A significant data breach at ApolloMD, a Georgia-based healthcare provider, occurred between May 22 and May 23, 2025, compromising the sensitive information of 626,540 individuals. The breach was executed by the Qilin ransomware gang.

A significant data breach at Conduent has impacted over 25 million individuals, including 17,000 employees of Volvo Group North America. The breach exposed sensitive personal data, making it one of the largest breaches in recent history.

A cyber incident in Poland's energy sector targeted OT and ICS systems, affecting renewable energy plants, a combined heat and power plant, and a manufacturing company. The attack exploited vulnerable edge devices.

The Jefferson Blount St. Claire Mental Health Authority in Birmingham, Alabama, experienced a significant data breach in November 2025, affecting over 30,000 individuals.

Flickr, a legacy image-sharing platform, has experienced a data breach affecting its global user base. Operating in 190 countries, Flickr has 35 million active users monthly, including 228,000 in Europe.

BridgePay, a major U.S. payment gateway, has confirmed a ransomware attack that has caused a significant outage across its services. Initial forensic findings indicate that no payment card data has been compromised.

The Prometei botnet, a Russian-linked threat active since 2016, has been identified in a UK construction firm's Windows Server. Known for mining Monero cryptocurrency, it also excels at stealing passwords and maintaining remote control over systems.

The Qilin ransomware gang, known for targeting high-profile organizations, has claimed responsibility for the cyberattack on Conpet, alleging the theft of nearly 1TB of data, including sensitive documents and financial information.

La Sapienza University, Europe's largest by in-campus students, has been hit by a ransomware attack attributed to the pro-Russian group Femwar02. The attack has led to significant disruptions, with IT systems offline and data encrypted.

Spain's Ministry of Science has partially shut down its IT systems following claims of a cyberattack. The Ministry cited a "technical incident" without confirming the attack.