Serbian Civil Aviation Directorate
October 17, 2025
•[ cyber-espionage, phishing, malware ]
A cyber-espionage campaign linked to suspected Chinese threat actors compromised application servers at Serbias Civil Aviation Directorate. Attackers used phishing emails to deploy Sogu, PlugX, and Korplug malware, gaining persistent access for intelligence collection. No operational disruption was reported.
Fairfield City Council
October 16, 2025
•[ unauthorized access, data exfiltration, system disruption ]
Fairfield City Council said threat actors illegally accessed a portion of its IT environment in October 2025, disrupted systems, and exfiltrated sensitive staff and resident information while most council services continued operating with temporary workarounds.
Mitchell County
October 16, 2025
•[ ransomware, unauthorized access, theft of personal information ]
Mitchell County detected ransomware on its computer network on October 20, 2025, after unauthorized access between October 16 and October 20. The incident encrypted files, disrupted email and phone systems for several days, and involved the theft of personal information and protected health information from Department of Social Services records.
City of Elne (France)
October 15, 2025
•[ ransomware, data leak, nation-state ]
French press reports Russian-linked Qilin targeted Elne shortly after school attacks
Mango
October 15, 2025
•[ data leak ]
External marketing provider breach exposed limited customer contact data; Mango said core systems unaffected
Russian IT service provider
October 15, 2025
•[ data leak, espionage, apt ]
China-linked Jewelbug infiltrated Russian IT provider for months, exfiltrating repositories and data
Volkswagen Group France
October 14, 2025
•[ ransomware, data leak ]
Qilin gang claimed a ransomware attack on Volkswagen France with ~150GB of data allegedly stolen; investigation ongoing.
Ansell Limited
October 14, 2025
•[ data leak ]
Ansell disclosed unauthorized access to certain company data and began mitigation; no operational disruption reported.
Vietnam Airlines
October 14, 2025
•[ data leak ]
Reuters/MarketScreener notes customer data breach; internal IT systems not impacted
Cyprus Post
October 13, 2025
•[ data leak, government ]
Hackers accessed Cyprus Post systems, leaking sensitive government correspondence and citizen data via the Thalis platform.
Banco Hipotecario del Uruguay
October 13, 2025
•[ ransomware, data leak ]
Uruguayan bank BHU said attackers leaked user data and demanded payments; reports attribute incident to Crypto24 group.
Methodist Church of Southern Africa
October 13, 2025
•[ ransomware, data leak ]
Ransomware actors claimed an attack on the Methodist Church of Southern Africa; verification and technical details remain limited.
MAYA Systems Ltd.
October 12, 2025
•[ data leak, hacktivism, espionage ]
An Iran-linked hacktivist group known as Cyber Toufan claimed responsibility for breaching Israeli defense contractor MAYA Systems in October 2025, stealing and releasing files allegedly showing Iron Beam laser-defense system designs and other IDF technologies. Israeli authorities have not verified the authenticity of the leaked materials.
Department of the Interior and Local Government (FDPP portal)
October 10, 2025
•[ data leak ]
Alleged breach of ~40 million records from the FDPP portal; authorities probing.
The Department of the Interior and Local Government (DILG)
October 10, 2025
•[ data leak ]
Philippines DILG said it is probing an alleged breach of ~40M records from its FDPP portal.
The Nobel Foundation
October 10, 2025
•[ cyberattack, data leak, unauthorized access ]
The Norwegian Nobel Institute concluded that a cyberattack was the most likely explanation for the leak of information about the 2025 Nobel Peace Prize, after prediction-market activity shifted sharply hours before the official announcement. The report frames the incident as unauthorized access leading to premature disclosure of confidential prize-related information. The article does not provide technical details on the access vector, attacker identity, or the specific systems compromised beyond the Institutes conclusion that hacking was the likely cause.
Prospect
October 9, 2025
•[ data leak ]
Security incident at Prospect exposed Bectu members personal and bank details.
TriMed
October 9, 2025
•[ data leak ]
Orthopedic device maker reported cybersecurity incident; threat group posted samples of stolen internal data.
Methodist Homes
October 9, 2025
•[ data leak ]
Law firm Lynch Carpenter announced an investigation tied to a Methodist Homes data breach affecting notified individuals.
Chipotle Mexican Grill, Inc.
October 9, 2025
•[ phishing, social engineering, data leak ]
Chipotle Mexican Grill disclosed unauthorized access to employee Workday payroll accounts between October 9 and October 26, 2025. Attackers used phishing and social engineering to access accounts and alter payroll information. State breach notices identified 31 affected employees in Maine and 2 in New Hampshire; the company has not disclosed a nationwide total, and state figures represent only partial reporting.
