Nominet
January 1, 2025
•[ hack, technology ]
Nominet, the official .UK domain registry and one of the largest country code registries, confirms that its network was breached two weeks ago using CVE-2025-0282, an Ivanti VPN zero-day vulnerability.
Italian banks
January 1, 2025
•[ hack, ddos, finance ]
Pro-Russia threat actors from Noname057(16) target again Italian ministries, institutions, critical infrastructures websites and private organizations in coincidence with the visit of Ukrainian President Volodymyr Zelensky to Italy.
PANDORA
January 1, 2025
•[ hack, retail ]
hacked third party service
Mitsubishi UFJ Financial Group (MUFG Bank)
January 1, 2025
•[ ddos, finance ]
MUFG faced a temporary outage in internet banking services, which was later attributed to a suspected distributed denial-of-service (DDoS) attack.
Lukoil
January 1, 2025
•[ hack, ddos, energy ]
Ukraines military intelligence agency (GUR) launched a coordinated DDoS attack against Russian oil giant Lukoil and digital infrastructure like Evotor and Chestny Znak, disrupting payment terminals and authentication systems nationwide. The politically motivated operation caused significant service outages during the New Year holiday, demonstrating Ukraine's expanding offensive cyber capabilities.
Vallianz Holdings
January 1, 2025
•[ hack ]
Singaporean OSV player Vallianz is the latest shipowner to be hit with a cyberattack, and has reported the details of the incident publicly.In an inv...
Visionworks
January 1, 2025
•[ leak, healthcare ]
The federal suit, which seeks class-action status, alleges a data breach exposed 40,000 customers' private data.
Nikki‑Universal Co. Ltd
January 1, 2025
•[ ransomware, malware, manufacturing ]
Nikki-Universal Co. Ltd., produsen kimia asal Jepang jadi korban serangan ransomware pada Desember 2024. Data dicuri, server tak berfungsi
Cell C
January 1, 2025
•[ ransomware, technology ]
Cell C said that the threat actors that breached its systems and stole a limited amount of customer data identified themselves as the RansomHouse hacking group.
Starkville-Oktibbeha Consolidated School District
January 1, 2025
•[ ransomware, education ]
A data breach that has crippled Starkville-Oktibbeha Consolidated School Districts network appears to be a ransomware attack, according to online sources.
Valdosta State University (VSU)
January 1, 2025
•[ hack, education ]
Valdosta State University is working to fully restore its network and university systems after discovering a significant cybersecurity intrusion.
Carruth Compliance Consulting, Inc.
January 1, 2025
•[ hack ]
On January 13, 2025, Carruth Compliance Consulting (CCC) posted a website notice entitled Notice of Data Security Incident after discovering that...
Discord
January 1, 2025
•[ hack, technology ]
third-party customer support services hacked
Santa Barbara County Department of Social Services
January 1, 2025
•[ skimming, theft, data leak ]
County reported widespread EBT skimming causing mass card cancellations and benefit delays for students and residents.
University Of Valladolid
January 1, 2025
•[ cyberattack, service disruption ]
Spanish university continued recovery efforts after January cyberattack impacting services.
British Broadcasting Corporation Pension Scheme
January 1, 2025
•[ data leak ]
Bbc reported breach exposing pension members personal details on May twenty-nine.
Pearson plc
January 1, 2025
•[ data leak, source code leak, credential leak ]
Threat actors used an exposed GitLab PAT to access source code and cloud credentials, stealing terabytes of corporate and customer data over months.
Private individuals (elderly victims in Encino, California)
January 1, 2025
•[ malware, phishing, ransomware ]
Malware infection launched by phishing email locked elderly victims computer, prompting payment of 25,000 USD to scammers; suspect Tai Su was arrested when he arrived to collect another 35,000 USD and later sentenced to 10 months in federal prison.
At least one individual tricked by scam network impersonating CNN, BBC, CNBC
January 1, 2025
•[ phishing, scam, impersonation ]
Global phishing and investment scam campaign impersonating CNN, BBC, and CNBC; CTM360 identified over 17,000 fake sites used to steal identity and financial data through bogus crypto platforms like Eclipse Earn, Solara, and Vynex
At least one Russian industrial company
January 1, 2025
•[ phishing, spyware, data leak ]
Kaspersky-reported campaign uses phishing and a new spyware ('Batavia') to exfiltrate sensitive documents and system info from Russian industrial firms.
