Miljödata
August 25, 2025
•[ ransomware, leak, malware ]
In August 2025, the Swedish system supplier Miljdata was the victim of a ransomware attack. Following the attack, data was subsequently published on the dark web and included 870k unique email addresses across various compromised files. Data also included names, phone numbers, physical addresses, dates of birth and government-issued personal identity numbers.
Wytec
August 25, 2025
•[ hack, financial, technology ]
On August 25, 2025, Wytec International's website was defaced twice; site remains offline. Operations impacted included cancellation of a September 2 seminar. Company notified authorities and engaged forensic experts, citing financial losses as a result.
Xserver (エックスサーバー) sv13279 server
August 25, 2025
•[ ddos, technology ]
On August 25, 2025, Xserver reported that its sv13279 server was targeted by a DDoS attack beginning around 6:20 a.m. Access filtering was applied at 6:33 a.m. to mitigate the attack and restore normal service. No data was accessed or exfiltrated; the incident was limited to temporary service disruption. Actor and motive remain undetermined.
Miljödata (IT supplier for municipalities)
August 23, 2025
•[ ransomware, leak, malware ]
Suspected ransomware attack against Swedish IT supplier Miljdata disrupted critical services for ~200 municipalities starting August 23, 2025. Systems were encrypted, and attackers threatened to leak stolen personal and medical data unless paid 1.5 BTC.
Internet Rimon (Kosher Internet provider)
August 23, 2025
•[ hack, technology ]
Iran-linked hacktivist group Promised Revenge attacked Israeli kosher internet provider Internet Rimon on August 23, 2025. Attackers disabled servers and deleted internal infrastructure, disrupting filtering and connectivity services for many customers. Hackers claimed access to internal data, but no evidence confirmed any customer data theft.
Several Iranian Ships (Fanava-linked network)
August 22, 2025
•[ hack, technology ]
Lab-Dookhtegan claimed root-level access to Fanavas satellite comms infrastructure, disabled the Falcon system, wiped critical shipboard storage, and severed communication between dozens of vessels and shore.
Government, tech, academic & telecom entities; global
August 22, 2025
•[ espionage, malware, government ]
CrowdStrike reports that multiple Chinese-linked groupsMurky Panda, Genesis Panda, and Glacial Pandahave exploited vulnerabilities (e.g., Citrix CVE-2023-3519, Commvault CVE-2025-3928) to deploy the CloudedHope malware for covert espionage against cloud, telecom, government, tech, academic, legal, and professional services organizations worldwide.
Delta Telekom
August 21, 2025
•[ hack, ddos, technology ]
Azerbaijans primary internet backbone operator, Delta Telekom, was targeted with a massive DDoS attack that caused temporary internet delays, which were mitigated by rerouting traffic through alternative backbone providers and fully restored within hours
EastIdahoNews.com
August 20, 2025
•[ social, malware, technology ]
Fake virus scanner pop-ups served via third-party ads disrupted user experienceno evidence of data theft or system compromise.
Multiple critical infrastructure sectors (via Cisco devices)
August 20, 2025
•[ espionage, technology ]
FBI and Cisco warn of ongoing Russian FSB Center 16 campaign exploiting CVE-2018-0171 in Cisco Smart Install, compromising thousands of network devices across critical infrastructure globally for reconnaissance and persistent access.
Motility Software Solutions
August 19, 2025
•[ ransomware, malware, technology ]
Motility Software Solutions detected suspicious activity on Aug 19 2025 and confirmed ransomware deployment and data theft impacting about 760,000 individuals. Stolen data included names, birthdates, drivers license numbers, and SSNs. No threat actor attribution was disclosed.
Arch Linux Project
August 16, 2025
•[ hack, ddos, technology ]
The Arch Linux Project has been under a sustained, volumetric Layer 3/4 DDoS attack since approximately August 16, 2025, impacting its main website, Arch User Repository, and forums. Mitigation tactics such as SYN authentication, rate limiting, and mirror redirects are in use; attacker identity remains unknown.
TPG Telecom (iiNet)
August 16, 2025
•[ leak, technology ]
TPG Telecom confirmed extraction of those contact and setup details, no financial or ID documents exposed, incident response activated, external cybersecurity teams engaged, customers being notified.
300+ macOS end users worldwide
August 15, 2025
•[ hack, malware, phishing ]
Over 300 Macs were infected by the Shamos malware delivered via fake Apple Support websites shown in Google Search results. The malware bypassed macOS Gatekeeper and XProtect to steal passwords, personal notes, and cryptocurrency wallet data.
Colt Technology Services
August 12, 2025
•[ ransomware, leak, hack ]
On August 12, 2025, Colt Technology Services experienced a cyberattack on internal support systems. The Warlock ransomware group stole and leaked up to 1 million documents, including employee salary information, customer contracts, network designs, and internal emails. Colt reported that customer-facing portals such as Colt Online and Voice API were taken offline proactively as a containment measure, not because of attacker disruption or encryption.
Kurgan-Telecom
August 10, 2025
•[ hack, ddos, technology ]
On August 10, 2025, Kurgan-Telecom customers in Russia experienced major internet outages due to a distributed denial-of-service (DDoS) attack. The provider limited foreign traffic as a mitigation step; no data was reported stolen or systems encrypted. No group has claimed responsibility.
Npm ecosystem
August 9, 2025
•[ phishing, malware, hack ]
Phished npm maintainer account used to publish trojanized releases of widely used packages; malicious code attempted crypto address swapping. Packages were pulled within ~2 hours, yet reached ~10% of cloud environments; profits remained under $1,000; no confirmed data theft or sustained outages.
Plex Inc
August 9, 2025
•[ hack, leak, technology ]
Plex reported an intrusion into one database leading to theft of a subset of customer authentication data (emails, usernames, securely hashed passwords). Plex urged password resets, recommended signing out all devices, and enabling 2FA; no credit-card data was affected.
Beta – Dnevni evropski servis (DES)
August 7, 2025
•[ ransomware, malware, technology ]
Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.
Public Broadcasting Service (PBS)
August 4, 2025
•[ leak, technology ]
BleedingComputer confirmed a file posted on Discord with JSON records of 3,997 PBS employees and affiliates came from PBSs MyPBS.org internal service, and PBS confirmed the datas authenticity
