Several Iranian Ships (Fanava-linked network)
August 22, 2025
•[ hack, technology ]
Lab-Dookhtegan claimed root-level access to Fanavas satellite comms infrastructure, disabled the Falcon system, wiped critical shipboard storage, and severed communication between dozens of vessels and shore.
Delta Telekom
August 21, 2025
•[ hack, ddos, technology ]
Azerbaijans primary internet backbone operator, Delta Telekom, was targeted with a massive DDoS attack that caused temporary internet delays, which were mitigated by rerouting traffic through alternative backbone providers and fully restored within hours
Gosuslugi (Russian e-Government Portal)
August 20, 2025
•[ hack, ddos, government ]
Gosuslugi, Russias national e-government portal, was hit by a large-scale DDoS attack in August 2025, causing temporary outages and degraded access to online public services. Authorities reported no compromise of personal data or backend systems.
The Rural Municipality of Woodlands in Manitoba
August 19, 2025
•[ hack, government ]
The Rural Municipality of Woodlands in Manitoba reported an email security breach and issued a warning to residents. No details on the type or amount of data accessed were released.
Bragg Gaming Group
August 16, 2025
•[ hack ]
Hackers gained unauthorized access using what appeared to be valid credentials into internal systems of Bragg Gaming Group. The incident was contained quickly with no disruption to operations and no evidence of customer or partner data compromise.
Arch Linux Project
August 16, 2025
•[ hack, ddos, technology ]
The Arch Linux Project has been under a sustained, volumetric Layer 3/4 DDoS attack since approximately August 16, 2025, impacting its main website, Arch User Repository, and forums. Mitigation tactics such as SYN authentication, rate limiting, and mirror redirects are in use; attacker identity remains unknown.
NGB 3rd Technical Surveillance Bureau (Kimsuky)
August 15, 2025
•[ hack, leak, government ]
Kimsuky, a DPRK-linked hacking group, was itself breached in Aug 2025; attackers exfiltrated and leaked internal communications, victim lists, source code, and operational tools. Attribution remains unclear but likely political/strategic in nature.
300+ macOS end users worldwide
August 15, 2025
•[ hack, malware, phishing ]
Over 300 Macs were infected by the Shamos malware delivered via fake Apple Support websites shown in Google Search results. The malware bypassed macOS Gatekeeper and XProtect to steal passwords, personal notes, and cryptocurrency wallet data.
Lotte Card
August 14, 2025
•[ hack, leak, finance ]
A cyber breach in mid-August 2025 led to Lotte Cards internal systems being accessed and ~1.7 GB of files stolen. Authorities ordered consumer protection measuresincluding compensation procedures and fraud monitoringwhile investigating whether sensitive customer data was impacted.
Rochester Schools (IN)
August 13, 2025
•[ hack, education ]
Investigation ongoing; small group of staff email accounts impacted.
Austrian Federal Ministry for European and International Affairs (Foreign Ministry)
August 13, 2025
•[ hack, government ]
The Austrian Foreign Ministry reported a suspected data breach affecting its travel registration service and public website systems. Online services were shut down as a precaution, but as of the latest reporting no confirmation has been given on the quantity or type of data stolen, and no actor has been identified.
Colt Technology Services
August 12, 2025
•[ ransomware, leak, hack ]
On August 12, 2025, Colt Technology Services experienced a cyberattack on internal support systems. The Warlock ransomware group stole and leaked up to 1 million documents, including employee salary information, customer contracts, network designs, and internal emails. Colt reported that customer-facing portals such as Colt Online and Voice API were taken offline proactively as a containment measure, not because of attacker disruption or encryption.
F.C. Copenhagen live stream (Champions League vs Malmö FF)
August 12, 2025
•[ hack, ddos ]
F.C. Copenhagens Champions League stream was disrupted on August 12, 2025, by a large-scale DDoS attack that flooded its login system with traffic equal to six months usage in one hour. Fans were unable to access the match for 28 minutes until an alternate stream was activated. No data was stolen or encrypted.
House of Commons of Canada
August 11, 2025
•[ hack, government ]
The House of Commons of Canada was breached via a Microsoft SharePoint zero-day exploit, exposing staff records and device management data. No group has claimed responsibility and investigations are ongoing.
Canadian Investment Regulatory Organization (CIRO)
August 11, 2025
•[ hack, finance ]
Cybersecurity breach at CIRO confirmed Aug 11, 2025. Some personal data of member firms and their registered employees were compromised. CIRO continues core surveillance operations, is investigating impact, will notify affected individuals, and provide mitigation.
74 yr old Bank of America customer
August 10, 2025
•[ financial, hack, malware ]
$70,000 drained from a 74-year-old customer's bank account after hackers infected his computer and added themselves as co-owner, temporarily locking him out; media pressure prompted reimbursement
Kurgan-Telecom
August 10, 2025
•[ hack, ddos, technology ]
On August 10, 2025, Kurgan-Telecom customers in Russia experienced major internet outages due to a distributed denial-of-service (DDoS) attack. The provider limited foreign traffic as a mitigation step; no data was reported stolen or systems encrypted. No group has claimed responsibility.
University of Western Australia
August 9, 2025
•[ hack, education ]
University of Western Australia detected unauthorized access to password data of thousands of staff and students on or around August 9, 2025. As a precaution, all accounts were locked, and passwords reset. There is no evidence any other data was accessed, and no indication of ransomware. Systems have been restored with enhanced security measures.
Scotch College, Melbourne
August 9, 2025
•[ hack, education ]
Scotch Colleges IT systems were accessed by an unknown third party over the weekend of August 910, 2025. The school shut down servers, disabled accounts, and enlisted forensic and ACSC support. In a letter, they apologized to families and alumni for the breach and warned to be vigilant pending the completion of investigations.
University of Southeastern Philippines
August 9, 2025
•[ hack, leak, education ]
Unauthorized access to student records system; ~175,000 records including student ID, name, email, enrollment status, academic monitoring records; data put up for sale; USeP responded by suspending system, migrating servers, enhancing security
