Kuaishou
December 22, 2025
•[ cyberattack, service disruption ]
Kuaishou experienced a cyberattack late on December 22, 2025 that disrupted livestreaming services for several hours, prompting market reaction and a decline in its share price the following day.
City of Leavenworth (Kansas)
November 19, 2025
•[ cyberattack, network outage, ransomware ]
DataBreaches reported that Leavenworth, Kansas officials said a cyberattack caused a network outage on November 19, 2025 after computer and phone systems began failing late that morning. The city brought in outside IT experts and later confirmed on November 25 that the disruption stemmed from a cyberattack on the municipal internal network. As of the December 8 report, impacts were still ongoing for invoicing, permitting, and hiring systems, while emergency services were reported unaffected, and no ransomware or extortion group had publicly claimed responsibility.
Weda (Medical Software)
November 10, 2025
•[ cyberattack, denial of service, healthcare ]
On November 10, 2025, Weda medical software used by general practitioners across France experienced a major cyberattack that rendered the system inaccessible. Physicians were unable to view or transmit patient medical records for several days. Service resumed only in degraded mode on November 14. No evidence of data encryption or exfiltration has been reported.
At least one drinking water supplier in Britain
November 3, 2025
•[ cyberattack, critical infrastructure, ransomware ]
A Recorded Future News investigation based on freedom-of-information disclosures from the UK Drinking Water Inspectorate found that five cyberattacks have been reported against Britains drinking water suppliers since the start of 2024, a record number over two years. The incidents, which affected out-of-NIS-scope IT systems rather than the operational technology delivering safe water, were shared with the regulator as resilience risks even though they did not trigger mandatory reporting thresholds. The findings highlight growing concern in British intelligence circles about ransomware and other attacks on critical infrastructure and are feeding into a planned Cyber Security and Resilience Bill to strengthen reporting and defences across essential services.
Bureau of the Treasury (BTr)
September 21, 2025
•[ cyberattack, government ]
DICT/CICC reported a coordinated wave of cyberattacks on government websites amid Sept 21 rallies.
Louis Vuitton UK (LVMH)
July 31, 2025
•[ cyberattack, data leak ]
HackRead notes a cyberattack affecting Louis Vuitton UK customers, marking the third LVMH incident in three months; details limited.
Undisclosed Canadian electric utility
July 29, 2025
•[ cyberattack, service disruption, critical infrastructure ]
Canadian utility reported a cyberattack that disrupted smart/power meters and required onsite remediation to restore accurate billing and service.
City of Saint Paul, Minnesota
July 25, 2025
•[ cyberattack, government, service disruption ]
A cyberattack on Saint Paul led to widespread service disruptions; Minnesota activated the National Guard to support response and recovery.
Polish Air Navigation Services Agency (PANSA)
July 25, 2025
•[ cyberattack, sabotage, service disruption ]
Polish authorities opened an investigation into potential sabotage affecting air traffic control systems; disruptions triggered review of cyber causes.
POST Luxembourg (national telecommunications infrastructure)
July 23, 2025
•[ cyberattack, outage, critical infrastructure ]
Cyberattack targeting Huawei telecommunications equipment caused a nationwide outage of 4G and 5G mobile networks in Luxembourg, disrupting emergency services, internet access, and electronic transactions for several hours.
Netherlands Public Prosecution Service (Openbaar Ministerie)
July 17, 2025
•[ cyberattack, vulnerability exploit, state-sponsored attack ]
Strong indications that Russia was behind a cyberattack exploiting a Citrix vulnerability; the OM took systems offline on July 17 as a response; extent of data access not yet disclosed.
City of Nuremberg
July 7, 2025
•[ cyberattack ]
Local reporting indicates the City of Nuremberg website suffered a cyberattack causing outages; noted as not the first time.
International Criminal Court (ICC)
June 30, 2025
•[ cyberattack, espionage ]
ICC reported a cyberattack detected and contained.Impact and data access undisclosed. This follows a 2023 espionage incident.
Radford City Public Schools
June 10, 2025
•[ cyberattack ]
Cyberattack on Radford City Public Schools in Virginia disrupted portions of the districts internal network on June 10, 2025; systems taken offline for investigation; no ransomware encryption or data theft reported.
Arla Foods
May 19, 2025
•[ cyberattack ]
Arla confirmed a cyberattack that disrupted production and caused delivery delays while affected systems were isolated and restored.
Lecardo Clinic
May 16, 2025
•[ hacktivism, cyberattack, operational disruption ]
Lecardo Clinic announced a technical failure that led to a three-day shutdown; a pro-Ukraine group claimed a cyberattack. Public reporting indicates multi-day operational disruption, but the exact technique was not disclosed.
Cellcom
May 14, 2025
•[ cyberattack, service outage ]
Cellcom confirmed a cyberattack caused widespread service outages impacting voice and SMS for customers in Wisconsin and Upper Michigan.
Multiple Indian websites
May 13, 2025
•[ cyberattack, hacktivism ]
Maharashtra Cyber/press reports said Pakistan-allied hackers launched ~1.5 million attacks with ~150 successes.
Government of India websites
May 10, 2025
•[ cyberattack ]
Maharashtra Cyber reported cross-border attempts to target Indian government websites amid tensions.
