MyVidster (2025)
October 24, 2025
•[ leak, phishing, technology ]
In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases, profile photos.
Comcast Corporation
September 29, 2025
•[ ransomware, malware, technology ]
Medusa ransomware group claimed theft of 834.4 GB (167,121 files) from Comcast, including internal actuarial, claims, and modeling information. Attackers demanded USD 1.2 million to delete or release data; no encryption or operational disruption reported.
RemoteCOM (SCOUT Monitoring Software)
September 26, 2025
•[ leak, technology ]
DataBreaches.net reported that RemoteCOM, developer of the SCOUT monitoring platform used by law enforcement, was breached in late September 2025. Attackers exfiltrated data on approximately 6,900 officers and 14,000 monitored clients. No encryption or operational disruption was reported.
Teleradio-Moldova (Public TV and Radio)
September 23, 2025
•[ hack, ddos, technology ]
On September 23 2025, Moldovas public television and radio websites were targeted by coordinated denial-of-service attacks, briefly disrupting online access. CERT-GOV-MD linked the activity to pro-Russian hacktivists amid regional political tensions. Systems were restored the same day with no data exfiltration reported.
Gloucester-Mathews Gazette-Journal
September 15, 2025
•[ ransomware, malware, technology ]
Ransomware hit the Gazette-Journals production file server over the weekend; discovered 09/15/2025; no customer financial data compromised; recovery allowed in-house printing to resume after network restoration; attacker unknown.
Miljodata
September 14, 2025
•[ hack, leak, technology ]
Cyberattack on Miljdata led to theft and dark-web leak of data on >1.5M people; Datacarry claimed responsibility; prosecutor rules out state involvement at this time. Data includes PII/personal numbers; hundreds of municipalities and some companies (e.g., Volvo, SAS) impacted.
KT Corp
September 11, 2025
•[ leak, technology ]
KT reported a breach where rogue mini base stations intercepted traffic, leading to a possible IMSI leak for 5,561 subscribers; authorities notified (PIPC), customers alerted, compensation pledged; broader probes ongoing.
Geedge Networks
September 11, 2025
•[ leak, technology ]
Largest known Great Firewall leak exposed online on Sept. 11, 2025: hundreds of GB from Geedge Networks and MESA Lab (IIE CAS) covering DPI/SSL fingerprinting, VPN detection, build/runbooks, and packaging repos; links provided for public download; no operational disruption reported.
Google
September 11, 2025
•[ hack, technology ]
Group posted screenshots alleging access to CJIS and Google LERS; Google confirmed only a fraudulent LERS account, disabled before use, with no data accessed; FBI declined comment. No confirmed victims or exfiltration.
Unnamed European DDoS mitigation
September 10, 2025
•[ hack, ddos, malware ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"A massive DDoS (UDP packet flood) reached "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"1.5 Bpps"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" against an unnamed European DDoS-scrubbing provider; traffic originated from IoT/MikroTik botnets spanning thousands of networks; "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"FastNetMon"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" mitigated the attack; no data theft reported."}]}
Allegis Group (parent of Aerotek, TEKsystems, MarketSource, etc.)
September 10, 2025
•[ leak, technology ]
Everest listed Allegis on its leak site, claiming access to internal docs and large client-contact datasets; Cybernews saw two screenshots but no samples beyond that; Allegis had not commented and no outage/encryption was reported
Indigo Publications (Glitz Paris, La Lettre, Africa Intelligence, Intelligence Online)
September 2, 2025
•[ hack, ddos, technology ]
Indigo Publications reported a massive DDoS campaign in early September 2025 targeting its web infrastructure, rendering Glitz Paris and other affiliated media outlets intermittently inaccessible. Motive unconfirmed but suspected retaliation for investigative reporting.
Artists&Clients
August 31, 2025
•[ ransomware, leak, technology ]
In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k. The data was subsequently leaked publicly and included 95k unique email addresses alongside usernames, IP addresses and bcrypt password hashes.
Artists&Clients
August 30, 2025
•[ ransomware, leak, technology ]
LunaLock breached Artists&Clients around Aug 30, encrypting and stealing data. They demanded $50K payment, threatening to expose data publicly and submit artworks to AI training datasets if unpaid.
Salesloft
August 26, 2025
•[ hack, technology ]
Breach of Salesloft allowed attackers to steal OAuth tokens, which were then used to access Salesforce data across hundreds of customer organizations, including major tech and cybersecurity companies.
Github
August 26, 2025
•[ hack, leak, malware ]
Malicious versions of Nx packages on npm deployed AI-powered "telemetry.js" malware to harvest credentials and secrets via AI-assistant agents. Data exfiltrated to public GitHub repos. Widespread impact on developer workstations and CI systems.
Xserver (エックスサーバー) sv13279 server
August 25, 2025
•[ ddos, technology ]
On August 25, 2025, Xserver reported that its sv13279 server was targeted by a DDoS attack beginning around 6:20 a.m. Access filtering was applied at 6:33 a.m. to mitigate the attack and restore normal service. No data was accessed or exfiltrated; the incident was limited to temporary service disruption. Actor and motive remain undetermined.
Miljödata
August 25, 2025
•[ ransomware, leak, malware ]
In August 2025, the Swedish system supplier Miljdata was the victim of a ransomware attack. Following the attack, data was subsequently published on the dark web and included 870k unique email addresses across various compromised files. Data also included names, phone numbers, physical addresses, dates of birth and government-issued personal identity numbers.
Wytec
August 25, 2025
•[ hack, financial, technology ]
On August 25, 2025, Wytec International's website was defaced twice; site remains offline. Operations impacted included cancellation of a September 2 seminar. Company notified authorities and engaged forensic experts, citing financial losses as a result.
Miljödata (IT supplier for municipalities)
August 23, 2025
•[ ransomware, leak, malware ]
Suspected ransomware attack against Swedish IT supplier Miljdata disrupted critical services for ~200 municipalities starting August 23, 2025. Systems were encrypted, and attackers threatened to leak stolen personal and medical data unless paid 1.5 BTC.
