Ravin Academy
October 22, 2025
•[ hacktivism, data leak, government ]
Cyber intrusion into Ravin Academy, an Iranian cybersecurity training institution linked to the Ministry of Intelligence, by a hacktivist group. The stolen data was posted online with anti-regime rhetoric, indicating an ideologically motivated protest hack.
Verisure
October 20, 2025
•[ data leak ]
Verisure reports breach at Swedish subsidiary Alert Alarm; ~35,000 customers impacted
Wilkes University
October 20, 2025
•[ data leak, class action ]
Class-action filing alleges cybercriminals accessed Wilkes University systems and exposed personal information of thousands.
DSV
October 20, 2025
•[ data leak ]
Reports indicate DSV confirmed a breach impacting a smaller group of customers; details on scope and timing remain limited.
Somalia e-Visa Platform
October 20, 2025
•[ data leak, misconfiguration, government ]
Attackers accessed Somalias national e-visa application serverhosted on a misconfigured shared cPanel environmentallowing unauthorized retrieval of more than 125,000 visa applications and associated passport, biometric, contact, and payment data. U.S. and UK government alerts on November 13, 2025, warned that at least 35,000 travelers may have had their information compromised as the breach continued into mid-November.
Dodd Group
October 19, 2025
•[ data leak, third-party breach ]
Report claims Russian group accessed contractor and leaked MoD base documents
London Womens Clinic
October 19, 2025
•[ ransomware, data leak, dark web ]
Russian ransomware group Qilin reportedly broke into systems used by the London Womens Clinic which runs seventeen IVF and fertility centres across the United Kingdom and is believed to have exfiltrated large volumes of sensitive patient data after posting about the breach on dark web channels on October 19 2025 raising concerns for both private and NHS patients
FullBeauty Brands, Inc.
October 18, 2025
•[ ransomware, data leak, unauthorized access ]
Unauthorized actors accessed FullBeauty Brands systems over several weeks in late 2025 and exfiltrated internal company data, later claimed by the Everest ransomware group, with no confirmed operational disruption publicly disclosed.
Envoy Air (American Airlines)
October 17, 2025
•[ ransomware, data leak, vulnerability ]
Envoy Air confirmed it was hit in a broader Clop campaign abusing an Oracle EBS zero-day. Reuters notes a small amount of Envoy business information may have been accessed; Clop listed American Airlines, but the target was Envoy, AAs regional carrier. Primary impact: unauthorized access/data theft for extortion, not operational outage.
Serbian Civil Aviation Directorate
October 17, 2025
•[ cyber-espionage, phishing, malware ]
A cyber-espionage campaign linked to suspected Chinese threat actors compromised application servers at Serbias Civil Aviation Directorate. Attackers used phishing emails to deploy Sogu, PlugX, and Korplug malware, gaining persistent access for intelligence collection. No operational disruption was reported.
University of the Witwatersrand
October 17, 2025
•[ zero-day, data leak ]
University statement confirms zero-day event impacting Oracle E-Business; investigation ongoing
City of Elne (France)
October 15, 2025
•[ ransomware, data leak, nation-state ]
French press reports Russian-linked Qilin targeted Elne shortly after school attacks
Mango
October 15, 2025
•[ data leak ]
External marketing provider breach exposed limited customer contact data; Mango said core systems unaffected
Russian IT service provider
October 15, 2025
•[ data leak, espionage, apt ]
China-linked Jewelbug infiltrated Russian IT provider for months, exfiltrating repositories and data
Ansell Limited
October 14, 2025
•[ data leak ]
Ansell disclosed unauthorized access to certain company data and began mitigation; no operational disruption reported.
Volkswagen Group France
October 14, 2025
•[ ransomware, data leak ]
Qilin gang claimed a ransomware attack on Volkswagen France with ~150GB of data allegedly stolen; investigation ongoing.
Vietnam Airlines
October 14, 2025
•[ data leak ]
Reuters/MarketScreener notes customer data breach; internal IT systems not impacted
Methodist Church of Southern Africa
October 13, 2025
•[ ransomware, data leak ]
Ransomware actors claimed an attack on the Methodist Church of Southern Africa; verification and technical details remain limited.
Cyprus Post
October 13, 2025
•[ data leak, government ]
Hackers accessed Cyprus Post systems, leaking sensitive government correspondence and citizen data via the Thalis platform.
Banco Hipotecario del Uruguay
October 13, 2025
•[ ransomware, data leak ]
Uruguayan bank BHU said attackers leaked user data and demanded payments; reports attribute incident to Crypto24 group.
