A suspected ransomware attack on Miljödata, a Swedish software provider used for managing sick leave and similar HR reports, is believed to have impacted around 200 of the country’s municipal governments.

The activity identified by the intelligence services partially overlaps with campaigns reported by the cybersecurity industry and tracked as Salt Typhoon, RedMike, OPERATOR PANDA, UNC5807 and Ghost Emperor among others, stated the document.

A significant data breach has impacted over 1 million customers of Farmers Insurance and its subsidiaries, stemming from a cyberattack on an undisclosed third-party vendor. The breach resulted in the exposure of sensitive personal information.

A former employee of Eaton Corporation, a power management company based in Ohio, has been sentenced to four years in prison for intentionally sabotaging the company’s computer systems.

The Kinsing cryptomining group, also known as H2Miner and Resourceful Wolf, has expanded its operations into Russia, marking a significant shift in its targeting strategy. The campaign began in April and exploits outdated software vulnerabilities.

The U.S. Treasury Department has renewed and expanded sanctions against Russian cryptocurrency exchange Garantex, its successor Grinex, and associated individuals and entities.

ScarCruft, a North Korean state-sponsored cyber-espionage group, has taken the unusual step of deploying a new ransomware named VCD in its latest campaign. ScarCruft used phishing emails with malicious archive attachments to gain initial access.

Bouygues Telecom, France’s third-largest mobile operator, has confirmed a significant cyberattack that compromised the personal data of approximately 6.4 million customer accounts.

Researchers identified eight operational infrastructure clusters associated with Candiru’s DevilsTongue spyware, a Windows-based surveillance tool. Five of these clusters are currently active, with confirmed links to Hungary and Saudi Arabia.

Multiple Dutch Caribbean territories — including Curaçao, Aruba, and Sint Maarten — have recently experienced significant cyberattacks targeting government institutions such as tax departments, courts, and parliamentary systems.