Check Point Weekly: Top Attacks and Breaches (Week of Oct 27)
Category:Threat Alerts / Threat Intelligence
Check Point’s weekly bulletin highlights multiple incidents: Toys 'R' Us Canada breach, Askul ransomware disrupting logistics, Verisure data breach via billing partner, LastPass-themed phishing tied to UNC5356 causing ~$4.4M crypto theft, and Lazarus-linked drone sector intrusions.
CORTEX Protocol Intelligence Assessment
Business Impact: Mixed-sector exposure underscores multi-vector risk across retail, logistics, and defense. Technical Context: Active exploitation includes Windows SMB client CVE-2025-33073, WSUS CVE-2025-59287, and Adobe Commerce CVE-2025-54236.
Strategic Intelligence Guidance
- Prioritize patching for CVE-2025-59287, CVE-2025-33073, CVE-2025-54236
- Hunt for OAuth abuse and infostealer-driven credential replay
- Validate third-party processors for access controls and segregation
- Track APT activity in defense manufacturing supply chains
CVEs
Vendors
Threats
Targets
Impact
Data Volume:Unknown
Financial:$4.4M (crypto theft)
Intelligence Source: 27th October - Threat Intelligence Report - Check Point Research | Oct 28, 2025