This Weekend In Cybersecurity: Bridgestone Cyberattack, Wealthsimple Data Breach

While your weekend was (hopefully) full of rest and relaxation, cybersecurity news didn’t take a break. From vulnerability exploits to data breaches, this is what you missed since Friday. 

1. Bridgestone Investigates Cyberattack on North American Facilities

Tire manufacturing giant Bridgestone confirmed an ongoing investigation into a cyberattack that hit facilities in South Carolina and Quebec, Canada. The company describes it as a "limited incident" with no customer data compromised. Production disruptions have been reported, though protocols were quickly enacted to contain the threat. The group behind it remains unconfirmed, but speculation points to Scattered Lapsus$ Hunters.

➡️ Read more at the TechRadarCyber News Centre. 

2. Wealthsimple Data Breach Impacts ~30,000 Clients

Canadian fintech firm Wealthsimple disclosed a data breach impacting about 30,000 clients. The breach originated from a compromised third-party vendor and may have exposed sensitive data including Social Insurance Numbers. Wealthsimple has initiated enhanced security measures and is working to mitigate fallout.

➡️ Read more about the breach. 

3. Critical Vulnerabilities Exploited in the Wild

• A long-known SAP S/4HANA code-injection vulnerability (CVE-2025-42957) has been actively exploited, allowing full system compromise—including potential remote takeover of systems.
• Enterprises are urged to patch Sitecore vulnerabilities swiftly, after reports that attackers are exploiting a zero-day via deserialization attacks—commonly used to deliver malware.
• Additionally, CISA added a critical Linux kernel TOCTOU race-condition flaw (CVE-2025-38352) to its known-exploited vulnerabilities list on September 5.

Final Takeaways

The weekend is only two days long, but those 48 hours can change the course of a business. Even a smaller-scale breach like Wealthsimple can significantly erode customer confidence, especially when sensitive identifiers like SINs are involved. Active exploitation of critical vulnerabilities (SAP, Sitecore, Linux kernel) underscores the pressing need for proactive patch management and robust network defenses. Don’t leave your network vulnerable — protect your networks and teams with OpenVPN.