Thursday , July 2 2026

2025: Top cybersecurity and cyberattack stories

The cybersecurity landscape in 2025 saw an increase in the scale and sophistication of cyber threats. Nation-states, organized crime, and hybrid groups blurred the lines between espionage and financial crime, while supply chain weaknesses and social engineering became major attack methods.

Massive data theft targeting cloud platforms like Salesforce exposed sensitive data from numerous organizations due to third-party compromises and API abuse. Additionally, state-sponsored groups made headlines, such as a $1.5 billion crypto heist linked to North Korea, illustrating the role of digital assets in geopolitical conflicts.

India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Indian government issued a notice WhatsApp planned to roll out its new 'username' feature. They are worried about fake...
Read More
India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising...
Read More
Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Chrome 151 has a new update that fixes 382 security problems. This includes 15 critical issues that could allow attackers...
Read More
Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Apple fixes more than 30 iOS, macOS, and Safari flaws

Apple released security updates on Monday for iOS, macOS, and Safari. These updates fix more than thirty issues, including four...
Read More
Apple fixes more than 30 iOS, macOS, and Safari flaws

Attackers exploit critical flaw in Oracle E-Business

Attackers are now using a flaw (called CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial app, according to the security...
Read More
Attackers exploit critical flaw in Oracle E-Business

WhatsApp to allow usernames instead of phone numbers

WhatsApp is about to release a big update that may change how people communicate on the app. Soon, users can...
Read More
WhatsApp to allow usernames instead of phone numbers

Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

The Linux Foundation said on Thursday that they are starting a new project to fix flaws in open source software...
Read More
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

Data breach affects 14.2 million email logins across six ISPs

KDDI Corporation, a Japanese telecom company, revealed a data breach. Hackers got into one of its email systems that five...
Read More
Data breach affects 14.2 million email logins across six ISPs

Asian Two AI startups launch Mythos-like Model

Two Asian AI companies have released new models this week that compete with Anthropic’s recently limited Mythos and Fable models,...
Read More
Asian Two AI startups launch Mythos-like Model

Polymarket Hack Reportedly Results in $3 Million Theft

Polymarket is a platform for prediction markets using cryptocurrency. It lets users bet on what might happen in real-life events...
Read More
Polymarket Hack Reportedly Results in $3 Million Theft

APT operations in telecommunications targeted critical infrastructure, highlighting ongoing espionage threats to communication networks. Developer supply chain risks increased as attackers exploited trusted components, and the IoT faced severe botnet attacks, converting everyday devices into attack tools. Social engineering persisted as a major tactic, involving credential scams and advanced manipulation methods.

Industry groups like OWASP have created security guidelines for agentic AI in response to the new threats posed by AI-driven tools, acknowledging that defense strategies must adapt to the evolving technologies used by attackers.

These trends illustrate a cyber threat landscape that is increasingly automated, interconnected, and harmful, requiring not just technical measures but also strategic intelligence and collaboration across sectors.

A list of notable cyber attacks in 2025:

  1. The Salesforce Data-theft Attacks
  2. The Continued Salt Typhoon Telco Attacks
  3. North Korean IT Workers scam
  4. Rise in Developer Supply Chain Attacks
  5. Oracle data theft attacks
  6. The $1.5 billion ByBit crypto heist
  7. ClickFix Social Engineering Attacks
  8. Criminal Proxy Network Infects Thousands of IoT Devices
  9. New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls
  10. OWASP Launches Agentic AI Security Guidance

Check Also

Cloudflare

Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

A complex phishing attack targets AWS console users by misusing Cloudflare-hosted websites to steal login …