The phishing campaign began in December 2025, initially targeting 504 organizations primarily in the financial services and consulting sectors as part of a testing phase.

ZeroDayRAT is a sophisticated mobile spyware platform targeting Android and iOS devices, offering cybercriminals full remote control. It poses significant risks to both individuals and enterprises

A cyber incident in Poland's energy sector targeted OT and ICS systems, affecting renewable energy plants, a combined heat and power plant, and a manufacturing company. The attack exploited vulnerable edge devices.

North Korean hackers, identified as UNC1069, targeted a cryptocurrency executive using a fake Zoom meeting and ClickFix scam. The attack aimed to enable cryptocurrency theft and fuel future social engineering campaigns.

The Phorpiex malware is being used in a high-volume phishing campaign to deliver Global Group ransomware. Attackers use Windows shortcut files with double extensions (e.g., Document.doc.lnk) and visual cues to disguise malicious files.

The Jefferson Blount St. Claire Mental Health Authority in Birmingham, Alabama, experienced a significant data breach in November 2025, affecting over 30,000 individuals.

Flickr, a legacy image-sharing platform, has experienced a data breach affecting its global user base. Operating in 190 countries, Flickr has 35 million active users monthly, including 228,000 in Europe.

A state-backed hacking group is targeting military officials, journalists, and diplomats in Germany and Europe through phishing attacks on Signal. These attacks aim to gain unauthorized access to accounts by impersonating Signal support.

BridgePay, a major U.S. payment gateway, has confirmed a ransomware attack that has caused a significant outage across its services. Initial forensic findings indicate that no payment card data has been compromised.

The Prometei botnet, a Russian-linked threat active since 2016, has been identified in a UK construction firm's Windows Server. Known for mining Monero cryptocurrency, it also excels at stealing passwords and maintaining remote control over systems.