This week’s cybersecurity news is headlined by a stark warning from the UK government as cyber threats are escalating rapidly, forcing organisations to prioritise resilience now.
Our top stories reveal a significant Macro Threat Shift, with the NCSC reporting a massive 50% surge in highly significant attacks. We detail critical Urgent Patching alerts, including fixes for two Windows zero day vulnerabilities and the emergence of the Rust based ChaosBot malware abusing Discord for C2.
Meanwhile, the critical risk of Third Party and Supply Chain failures is highlighted by data breaches at Mango.
Finally, we showcase a victory for law enforcement with Law Enforcement Success, which dismantled a massive crypto fraud network.
Escalation and Policy Shift
NCSC Issues ‘Call to Arms’ for Resilience as UK Cyber Attacks Surge
The UK’s National Cyber Security Centre (NCSC) has released its Annual Review 2025, revealing a stark 50% increase in “highly significant” cyber attacks over the past year. The agency, which handles an average of four nationally significant incidents per week, has issued a “call to arms” urging all organisations to develop robust contingency plans for when their IT infrastructure is crippled.
Ransomware remains the primary threat driver and senior UK ministers are demanding that cyber resilience become a board level responsibility to combat the escalating danger from sophisticated state backed and criminal groups.
View SourceUrgent Action: Active Exploitation of Zero Days and New C2 Malware
Microsoft’s October Patch Tuesday
Microsoft’s October Patch Tuesday addressed a total of 183 security flaws, including fixes for two Windows zero day vulnerabilities (CVE 2025 24990 and CVE 2025 59230) that are currently being actively exploited in the wild. Both flaws are Elevation of Privilege vulnerabilities, with a CVSS score of 7.8, that could allow a local attacker to execute code with elevated system privileges.
One flaw, found in the legacy Agere Modem Driver, is particularly urgent as it has been present in every version of Windows ever released and required Microsoft to remove the vulnerable driver entirely rather than issuing a simple patch.
Organisations must prioritise applying these patches immediately, as they are essential to prevent local privilege escalation.
View SourceChaosBot Malware Abuses Discord for Command and Control (C2)
Cybersecurity researchers have uncovered ChaosBot, a new sophisticated backdoor written in the Rust programming language, that allows threat actors to conduct reconnaissance and execute arbitrary commands on compromised Windows hosts.
The malware is notable for its abuse of Discord channels for its Command and Control (C2) communications, allowing operators to issue remote instructions, download files and capture screenshots from infected devices.
ChaosBot has been observed exploiting compromised Cisco VPN credentials and over-privileged Active Directory accounts for initial deployment within victim networks.
View SourceThird Party and Supply Chain Risk
Global Retailer Mango Confirms Data Breach via External Vendor
The global fashion retailer Mango confirmed a data breach stemming from a compromise in one of its external marketing service providers.
The company began notifying customers on October 15th, 2025, that the exposed information was “limited” to contact details used for marketing campaigns, including customer first names, email addresses, phone numbers and location details.
Mango stressed that no financial data or login credentials were compromised, but the incident serves as yet another reminder of the critical supply chain risk faced by the retail sector when attackers target less secure third party vendors.
View SourceCounter Cybercrime
Operation Heracles Dismantles Massive Crypto Fraud Network
In a significant European law enforcement action dubbed Operation Heracles, German authorities, in coordination with Europol and Bulgarian law enforcement, successfully dismantled a vast network of fraudulent cryptocurrency investment sites. The operation resulted in the seizure of 1,406 bogus trading platforms that had targeted millions of victims across Europe.
The criminals used slick, often AI mass produced websites to lure victims with false promises of lucrative returns. In the ten days following the October 3rd takedown, 866,000 attempts were recorded to access the seized domains, underscoring the massive scale of the online investment fraud being perpetrated.
View SourceStrategic Resilience is Today’s Mandate
The NCSC’s important advisory in the UK, coupled with the exploitation of Windows zero days and notable supply chain failures, confirms that effective defence requires strategic planning over reactive measures. With a 50% increase in major incidents, prioritising cyber preparedness is crucial for continuity.
Building robust, tested resilience and clear continuity plans against sophisticated threats like ChaosBot is essential for business operations. Every leader should focus on moving beyond minimum requirements to maintaining a proactive and mature security posture today.
Don’t get caught off guard. Get in touch with our team today to learn how our services can help you navigate these complex threats and secure your digital future. ⬇️