News

October 2025 Cyber Attacks: Phishing via Google Careers, Figma Abuse, and LockBit 5.0

Luciano Ferrari

31 Oct 2025 — 2 min read

Friday, October 31, 2025

Top 5 Cybersecurity Stories You Should Know

October 2025 Cyber Attacks: Phishing via Google Careers, Figma Abuse, and LockBit 5.0 — tl;dr: In October 2025, significant cyber threats emerged, including a sophisticated phishing campaign impersonating Google Careers, utilizing Salesforce redirects and CAPTCHAs to steal corporate credentials. Additionally, attackers exploited Figma to launch Microsoft-themed phishing attacks, leveraging the platform's trusted status to bypass security filters. The LockBit 5.0 ransomware variant now targets Linux and ESXi systems, posing a severe risk to enterprise networks and critical infrastructure. Organizations must enhance their security measures, focusing on behavioral detection and awareness of these evolving tactics to mitigate potential breaches.
↪ https://any.run/cybersecurity-blog/cyber-attacks-october-2025/
October 2025 Data Breaches: Qantas, SimonMed, and Local Governments Exposed — tl;dr: In October 2025, significant data breaches impacted various sectors, including Qantas Airways, which reported exposure of 5.7 million customer records through a third-party contact center. SimonMed Imaging suffered a ransomware attack affecting 1.27 million patients, revealing sensitive medical information. Additionally, cyber incidents disrupted services in Texas, Tennessee, and Indiana, although no personal data theft was confirmed. Organizations are urged to enhance vendor security controls, implement strict network segmentation, and maintain regular backups to mitigate risks and improve incident response capabilities.
↪ https://strobes.co/blog/top-data-breaches-of-october-2025/
October 2025 Data Breaches: Qantas, SimonMed, and Local Governments Hit Hard — tl;dr: October 2025 saw significant data breaches affecting various sectors, including Qantas Airways, SimonMed Imaging, and local governments in Texas, Tennessee, and Indiana. Qantas reported a third-party data breach exposing 5.7 million customer records, while SimonMed faced a Medusa ransomware attack impacting 1.27 million patients' sensitive information. Additionally, municipalities experienced service disruptions from cyber incidents without confirmed data theft. Organizations are urged to enhance vendor security controls, monitor access, and implement robust incident response plans to mitigate risks and protect sensitive data.
↪ https://securityboulevard.com/2025/10/top-data-breaches-of-october-2025/
2025 Cybersecurity Stats: Ransomware Hits 44% of Breaches Amid Rising AI Threats — tl;dr: The 2025 cybersecurity landscape reveals a staggering $10.5 trillion in global cybercrime costs, with average data breach expenses at $4.44 million. Ransomware is involved in 44% of breaches, while AI-driven phishing attacks have surged by over 4,000%. The healthcare sector faces the highest breach costs at $7.42 million. Organizations are urged to enhance their security measures, as the average breach remains undetected for 204 days. With a significant skills gap in cybersecurity professionals, businesses must prioritize training and AI-powered tools to mitigate risks and protect sensitive data.
↪ https://thenetworkinstallers.com/blog/cybersecurity-statistics/
Ierland levert Oekraïense verdachte van Conti-ransomware aan VS uit — tl;dr: Ierland heeft een 43-jarige Oekraïense man uitgeleverd aan de Verenigde Staten, die verdacht wordt van het uitvoeren van wereldwijde aanvallen met de Conti-ransomware. Deze uitlevering markeert een belangrijke stap in de internationale samenwerking tegen cybercriminaliteit. Organisaties wereldwijd, vooral die in sectoren met gevoelige data, moeten hun beveiligingsmaatregelen versterken en voorbereid zijn op mogelijke ransomware-aanvallen. Het is cruciaal om regelmatig back-ups te maken en software-updates uit te voeren om kwetsbaarheden te minimaliseren.
↪ https://aboutict.nl/news/2025-10-31/ierland-levert-verdachte-achter-aanvallen-met-conti-ransomware-uit-aan-vs-securitynl