Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 47 – 2025

Publication date

21.11.2025

Featured Story

Cloudflare blames this week’s massive outage on database issues

Summary

On Tuesday, Cloudflare experienced its worst outage in 6 years, blocking access to many websites and online platforms for almost 6 hours after a change to database access controls triggered a cascading failure across its Global Network.

The issue was triggered by a change to one of our database systems’ permissions which caused the database to output multiple entries into a ‘feature file’ used by our Bot Management system.

When the oversized file propagated across network machines, the Bot Management module’s Rust code triggered a system panic and 5xx errors, crashing the core proxy system that handles traffic processing.

Analysis from our SOC teamThis incident highlights that even global-scale service providers are vulnerable to internal configuration failures, so we must treat internal changes in critical services with the same rigor as external threats.

Other News

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Summary

Malicious actors can exploit default configurations in Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.

The second-order prompt injection makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive corporate data, modify records, and escalate privileges.

Critically, Now Assist agents run with the privilege of the user who started the interaction unless otherwise configured.

Analysis from our SOC teamOrganization should treat AI-agent workflows as potential threat surfaces: ensure privileged agent behaviors are closely supervised, restrict discovery and agent-to-agent chaining.

Google fixes new Chrome zero-day flaw exploited in attacks

Summary

Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year. Google is aware that an exploit for CVE-2025-13223 exists in the wild.

This high-severity vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine, reported last week by Clément Lecigne of Google’s Threat Analysis Group.

Analysis from our SOC teamThis incident underscores that even widely trusted browsers can carry zero-days being actively exploited, so Organization must enforce rapid update deployment and verify version uniformity across the organization.

Fraudulent email in the name of the ONSS

Summary

We are currently receiving numerous reports of phishing emails that appear to come from the National Social Security Office (ONSS).

The message tells you that you have received a document from the ONSS and invites you to click on a link to supposedly access the ONSS portal. Do not do this, as the link actually leads to a fraudulent website that will ask for your bank details.

The sender’s email address does not correspond to the ONSS at all. … The ONSS will never ask citizens or businesses for their bank details by simple e-mail.

Analysis from our SOC teamThe tips described in the article is what we would like to emphasize on as well. Never click on any links and browse to the official website yourself.

Suspicious messages can be forwarded to any of the three email addresses from Safeonweb.

verdacht@safeonweb.be
suspect@safeonweb.be
suspicious@safeonweb.be

Our SOC is also available to assist in case there are any doubts or suspicions about text or mail messages.

OTHER STORIES

Weekly Digest Week 50 – 2025

Weekly Digest Week 49 – 2025

Weekly Digest Week 46 – 2025

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?

info@approach-cyber.com

Facebook-f Linkedin-in Youtube