It’s been an intense week in cybersecurity as more companies have reported attacks, new forms of malware which seem to be spreading fast, and experts have warned about serious vulnerabilities in certain firewall systems.
Asahi Group Holdings Confirms Ransomware Attack and Possible Data Theft
Japanese beverage company, Asahi Group Holdings is dealing with the after effects of a ransomware attack that happened on September 29, 2025.
The attack has caused system outages, affecting order placements and product shipments. The company has also confirmed signs of unauthorized data transfers, though investigations are ongoing. This has caused a delay in the launch of 12 new products as Asahi Group works to restore normal operations.
What’s the Implication of This?
A ransomware attack can paralyze a company’s supply chain, cause huge financial losses, and lead to damage to reputation especially when data theft is involved.
What You Can Do
- Always train staff to recognize phishing and social engineering attempts, which are the primary entry points for ransomware.
- Ensure regular data backups are performed and stored offline and separate from the network.
Renault UK Confirms Data Breach
Renault UK has confirmed a data breach affecting some customer information. The incident caused by a third-party data processor did not expose any financial details but involved personal data like names, addresses, and vehicle registration numbers.
Renault is contacting affected individuals and advising customers to stay alert for phishing attempts or unexpected messages claiming to be from the company.
What’s the Implication of this?
This breach raises concerns about how customer data is handled by third-party vendors. Such incidents show how even trusted brands can be affected by lapses outside their direct control.
A few weeks ago, Jaguar Land Rover (JLR) also suffered a data breach and is still dealing with the impact. Seeing another big car brand like Renault UK face a similar issue shows how common these attacks have become. Car makers and their partners need to take data protection more seriously, especially when it comes to customer information.
What You Can Do
- If you’re a Renault customer, be careful of emails, texts, or calls asking for personal or financial information even if they look legitimate.
WestJet Data Breach Affects 1.2 Million Customers
Canadian airline WestJet has confirmed that a cyberattack earlier this year compromised the personal data of approximately 1.2 million customers.
The company’s investigation, completed in September, revealed that attackers gained access to names, mailing addresses, dates of birth, and in some cases, passport or government ID details.
What’s the Implication of this?
While credit card information and passwords were not exposed, experts warn that the stolen data could still be misused for phishing and identity fraud.
This development comes not long after the AirFrance–KLM Airlines breach, where some customer data was also exposed through a third-party system. It shows that airlines everywhere are facing similar struggles in keeping customer data safe. Many of these leaks start from weak links in shared systems used for bookings or payments, which is why regular security checks and stronger controls are so important.
What You Can Do
- Consider placing a fraud alert or credit freeze on your accounts if you suspect you are at risk.
Malware and New Exploits
Security researchers have discovered a new Android banking trojan known as Klopatra, that’s already infecting thousands of devices.
Klopatra is a remote access trojan which allows attackers to take full control of infected phones. It uses advanced native libraries and commercial-grade protection software, making it extremely difficult to detect or analyze.
Once active, Klopatra can steal banking login details through fake overlays and perform transactions on a user’s behalf via Hidden VNC. So far, infections have been reported mainly in Spain and Italy, with over 3,000 compromised devices identified.
What’s the Implication of this?
Klopatra shows how mobile malware is becoming more sophisticated, targeting financial apps that people use daily.
What You Can Do
- Download apps only from official stores like Google Play
- Avoid granting unnecessary accessibility permissions to apps.
Cisco Firewall Flaws Put Nearly 50,000 Devices at Risk
Back in July, attackers also went after Cisco in a voice phishing (vishing) attack that tricked a company representative into giving away login details, allowing access to internal systems. Now, the company faces another challenge as new flaws have been discovered in its firewall products.
The Shadowserver Foundation has reported that around 50,000 Cisco firewalls are still vulnerable to two critical flaws (CVE-2025-20333 and CVE-2025-20362) affecting Cisco ASA and Firepower Threat Defense (FTD) products.
These bugs could let attackers gain remote code execution and take full control of a device.
In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an Emergency Directive urging users to patch immediately, as there are currently no available workarounds.
The U.S. tops the list with over 19,000 unpatched devices still exposed.
What’s the Implication of this?
Unpatched security appliances create a serious, high-privilege entry point for attackers to infiltrate entire corporate networks.
What You Can Do
- If your organization uses Cisco ASA or FTD products, install the latest security patches right away.
- Restrict public internet access to admin interfaces whenever possible.
Steps to Protect Yourself
With the spike in cyberattacks and data breaches, it’s a good time to check how secure you really are both personally and at work.
Here's how to do so
- Watch out for Scams: Be careful with unexpected emails, messages, or calls asking for money, passwords, or personal details especially if they mention a recent breach. Don’t click on links or open attachments unless you’re sure they’re safe.
- Protect your accounts: Turn on Multi-Factor Authentication (MFA) wherever possible on your email, bank, and social media accounts. It is another layer of protection even if your password gets leaked.
- Keep software up to date: Always install updates for your operating system, browsers, and apps. Most attacks exploit old, unpatched software.
For more safety tips, join our newsletter to get timely updates and cybersecurity insights delivered straight to your inbox.