A Russia-linked threat actor breached Ukrainian entities in mid-2025 using stealthy LotL techniques. The attackers leveraged legitimate administrative tools and minimal custom malware to evade detection while stealing sensitive data.

A significant data exposure incident has compromised the personal information of over 7,000 individuals who applied for positions on Capitol Hill through the DomeWatch resume bank.

A significant data breach has impacted Ravin Academy, a cybersecurity training institution linked to Iran’s MOIS. The breach has resulted in the exposure of sensitive personal data belonging to students and associates

Svenska kraftnät, Sweden’s state-owned electricity transmission operator, has confirmed a data breach following claims by the Everest ransomware group. The threat actor claims to have exfiltrated approximately 280 GB of internal data.

A significant data breach at Conduent, a New Jersey-based government contractor, has been traced back to an intrusion that began in October 2024 and persisted undetected until January 2025.

A large-scale Distributed Denial-of-Service (DDoS) attack has targeted Russia’s Federal Service for Veterinary and Phytosanitary Surveillance (Rosselkhoznadzor), severely disrupting food logistics across the country.

A ransomware attack by the Safepay group has compromised Xortec GmbH, a German provider of professional video surveillance and security solutions. The group has listed Xortec on its data leak site.

The Everest ransomware group claimed responsibility for breaching Dublin Airport and Air Arabia. The group alleges the theft of approximately 1.5 million passenger records from Dublin Airport and personal data of over 18,000 Air Arabia employees.

A significant data breach has impacted MyVidster, compromising the personal information of nearly 3.9 million users. The data was publicly posted on a hacking forum, increasing the risk of phishing and credential-based attacks.

The Medusa ransomware group has leaked a 186.36 GB compressed archive of data allegedly stolen from Comcast Corporation. The data was released after Comcast reportedly failed to meet a $1.2 million ransom demand.