A ransomware attack has targeted an overseas facility of LG Energy Solution, a major global battery manufacturer. The Akira ransomware group claims responsibility for the incident, alleging the theft of 1.7 terabytes of sensitive data.

A data breach at Pajemploi, a French public social service facilitating payroll for parents employing in-home caregivers, has compromised the private data of approximately 1.2 million registered childcare workers.

The Congressional Budget Office (CBO) has confirmed the successful expulsion of threat actors from its email systems following a previously disclosed cyberattack that targeted the agency’s internal communications.

In a coordinated attack on Kenyan government digital infrastructure, multiple ministry websites—including those of Interior, Health, Education, Energy, Labor, and Water—were defaced with hate-based white supremacist messages.

Princeton University has disclosed a data breach involving its advancement database that houses personal information of donors, alumni, students, faculty, and parents. The breach occurred on November 10 and lasted less than 24 hours.

The Pennsylvania Office of the Attorney General (OAG) experienced a significant ransomware attack on August 9, 2025, attributed to the INC Ransom gang, a Ransomware-as-a-Service (RaaS) operation.

Under Armour has allegedly been targeted by the Everest ransomware group, which claims to have stolen 343GB of data containing sensitive customer and internal records. The attackers have made sample records available

A major data breach at Chinese cybersecurity firm Knownsec has reportedly exposed over 12,000 files revealing its alleged involvement in developing and deploying state-linked cyber-espionage tools.

A critical data breach at The Washington Post has compromised sensitive personal and financial information of 9,720 employees and contractors. The breach was facilitated through a zero-day vulnerability in Oracle E-Business Suite (CVE-2025-61884).

DoorDash has disclosed a data breach, involving unauthorized access to user data through a social engineering attack. Notification emails began reaching affected users the evening before the public disclosure, primarily targeting users in Canada.