a drill — it’s a wake-up call for defenders everywhere. https://my.f5.com/manage/s/article/K000154696 https://www.securityweek.com/f5-hack-attack-linked-to-china-big-ip-flaws-patched-governments-issue-alerts/ https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/