Three London borough councils—Kensington and Chelsea, Westminster, and Hammersmith & Fulham—have been targeted in a coordinated cyberattack, leading to widespread disruption of core public services and operational systems.

A highly coordinated supply chain attack exploiting a South Korean Managed Service Provider (MSP) has led to the deployment of the Qilin ransomware, culminating in a significant data heist campaign dubbed "Korean Leaks".

A data breach at Mixpanel—a third-party analytics vendor used by OpenAI—has led to the exposure of limited identifiable information belonging to some OpenAI API users. The breach was exclusively attributed to Mixpanel.

Authorities in London—including the Royal Borough of Kensington and Chelsea (RBKC) and Westminster City Council (WCC)—are responding to a serious cybersecurity incident first identified on Monday morning.

A widespread cyberattack targeting Crisis24's legacy CodeRED platform has significantly disrupted emergency communication systems used by local governments, police, and fire agencies across the United States.

A ransomware group identified as Devman has claimed responsibility for a cyberattack targeting the Georgia Superior Court Clerks’ Cooperative Authority (GSCCCA), disrupting core administrative functions across Georgia’s judiciary.

Harvard University has disclosed a data breach targeting its Alumni Affairs and Development systems, caused by a vishing attack. It led to the unauthorized access of sensitive contact and biographical information of university affiliates.

A data breach has affected Italy’s national railway operator, Ferrovie dello Stato Italiane, following a successful cyberattack on its digital services provider, Almaviva. Threat actors claim to have exfiltrated 2.3 TB of highly sensitive info.

Cox Enterprises has suffered a significant data breach due to exploitation of a zero-day vulnerability in Oracle E-Business Suite. The Cl0p ransomware group exploited CVE-2025-61882.

A recent campaign linked to the ShinyHunters threat actor is exploiting OAuth tokens from third-party applications—specifically those developed by Gainsight—integrated into Salesforce environments.