A ransomware attack has targeted an overseas facility of LG Energy Solution, a major global battery manufacturer. The Akira ransomware group claims responsibility for the incident, alleging the theft of 1.7 terabytes of sensitive data.

The Congressional Budget Office (CBO) has confirmed the successful expulsion of threat actors from its email systems following a previously disclosed cyberattack that targeted the agency’s internal communications.

British lawmakers have been warned of a growing espionage campaign spearheaded by China’s Ministry of State Security (MSS), which leverages LinkedIn as a vector to target members of Parliament and policy influencers.

In a coordinated attack on Kenyan government digital infrastructure, multiple ministry websites—including those of Interior, Health, Education, Energy, Labor, and Water—were defaced with hate-based white supremacist messages.

Princeton University has disclosed a data breach involving its advancement database that houses personal information of donors, alumni, students, faculty, and parents. The breach occurred on November 10 and lasted less than 24 hours.

A large-scale phishing campaign has been uncovered targeting customers of Aruba S.p.A. The campaign aims to steal sensitive login credentials and payment information by impersonating Aruba’s login and payment portals.

A ransomware attack by the Qilin cybercrime group in June 2024 targeted Synnovis, a pathology services provider for the NHS, resulting in the exposure of highly sensitive medical data of over 900,000 patients.

Francesco Nicodemo, a prominent Italian communications executive and political adviser, has been identified as the fifth Italian victim of Paragon’s Graphite spyware. He is among 90 individuals notified by WhatsApp of the targeting.

A major exploit targeting the decentralized finance (DeFi) protocol Balancer has resulted in the theft of over $120 million in cryptocurrency, with at least $99 million in ETH alone. The attack exploited faulty access control mechanisms.

A Russia-linked threat actor breached Ukrainian entities in mid-2025 using stealthy LotL techniques. The attackers leveraged legitimate administrative tools and minimal custom malware to evade detection while stealing sensitive data.