Asahi resumes beer production after week-long cyberattack disruption — Asahi said it restarted output at six Japanese plants after a system outage halted orders and shipments nationwide for about a week, with full restoration timelines still under assessment (2025-10-06) [APAC]. For IR teams, this highlights the operational blast radius of IT outages into OT/logistics and the importance of manual fallback workflows and recovery runbooks (Source: Reuters, 2025-10-06).

UK NCSC: Active exploitation of Oracle E-Business Suite vulnerability — NCSC warned organizations to urgently apply Oracle’s updates for an unauthenticated RCE (CVE-2025-61882) impacting EBS and to conduct compromise assessments where exploitation indicators exist (2025-10-06) [EMEA]. DFIR teams should hunt for suspicious access to EBS modules, credential abuse, and data exfiltration paths tied to ERP integrations (Source: NCSC, 2025-10-06).

Singapore CSA: Active exploitation of zero-day in Oracle E-Business Suite — CSA reported active exploitation and urged immediate patching and hardening of exposed EBS instances, with emphasis on validating integrations and reviewing privileged access (2025-10-06) [APAC]. Cross-functional IR should coordinate with ERP owners to triage, rotate secrets, and validate third-party connectors often overlooked in containment (Source: CSA (Singapore), 2025-10-06).

Investigators analyze extortion emails sent to Oracle customers from compromised third-party accounts — Researchers shared samples of emails claiming theft from Oracle EBS, noting messages originated from hijacked accounts to improve deliverability and credibility (2025-10-02; event ongoing 2025-10-04/06) [AMER]. For investigators, SMTP headers, SPF/DKIM/DMARC anomalies, and compromised partner infrastructure are key to attribution and takedown (Source: CyberScoop, 2025-10-02).

Flock unveils license plate platform feature to detect human voices, raising evidentiary and privacy questions — New capability adds audio detection to ALPR deployments and could expand datasets available to police investigations (2025-10-03) [AMER]. DFIR/investigations teams should anticipate discovery requests around audio metadata chain-of-custody, retention, and locality-specific lawful use (Source: The Record by Recorded Future News, 2025-10-03).

Asahi cyberattack causes national beer shortages; production resumes — After a week-long outage affecting ordering, shipping, and customer service, Asahi restarted output while still restoring full systems (2025-10-06; incident began 2025-09-29) [APAC]. The disruption shows ransomware/IT outages can rapidly cascade to supply chains and retail, stressing the need for tested continuity plans (Source: Reuters, 2025-10-06).

ParkMobile settles class action over 2021 breach with $1 in-app credits — Users impacted by the 22M-account breach are offered $1 credits with manual claim steps and expiry, prompting criticism of redress adequacy (2025-10-05) [AMER]. For CISOs and counsel, this is a live case study in settlement optics, notification design, and long-tail breach liabilities (Source: BleepingComputer, 2025-10-05).

Oracle E-Business Suite zero-day (CVE-2025-61882) exploited in Clop-linked extortion — Oracle confirmed patch availability for a critical RCE while customers report extortion attempts tied to alleged EBS data theft (2025-10-06) [AMER]. ERP perimeter exposure and third-party connectors make EBS a high-value foothold; prioritize patching and access reviews (Source: SecurityWeek, 2025-10-06).

Tenable FAQ: What to know about CVE-2025-61882 and related EBS flaws — Researchers summarized affected versions and remediation steps, noting overlap with July CPU vulnerabilities in EBS 12.2.x (2025-10-06) [AMER]. The guidance helps defenders map versions to fixes and validate compensating controls during patch windows (Source: Tenable Research, 2025-10-06).

CISA adds exploited Meteobridge flaw to KEV; weather gateways targeted — CISA warned an already-patched Meteobridge vulnerability has active exploitation and added it to the Known Exploited Vulnerabilities catalog (2025-10-04) [AMER]. Even niche IoT/OT bridge devices can be leveraged for ingress and persistence—inventory and patch management must include environmental telemetry gear (Source: SecurityWeek, 2025-10-04).

Europol: Cybercrime fight hinges on timely access to data — At its 2025 conference, Europol warned that investigators’ inability to rapidly access cross-border data and platform logs undermines cases and victim recovery (2025-10-03) [EMEA]. For DFIR leads, LE engagement plans should anticipate mutual legal assistance timelines and alternative evidentiary paths (Source: Europol, 2025-10-03).

INTERPOL highlights cooperation and training to counter IP crime and cyber-enabled fraud — INTERPOL’s latest update emphasized international training and operations targeting illicit online trade and counterfeit goods (2025-10-01) [AMER/EMEA/APAC]. Coordinated actions and shared tooling remain pivotal for dismantling transnational cyber-criminal supply chains (Source: INTERPOL, 2025-10-01).

UK survey: Nearly a third of bosses report rising supply-chain cyberattacks — CIPS polling shows supply-chain attacks climbing over the past six months, elevating cyber risk in procurement priorities (2025-10-06) [EMEA]. Policy and vendor-risk programs should expand third-party monitoring, SBOM requirements, and incident notification clauses (Source: The Guardian, 2025-10-06).

Oracle confirms customer extortion emails; urges patching and updates — Oracle acknowledged a “high-volume” extortion campaign against E-Business Suite customers and urged immediate updates to reduce risk (2025-10-03; ongoing 2025-10-06) [AMER]. The episode underscores vendor-customer policy coordination on emergency advisories, contact channels, and rapid patch SLAs (Source: Reuters, 2025-10-03).

ETSI Security Conference 2025 opens (Sophia Antipolis, 6–9 Oct) — ETSI’s flagship security event convenes industry and standards bodies on 5G, QKD, and product security topics (2025-10-06) [EMEA]. Sessions typically preview upcoming specifications and implementation guidance relevant to EU CRA/NIS2 compliance roadmaps (Source: ETSI, 2025-10-06).

ISO Annual Meeting 2025 (Kigali & online, 6–10 Oct) spotlights security standards — ISO’s annual gathering highlights cross-sector standards work, including information security (ISO/IEC 27001 family) and privacy engineering (2025-10-06) [AMER/EMEA/APAC]. Compliance teams should watch outputs and liaison updates that inform certification schemes and procurement baselines (Source: ISO, 2025-10-06).