Annie - RH-ISAC - Page 5 of 24 Blog

VIENNA, VA (11 December 2025) — The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced the results of the 2025 Board of Directors elections. Chris McFarland (Abercrombie & Fitch), Michael South (Dick’s Sporting Goods), and Lena Taylor (Crocs) were elected as new members of the board. Steve Bonilla (Wynn Las Vegas) and Brett…

Summary A  vulnerability with a CVSS score of 10.0, tracked as CVE-2025-55182 in React and CVE-2025-66478 in Next.js, has been publicly disclosed, enabling unauthenticated remote code execution (RCE). The flaw resides in how React Server Components (RSC) decode payloads sent to Server Function endpoints, allowing attackers to execute arbitrary JavaScript on the server via specially crafted HTTP requests. Sector Impact…

VIENNA, VA (14 November 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced the winners of the first-ever EMEA Sharing and Collaboration Challenge during the organization’s CISO Forum, held in Amsterdam on November 11, 2025. The awards recognize outstanding companies and individuals who have demonstrated exceptional dedication to RH-ISAC’s mission of…

Retail and hospitality organizations are facing a surge in distributed denial-of-service (DDoS) attacks. As adversaries adopt new tools, leverage APIs, and exploit transactional endpoints, layered defenses and edge-based mitigation have become critical to maintaining uptime and customer trust through the peak holiday season. What We’re Seeing In the past year, DDoS activity targeting retail and…

Summary A financially motivated threat cluster has been actively targeting the freight and logistics industry since at least June 2025 in a cyber-enabled cargo theft campaign, according to a new report from Proofpoint. The primary goal of the campaign is to gain remote access to logistics networks to steal high-value physical goods, mainly food and beverage…

VIENNA, VA (November 3, 2025) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released its 2025 Holiday Season Cyber Threat Trends report, highlighting a sharp rise in fraud and automated bot attacks expected to align with peak seasonal shopping demand across the retail, hospitality, and travel sectors. The report analyzes threat…

Summary The China-nexus threat cluster known as UNC5221 is actively exploiting F5 BIG-IP appliances following a confirmed breach of F5’s internal network that resulted in the theft of BIG-IP source code and vulnerability data, according to a new report from Resecurity. UNC5221 utilizes a custom-built, highly sophisticated toolkit centered on the BRICKSTORM backdoor to exploit F5 BIG-IP devices….

Summary Cybersecurity firm F5 publicly disclosed a breach by an unnamed nation-state actor who gained long-term access to the company’s product development environment, including the engineering platforms for its flagship BIG-IP product. The attackers exfiltrated a portion of the BIG-IP source code, information about undisclosed security vulnerabilities, and configuration/implementation details for a limited number of customers….

Summary A highly capable threat campaign, codenamed EvilAI by Trend Micro, is using seemingly legitimate, digitally signed AI-enhanced productivity software, such as PDF editors, to secretly deliver various malware strains globally. These applications, which appear functional, serve as initial access conduits to perform reconnaissance, exfiltrate browser data, and prepare systems for secondary payloads. The campaign has…

Fraud and scams are no longer isolated incidents—they’re a national crisis. Every day, criminals steal an estimated $430 million from Americans, exploiting digital platforms, financial systems, and communication networks. These scams fund transnational criminal organizations and erode trust in our economy and institutions. To address this growing threat, the Aspen Institute Financial Security Program has released the proposed National Strategy to…