Multiple Crypto Users
August 9, 2025
•[ financial, hack, malware ]
Malicious updates to popular npm packages deployed credential/wallet-stealing malware impacting crypto/DeFi users; community advisories urged halting transactions and rotating secrets; maintainers removed tainted packages; early losses ~$900$1,043 total.
MedicSolution
August 9, 2025
•[ ransomware, leak, malware ]
KillSec claimed ransomware attack against Brazilian healthcare IT vendor MedicSolution, disrupting operations and threatening a data leak unless negotiations commence; broader impact under investigation.
Npm ecosystem
August 9, 2025
•[ phishing, malware, hack ]
Phished npm maintainer account used to publish trojanized releases of widely used packages; malicious code attempted crypto address swapping. Packages were pulled within ~2 hours, yet reached ~10% of cloud environments; profits remained under $1,000; no confirmed data theft or sustained outages.
Inotiv Inc.
August 8, 2025
•[ ransomware ]
Qilin ransomware gang stole ~176 GB (~162,000 files) of data and encrypted systems. Inotiv confirmed operational disruption and fallback to offline continuity plans.
Beta – Dnevni evropski servis (DES)
August 7, 2025
•[ ransomware, malware, technology ]
Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.
Spartanburg County
August 6, 2025
•[ ransomware, government ]
Cyberattack led to disabling of certain online services, including County network connections; emergency services like 911 remained operational; third ransomware event in recent years
1000ua.ru (Russian POW portal)
August 6, 2025
•[ hack, ddos, government ]
On August 6, 2025, immediately after launch, the Russian website 1000ua.ru which published portraits of 1,000 Ukrainian POWs was hit with a DDoS attack. RT attributed the traffic to Ukraine, but no specific group has been identified. The attack caused partial disruption but no data theft or encryption.
Pakistan Petroleum Limited (PPL)
August 6, 2025
•[ ransomware, leak, malware ]
PPLs servers and backups were encrypted and disabled by Blue Locker ransomware; IT and financial operations were disrupted for days; a ransom note threatened data leaks; NCERT issued high alert advisory to national institutions
City of Greenville (TX)
August 5, 2025
•[ ransomware, malware, government ]
Hackers deployed ransomware targeting Greenvilles server infrastructure, affecting city services and utility billing in Hunt County; emergency 911 was unaffected, and no personal data breach has been reported.
Bouygues Telecom
August 4, 2025
•[ hack, technology ]
Bouygues Telecom, Frances third-largest mobile operator, detected a cyberattack on August 4, 2025, which exposed personal and contractual customer data including IBANs for approximately 6.4 million accounts; passwords and payment card details were not compromised.
Public Broadcasting Service (PBS)
August 4, 2025
•[ leak, technology ]
BleedingComputer confirmed a file posted on Discord with JSON records of 3,997 PBS employees and affiliates came from PBSs MyPBS.org internal service, and PBS confirmed the datas authenticity
Bouygues Telecom
August 4, 2025
•[ hack, technology ]
In August 2025, the French telecommunications company Bouygues Telecom detected a cyber attack against their services. The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also exposed names, physical addresses, phone numbers, dates of birth and IBANs (International Bank Account Numbers). Bouygues Telecom advised that all affected customers had been notified about the incident.
Prospect Medical Holdings
August 4, 2025
•[ ransomware, healthcare ]
Prospect Medical Holdings, a chain that owns hospitals as well as more than 165 outpatient facilities, said ransomware hackers had breached its system. Sixteen hospitals and more than a hundred other medical facilities across the United States are offline after the largest cyberattack on a U.S. hospital system since last year. Prospect Medical Holdings, a []
Sevastopol main internet provider (Miranda Media)
August 2, 2025
•[ hack, ddos, technology ]
On August 2, 2025, Sevastopols main internet provider Miranda Media came under a large-scale DDoS attack, causing widespread disruption of mobile and fixed-line connectivity across the city. Services were intermittently unavailable for several days. Officials acknowledged the disruption on August 4, 2025. No group has claimed responsibility.
99 Cents Only
August 1, 2025
•[ ransomware, retail ]
INC Ransom claims to have breached Dollar Tree
Undisclosed Bank in Asia-Pacific Region
August 1, 2025
•[ financial, malware, finance ]
A financially-motivated crew physically snuck a 4G-equipped Raspberry Pi into an Asia-Pacific banks network, plugging it into the ATM network switch to get remote access past perimeter defenses. Their goal was to reach the ATM switching server and deploy a custom CAKETAP rootkit to approve fraudulent ATM withdrawals; responders interrupted the operation before cash-out
Qilin ransomware group
July 31, 2025
•[ ransomware, hack, leak ]
Compromise of Qilins affiliate panel by rival actors enabled access to internal systems and stolen victim files.
Foreign embassies in Moscow (multiple missions)
July 31, 2025
•[ espionage, malware, government ]
FSB-linked APT Secret Blizzard (Turla) used ISP-level access in Russia to deliver espionage malware against multiple foreign embassies in Moscow; campaign disclosed by Microsoft. Data stolen likely includes diplomatic emails/credentials; exact volume not reported.
Acea
July 31, 2025
•[ ransomware, malware, energy ]
Italian utility company Acea suffered another ransomware attack, this time claimed by World Leaks. Systems were encrypted, disrupting operations, though the exact duration and number of affected customers were not disclosed.
Ministry of iTaukei Affairs
July 31, 2025
•[ hack, government ]
The Ministry of iTaukei Affairs official Facebook page was hacked again after an April 2025 incident.
