Omrin
October 13, 2025
•[ ransomware ]
Ransomware hit Friesland waste processor Omrin, forcing closures of associated thrift shops and disrupting services.
MAYA Systems Ltd.
October 12, 2025
•[ data leak, hacktivism, espionage ]
An Iran-linked hacktivist group known as Cyber Toufan claimed responsibility for breaching Israeli defense contractor MAYA Systems in October 2025, stealing and releasing files allegedly showing Iron Beam laser-defense system designs and other IDF technologies. Israeli authorities have not verified the authenticity of the leaked materials.
Solana
October 12, 2025
•[ ddos ]
A Russian-language report stated that the Solana network was under a sustained DDoS attack for more than a week with traffic peaking around 6 Tbps. The article said Solana continued functioning normally despite the malicious traffic, with transaction confirmation times remaining stable.
ICTBroadcast
October 11, 2025
•[ vulnerability, exploit ]
Researchers warn ICTBroadcast CVE-2025-2611 actively exploited to gain shells via cookie
The Department of the Interior and Local Government (DILG)
October 10, 2025
•[ data leak ]
Philippines DILG said it is probing an alleged breach of ~40M records from its FDPP portal.
Department of the Interior and Local Government (FDPP portal)
October 10, 2025
•[ data leak ]
Alleged breach of ~40 million records from the FDPP portal; authorities probing.
The Nobel Foundation
October 10, 2025
•[ cyberattack, data leak, unauthorized access ]
The Norwegian Nobel Institute concluded that a cyberattack was the most likely explanation for the leak of information about the 2025 Nobel Peace Prize, after prediction-market activity shifted sharply hours before the official announcement. The report frames the incident as unauthorized access leading to premature disclosure of confidential prize-related information. The article does not provide technical details on the access vector, attacker identity, or the specific systems compromised beyond the Institutes conclusion that hacking was the likely cause.
TriMed
October 9, 2025
•[ data leak ]
Orthopedic device maker reported cybersecurity incident; threat group posted samples of stolen internal data.
Multiple compromised email accounts at second undisclosed US university
October 9, 2025
•[ phishing ]
Credential-phishing campaign diverting university employee salary payments via third-party platforms.
Methodist Homes
October 9, 2025
•[ data leak ]
Law firm Lynch Carpenter announced an investigation tied to a Methodist Homes data breach affecting notified individuals.
Prospect
October 9, 2025
•[ data leak ]
Security incident at Prospect exposed Bectu members personal and bank details.
Multiple compromised email accounts at third undisclosed US university
October 9, 2025
•[ phishing, data leak ]
Credential-phishing on university payroll platforms diverted salary payments.
Simply.com
October 9, 2025
•[ ddos ]
Massive DDoS on DNS affected many customer sites per provider updates.
Francesco Gaetano Caltagirone
October 9, 2025
•[ spyware, espionage, government ]
Report that Graphite spyware was used to spy on the businessman; tool sold to governments.
Chipotle Mexican Grill, Inc.
October 9, 2025
•[ phishing, social engineering, data leak ]
Chipotle Mexican Grill disclosed unauthorized access to employee Workday payroll accounts between October 9 and October 26, 2025. Attackers used phishing and social engineering to access accounts and alter payroll information. State breach notices identified 31 affected employees in Maine and 2 in New Hampshire; the company has not disclosed a nationwide total, and state figures represent only partial reporting.
Williams & Connolly
October 8, 2025
•[ espionage, state-sponsored attack, data leak ]
Breach of U.S. law firm with major political clients linked to Chinese espionage campaign.
Memphis-Shelby County Schools (MSCS)
October 8, 2025
•[ supply chain attack, service disruption ]
Vendor messaging platform breach caused districtwide outage; data impact not indicated.
Undisclosed Croatian Company
October 8, 2025
•[ ransomware ]
Croatian DPA (AZOP) fined a company after a ransomware attack compromised parts of its IT systems.
CPAP Medical Supplies and Services, Inc.
October 8, 2025
•[ data leak, healthcare, government ]
Data breach affecting ~90,000 military members, veterans and families exposed SSNs and medical details.
