Multiple French government and critical infrastructure organizations
April 30, 2025
•[ espionage, data leak, vulnerability exploitation ]
On April 30 2025, Frances national cybersecurity agency (ANSSI) attributed a campaign of at least twelve cyberattacks on French entities to Russias GRU 85th Main Special Service Center (Unit 26165), known as FANCYBEAR. The espionage activity targeted government, media, energy, and critical-infrastructure organizations via exploitation of vulnerable Cisco routers to gain persistence and exfiltrate sensitive data. No operational disruption was reported.
Stubhub
March 6, 2025
•[ vulnerability exploitation, data leak, third-party breach ]
A cybercrime group exploited a URL redirection vulnerability in a third-party contractor system for StubHub to steal around 1,000 digital tickets for major events, including Taylor Swifts Eras Tour. The stolen tickets, valued at approximately $635,000, were resold online for profit. The scheme operated between June 2022 and July 2023 before being uncovered through a coordinated investigation by cybersecurity and law enforcement agencies. Two individuals, Tyrone Rose and Shamara P. Simmons, were arrested and charged with grand larceny, identity theft, and computer tampering in connection with the operation.
