This month has witnessed an alarming escalation in cyber attacks and data breaches across multiple sectors, with healthcare, cloud infrastructure, and enterprise software supply chains bearing the brunt of sophisticated threat campaigns. Meanwhile, the enterprise technology landscape is undergoing a dramatic transformation as AI infrastructure investments surge to unprecedented levels, and major networking vendors forge strategic partnerships to address the evolving security and connectivity demands of the digital age.

Supply Chain Attack Compromises GitHub Action Used by 23,000+ Repositories

GLOBAL

A sophisticated supply chain attack compromised the popular tj-actions/changed-files GitHub Action, impacting more than 23,000 repositories. Attackers retroactively modified multiple version tags to reference a malicious commit, exposing CI/CD secrets in workflow logs. The vulnerability existed between March 14 and March 15, 2025, and has since been mitigated.

The attack involved modifying the tj-actions/changed-files GitHub Action to execute a malicious Python script. This script extracted secrets from the Runner Worker process memory and printed them in GitHub Actions logs, making them publicly accessible in repositories with public workflow logs. Security experts warn that all versions were impacted and organizations using the compromised Action will likely need to reconfigure their pipelines.

6 Million Records Exfiltrated in Major Oracle Cloud Breach

USA

Security vendor CloudSEK uncovered a major breach targeting Oracle Cloud, with 6 million records exfiltrated via a suspected undisclosed vulnerability. More than 140,000 tenants were impacted with the attacker demanding a ransom and marketing sensitive data online. The data includes JKS files, encrypted SSO passwords, key files and enterprise manager JPS keys.

“While the threat actor has no prior history, their methods indicate high sophistication,” CloudSEK stated. The security firm assessed this threat with medium confidence and rated it as High in severity. This breach highlights the growing risks associated with multi-tenant cloud infrastructure and the critical importance of timely vulnerability patching.

Fake Banking App Targets Android Users via Telegram

INDIA

A sophisticated malware dropper was spotted mimicking the IndusInd Bank app and targeting Android users in a phishing scheme to steal sensitive financial information. Displaying a fake banking interface, the malicious app tricks users into entering information such as PAN and Aadhaar numbers as well as banking credentials.

After the victims submit the data, it is sent to both a phishing server and a Telegram-controlled command and control (C2) channel. This dual-exfiltration technique demonstrates how threat actors are increasingly combining traditional phishing infrastructure with messaging platforms to create more resilient and harder-to-trace C2 communications.

Ukrainian Railway Targeted in “Large-Scale” Cyber Attack

UKRAINE

A “large-scale” cyber attack on Ukraine’s railway forced online services offline. Ukrzaliznytsia, the country’s national railway company, described the attack as “very systematic, complex, and multi-level.” It took down its online portal, rendering the online sale of tickets impossible for a period of time, although trains were still able to operate.

“The key objective of the enemy failed: train traffic remains stable, running on schedule without delays, and all operational processes have been switched to backup mode,” Ukrzaliznytsia stated in their latest update. The company emphasized that backup protocols had been implemented in anticipation of such attacks, given their history of being targeted by cyber threats during the ongoing conflict.

9,000 Court Files Leaked in New South Wales Data Breach

AUSTRALIA

Some 9,000 court files including sensitive documents such as apprehended violence orders and affidavits were leaked in a data breach of the New South Wales (NSW) court system’s online registry. Police were alerted to the breach of the NSW Online Registry Website with cyber crime detectives from the NSW State Crime Command launching an investigation involving the state’s Department of Communities and Justice (DCJ).

Names and addresses of victims and offenders, as well as accounts of alleged offending, could be included in the exposed documents. NSW Attorney-General Michael Daley said the department and police were taking the incident seriously and working to ensure the integrity of the system following the significant leak.

Healthcare Sector Hit with 364 Hacking Incidents Affecting 33 Million Americans

USA

As of October 3, 2025, 364 hacking incidents had been reported to the U.S. Department of Health and Human Services Office for Civil Rights, affecting over 33 million Americans. This represents a continuation of the concerning trend seen in 2024, when 259 million Americans’ protected health information was hacked, setting a new record that included the massive Change Healthcare/UnitedHealth Group ransomware attack.

Analysis reveals several critical patterns: over 80% of stolen health records were taken from third-party vendors rather than hospitals, over 90% were stolen outside electronic health record systems, and 100% of hacked data was unencrypted. These findings underscore the urgent need for improved third-party risk management, comprehensive data encryption, and enhanced vendor security practices throughout the healthcare ecosystem.

Cisco and NVIDIA Unite to Deliver Secure AI Infrastructure

GLOBAL

Cisco and NVIDIA announced a strategic collaboration to deliver secure AI infrastructure for enterprises. The partnership combines Cisco’s networking and security expertise with NVIDIA’s accelerated computing platform to create AI factories that power the next generation of enterprise AI applications. This collaboration aims to address the growing demand for secure, scalable infrastructure that can support the massive computational requirements of AI workloads.

The companies will work together to integrate NVIDIA’s AI platform with Cisco’s networking infrastructure, enabling organizations to deploy AI applications at scale while maintaining robust security posture. This partnership reflects a broader industry trend as major technology companies seek to address the convergence of AI, networking, and security requirements in enterprise environments.

Data Center Capex Surged 51% to $455 Billion in 2024

GLOBAL

According to Dell’Oro Group, data center capital expenditures surged 51% to reach $455 billion in 2024. This massive investment reflects the accelerating demand for cloud services, AI infrastructure, and enterprise digital transformation initiatives. The surge in spending demonstrates how organizations are prioritizing infrastructure upgrades to support next-generation workloads and applications.

The investment boom is being driven by hyperscale cloud providers, enterprise data center expansions, and the need for specialized infrastructure to support AI training and inference workloads. Industry analysts expect continued strong investment in 2025 and beyond as organizations build out the infrastructure foundation required for AI-driven business transformation.

Huawei Launches Industry’s First AI Core Network

CHINA

Huawei announced the launch of what it claims is the industry’s first AI Core Network, designed to enable intelligent connectivity of AI agents. The new infrastructure represents a fundamental rethinking of core network architecture to support the unique requirements of AI-driven applications and services, including ultra-low latency, high bandwidth, and deterministic performance guarantees.

The AI Core Network incorporates advanced capabilities for AI agent orchestration, intelligent traffic management, and adaptive resource allocation. This launch is part of Huawei’s broader strategy to position itself as a leader in AI-native infrastructure, building on its existing telecommunications expertise to address the emerging demands of the AI era.

Palo Alto Networks Unveils Prisma SASE 5G

USA

Palo Alto Networks announced Prisma SASE 5G, a new solution designed to deliver secure enterprise connectivity over 5G networks. The platform extends the company’s Secure Access Service Edge (SASE) capabilities to support the unique requirements of 5G infrastructure, including ultra-low latency, massive scalability, and network slicing capabilities.

This announcement reflects the growing importance of 5G in enterprise networking and the need for security solutions that can fully leverage the capabilities of next-generation wireless infrastructure. Prisma SASE 5G aims to provide organizations with secure, high-performance connectivity for their most demanding applications while maintaining consistent security policies across wired and wireless networks.

ZY Media Productions

IT • Music • Technology