Threat Landscape Briefing – October 2025

In this month’s briefing we explore:

• The GhostAction Campaign Explained (01:31)
  • Researchers uncover a major supply chain attack names “GhostAction”
  • Learn how Info-Tech can help you Embed Security into the DevOps Pipeline.
• Stop Fake AI Apps Before They Breach Your Enterprise (07:57)
  • Security researchers report a surge in phishing and malware campaigns using fake AI-branded apps and chatbot lures
  • See how you can adapt the 12 steps in Info-Tech’s Security Playbook to address AI-brand impersonation and mobile app threats.
• Patch Lag Leaves SAP Exposed (14:16)
  • A critical code injection vulnerability in SAP S/4HANA was discovered in late June by SecurityBridge Threat Research Labs, who confirmed in September that the flaw is currently under active exploitation
  • Checkout Info-Tech’s research on how to Build an Autonomous Security Delivery Roadmap.
• Scans Against Cisco ASA Devices Surge. Major Disclosure Imminent? (22:01)
  • In late August, a cybersecurity firm specializing in cyber threat intelligence (CTI), detected two notable waves of scanning targeting Cisco Adaptive Security Appliance (ASA) devices.
  • See how Info-Tech can help with Threat Preparedness Using MITRE ATT&CK.
• Confront AI-Powered Exploitation Before It Outpaces Your Defenses (27:40)
  • Security researchers report that attackers are weaponizing HexStrike-AI, a newly released open-source penetration testing framework, to rapidly exploit recently disclosed (“n-day”) vulnerabilities.
  • Follow Info-Tech’s Implement Risk-Based Vulnerability Management to find gaps in your vulnerability management plans.
• Salesloft’s GitHub Breach Resulted in Salesforce Data Theft (34:37)
  • A major sales engagement platform was targeted as part of a security breach which impacted larger security and technology companies.
  • Explore how Info-Tech can help you Develop a Comprehensive IAM Improvement Strategy.