H-ISAC: White Reports
H-ISAC TLP White: Daily Cyber Headlines for October 13, 2025.
On October 9, 2025, Huntress disclosed the observance of active, in-the-wild exploitation of CVE-2025-11371, an unauthenticated local file inclusion (LFI) vulnerability impacting Gladinet CentreStack and TrioFox products.
This week, Health-ISAC®'s Hacking Healthcare® examines the recent cyber incident at famed British car manufacturer Jaguar Land Rover.
On September 21, nationwide anti-corruption demonstrations drew nearly 50,000 people in Manila and thousands more in Cebu, Iloilo, Bacolod and Tuguegarao.
H-ISAC TLP White Strategic Intelligence: Critical Infrastructure Threat Landscape of the Philippines
The topic covered in this report is: Critical Infrastructure Threat Landscape of the Philippines.
SonicWall recently updated its security advisory concerning the MySonicWall Cloud Backup file incident.
On October 4, 2025, Oracle released an advisory to address a critical vulnerability, CVE-2025-61882, affecting E-Business Suite (EBS) systems, versions 12.2.3 through 12.2.14.
Health-ISAC, in cooperation with intelligence partners, received information concerning the recently released LockBit 5.0 ransomware variant.
On September 29, 2025, Broadcom issued an advisory for a local privilege escalation flaw tracked as CVE-2025-41244, affecting VMware Tools and VMware Aria Operations guest service discovery features.
Libraesva patched a command injection vulnerability CVE-2025-59689 in Libraesva's Email Security Gateway (ESG) solution.