Incident window: July 19–21, 2025 Public alert issued: Late July 2025 What happened In one of the most significant enterprise security incidents in recent memory, a zero-day vulnerability in on-premises Microsoft SharePoint servers was actively exploited in a widespread cyber campaign. Between July 19 and July 21, over 8,000 servers globally were reportedly compromised by […]
Incident date: July 16, 2025 Public notification: Mid‑August 2025 What happened Allianz Life Insurance Company of North America recently disclosed a major security breach originating from a third-party customer relationship management (CRM) vendor. On July 16, 2025, the CRM platform was compromised through a targeted social engineering attack. This breach exposed personal details belonging to […]
Timeline: Reported continuously from July 18 to July 31, 2025 What happened In the past two weeks, deepfake scams targeting corporate environments have surged dramatically. These attacks involve perpetrators creating highly realistic AI-generated video or audio impersonations of CEOs or senior executives. In several reported cases, employees in finance or HR were convinced to transfer […]
Introduction On April 14, 2025, a significant cybersecurity incident involving a Windows zero-day vulnerability was disclosed, highlighting the persistent threat of ransomware attacks. This report examines the details of this incident, which exploited a flaw in the Windows Common Log File System (CLFS), enabling attackers to deploy ransomware and steal sensitive data. As cybersecurity threats […]
Cybercriminals are at it again, and this time they’re using a trick that’s as old as the internet but dressed up in a shiny new package. In the past week, a sophisticated phishing campaign has been making waves by exploiting Webflow’s Content Delivery Network (CDN) and fake CAPTCHA pages to steal your personal info. If […]
Cybercrime doesn’t take a vacation, and the past week proved it with a sneaky new tactic from the Akira ransomware gang. If you thought your VPN was a fortress, think again—hackers are now targeting SonicWall VPNs with a clever trick that could leave businesses scrambling. Let’s dive into what happened, why it matters, and how […]
What happened On July 19, 2025, the pro-Russian ransomware group Stormous claimed on its dark web leak site that it had exfiltrated personal and health data on 600,000 patients from North Country HealthCare in Arizona. The provider has denied finding any breach so far, but experts warn that public data dumps may follow. What information […]
What happened The Alcohol & Drug Testing Service (TADTS), a Texas-based testing firm, announced a data breach involving nearly 750,000 records. The breach occurred on July 29, 2024, but the full extent of affected data and individuals was only made public this week following state-level reporting on July 25, 2025. What information was at risk […]
What happened In mid‑July 2025, the pro‑Russian ransomware group Stormous claimed on its dark‑web leak site that it had stolen personal and medical data from 600,000 patients of North Country HealthCare, a federally qualified community health center serving communities in northern Arizona[1]. Stormous is known for double‑extortion tactics: stealing data and then demanding ransom to prevent its release[2]. […]
What happened New York–based Independent Title Agency suffered a ransomware attack on April 17, 2025, but details only came to light this week. The SKIRA TEAM threat group claimed responsibility, stating it stole 932GB of sensitive internal data. The company is facing legal scrutiny as investigators confirm that personal data such as names, Social Security […]
