H-ISAC TLP White: Daily Cyber Headlines - October 29, 2025

Today’s Headlines:   

Leading Story

  • Critical Authentication Bypass Vulnerability in Asseco mMedica Exposes Healthcare Databases

Data Breaches & Data Leaks 

  • Threat Actors Target Swedish Power Grid Operator 

Cyber Crimes & Incidents

  • Water Saci Threat Actors Leverage WhatsApp to Deliver Multi-Vector Persistent SORVEPOTEL Malware
  • Massive China-Linked Smishing Campaign Leveraged 194,000 Domains

Vulnerabilities & Exploits  

  • Italian Spyware Menace: LeetAgent Delivered via Critical Chrome Zero-Day

Trends & Reports

  • 81% Router Users Have Not Changed Default Admin Passwords, Exposing Devices to Threat Actors
  • CrowdStrike: 76% of Organizations Struggle to Combat AI Attacks

Privacy, Legal & Regulatory

  • Cybersecurity Executive Charged with Stealing and Selling Trade Secrets to Russia
  • United Nations’ First Global Cybercrime Treaty Sparks Debate Over Privacy and Surveillance

Upcoming Health-ISAC Events

  • Global Monthly Threat Brief 
    • European – October 29, 2025, 03:00-04:00 PM CET
    • Fall Americas Summit – Carlsbad, California – December 1-5, 2025

View the detailed report below.
 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Guides/Reports
Cybersecurity and Risk Advisory Services
Standards/Guidelines
Become an AHA Preferred Cybersecurity and Risk Provider
Public
Issue Landing Page
AHA Preferred Cybersecurity & Risk Provider Program
Issue Landing Page
Support for Your Cybersecurity Program