National Credit Information Center (CIC), State Bank of Vietnam
September 10, 2025
•[ hack, leak, financial ]
VNCERT confirmed signs of intrusion targeting personal-data theft at CIC; ShinyHunters/Scattered Spider claimed ~160M records, allegedly exploiting end-of-life software; data offered for sale with samples posted.
Movement “Другaя Украина”
September 9, 2025
•[ hack, ddos ]
DDoS attack against the Other Ukraine movements website limited access; technical teams working to restore availability; no attribution or data breach reported.
Indian Hotels Company Limited
September 5, 2025
•[ hack, malware ]
Indian Hotels Company Limited (IHCL) reports malware incident, taking immediate action to secure systems and monitoring the situation closely.
Scarva Street Surgery
September 3, 2025
•[ hack, healthcare ]
The PSNI have confirmed they have launched an investigation into a theft at a practice which took place on 20 June.
Indonesian National Police Mobile Brigade Corps
September 2, 2025
•[ hack, government ]
The site with the address korbrimob.polri.go.id has been inaccessible since Tuesday afternoon, September 2, 2025, at 15.07 WIB.
Bridgestone Americas
September 2, 2025
•[ hack, manufacturing ]
A cyber incident disrupted production at Bridgestone Americas plants in South Carolina and Quebec. IT systems required shutdown; staff performed preventive maintenance or were sent home. Incident was contained rapidly with no data loss, and operations have since normalized.
Indigo Publications (Glitz Paris, La Lettre, Africa Intelligence, Intelligence Online)
September 2, 2025
•[ hack, ddos, technology ]
Indigo Publications reported a massive DDoS campaign in early September 2025 targeting its web infrastructure, rendering Glitz Paris and other affiliated media outlets intermittently inaccessible. Motive unconfirmed but suspected retaliation for investigative reporting.
Austrian Ministry of the Interior
September 1, 2025
•[ hack, government ]
A professional cyberattack compromised about 100 government email accounts. IT systems were disconnected; investigations launched. No sensitive citizen or law enforcement data was impacted. Attack vector remains unconfirmed.
Prosper
September 1, 2025
•[ hack, finance ]
In September 2025, Prosper announced that it had detected unauthorised access to their systems, which resulted in the exposure of customer and applicant information. The data breach impacted 17.6M unique email addresses, along with other customer information, including US Social Security numbers. Prosper advised that they did not find any evidence of unauthorised access to customer accounts and funds, and that their customer-facing operations were uninterrupted. Further information about the incident is contained in Prosper's FAQs.
Wealthsimple
August 30, 2025
•[ hack, misconfiguration, finance ]
A third-party software component was compromised, leading to unauthorized access to sensitive data of a small subset of Wealthsimple clients. Accounts and funds remained secure. Incident was rapidly contained and clients notified.
Federal Emergency Management Agency (FEMA)
August 29, 2025
•[ hack, insider, misconfiguration ]
DHS revealed on Aug 29, 2025 that a threat actor gained unauthorized access to FEMAs IT systems by exploiting unpatched vulnerabilities, outdated protocols, and lack of multi-factor authentication. No citizen data was stolen or exfiltrated. As a result, 24 FEMA IT employees, including the CIO and CISO, were terminated for negligence in cybersecurity oversight.
Sinqia
August 29, 2025
•[ financial, hack, finance ]
On Aug 29, 2025, attackers used stolen vendor credentials to breach Sinqia's access to Brazils Pix system, attempting $130M in fraudulent transfers. Immediate action halted operations; some funds recovered. No data breach occurred.
Surbhi Chandna Productions
August 27, 2025
•[ hack ]
Surbhi Chandnas official production accounts were hacked, disrupting operations and delaying the release of her upcoming production. The breach caused reputational and scheduling setbacks but no personal or customer data theft was reported.
Salesloft
August 26, 2025
•[ hack, technology ]
Breach of Salesloft allowed attackers to steal OAuth tokens, which were then used to access Salesforce data across hundreds of customer organizations, including major tech and cybersecurity companies.
Auchan
August 26, 2025
•[ hack, retail ]
French retailer Auchan suffered a cyberattack that resulted in unauthorized access to loyalty account data of several hundred thousand customers, including names, postal and email addresses, phone numbers, and loyalty card numbers. Financial data such as banking details, passwords, and PINs were not compromised. Auchan notified affected individuals, deactivated cards, and reported the breach to CNIL.
Github
August 26, 2025
•[ hack, leak, malware ]
Malicious versions of Nx packages on npm deployed AI-powered "telemetry.js" malware to harvest credentials and secrets via AI-assistant agents. Data exfiltrated to public GitHub repos. Widespread impact on developer workstations and CI systems.
Wytec
August 25, 2025
•[ hack, financial, technology ]
On August 25, 2025, Wytec International's website was defaced twice; site remains offline. Operations impacted included cancellation of a September 2 seminar. Company notified authorities and engaged forensic experts, citing financial losses as a result.
Boyd Gaming Corporation
August 25, 2025
•[ hack ]
Boyd Gaming reported that it detected unauthorized access to internal application servers in late August 2025. No ransomware group or actor has claimed responsibility. The company disclosed the breach publicly on September 24 2025, noting no encryption or operational disruption and no figure released for records affected.
Maryland Transit Administration (MTA)
August 24, 2025
•[ hack, government ]
Cybersecurity incident led MTA to take Mobility paratransit scheduling, real-time tracking, and call center systems offline as a precaution. Core transit services continued to run. Specific cause and i
Internet Rimon (Kosher Internet provider)
August 23, 2025
•[ hack, technology ]
Iran-linked hacktivist group Promised Revenge attacked Israeli kosher internet provider Internet Rimon on August 23, 2025. Attackers disabled servers and deleted internal infrastructure, disrupting filtering and connectivity services for many customers. Hackers claimed access to internal data, but no evidence confirmed any customer data theft.
