March 2025: Iranian hackers conducted ongoing cyber espionage campaigns against government entities in Iraq and telecommunications in Yemen. Attackers used custom backdoors and novel command-and-control methods like hijacked emails and backdoors to gain access. March 2025: A network of front companies linked to a Chinese tech firm targeted recently laid-off U.S.

2 days ago - In this article, Infosecurity has set out the top ten cyber-attacks of 2025, which have been decided based on factors such as data loss, recovery costs, real-world impacts and wider geopolitical implications.

July 14, 2025 - U.K. retailer Marks & Spencer was one of several retailers impacted by a cyberattack linked to Scattered Spider The breach affected online shopping, inventory management, and exposed customer data, including payment details, though the company ...

The attack retaliated against Lithuanian support of Ukraine in the war with Russia. One of the most damaging recent cyberattacks was a Microsoft Exchange server compromise that resulted in several zero-day vulnerabilities.

Almost every month in 2024 came with its own shattering cybersecurity headline. We round up 10 of the biggest cyber attacks, data breaches and ransomware attacks from the year gone by.

June 30, 2025 - From leaked credentials and telecom breaches to attacks on healthcare and cloud services, the trend is clear: cyber risk is not slowing down. In this blog, we highlight the five biggest data breaches of 2025 so far, what was compromised, and what businesses can learn from these high-profile incidents.

3 days ago - In 2025, zero-day vulnerabilities remained a widely used method to gain access to corporate networks for data theft, cyber espionage, and ransomware attacks. Network edge devices and internet-exposed services were primary targets for exploitation because they sit between the internet and an internal network. Zero-day flaws in Cisco (ASA firewalls, IOS, AsyncOS, ISE), Fortinet (FortiWeb, FortiVoice), Citrix NetScaler, Ivanti Connect Secure, SonicWall, FreePBX, and CrushFTP were actively exploited in the wild. Microsoft SharePoint was one of the year's biggest zero-day targets, with the ToolShell flaw linked to Chinese threat actors, and later, ransomware gangs.

If September 2025 proved anything, it’s that no industry is safe from the relentless wave of cyber crime. In just one month, we witnessed attacks on Jaguar Land Rover (JLR) and Stellantis shaking the automotive sector.

1 month ago - Shamoon, a modular computer virus, was used in 2012 in an attack on 30,000 Saudi Aramco workstations, causing the company to spend a week restoring their services. Wiper – In December 2011, the malware successfully erased information on hard disks at the Oil Ministry's headquarters. Stuxnet, a malicious computer worm believed to be a jointly built American-Israeli cyber weapon.

The definitive list of all cyber attacks, ransomware attacks and data breaches that make news headlines every day - updated every month

May 3, 2022 - The attack accelerated a massive internal overhaul of Sony's data security practices and served as a stark public lesson on the vital importance of salting and hashing passwords before storage. ... In September 2014, JPMorgan Chase, one of the largest banks in the US, disclosed that cyberattacks compromised accounts of over 76 million households and 7 million small businesses.

October 6, 2025 - What are the most recent cyber attacks of 2024? PurpleSec's researchers provide their expert analysis on the latest cyber attacks and breaches.

1 month ago - DoorDash, the popular app for ordering ... a recent data breach. A social-engineering scam was the culprit. The company’s response claims that there is no indication that any fraud or identity theft have occurred. Scope: Unspecified but included customers, employees, and partners. Data exposed: Names, phone numbers, email addresses, and physical addresses. ... Key lesson: Cybersecurity education and awareness are crucial to preventing these attacks...

5 days ago - The ransomware group Clop is known for carrying out mass exploitation of vulnerabilities for data breaches and extortion attacks. Past rampages in recent years had huge numbers of victims at both private companies and government agencies.

Cyberattacks and data breaches during the first half of 2024 have included the ransomware attacks against Change Healthcare and CDK, as well as data theft and extortion attacks targeting Snowflake customers.

Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK said in an analysis.

2 weeks ago - We have listed major cybersecurity and data breach attacks in leading companies.

Major cyber attacks, data breaches, and ransomware incidents that rocked January 2025, including new malware, vulnerabilities, reports and warnings

September 2, 2024 - High-profile ransomware attacks dominated 2022’s headlines. Patrick O'Connor explores 2023’s biggest cyber attacks and lessons we can all learn.

June 24, 2025 - The MOVEit breach was one of the most widespread zero-day exploit events in recent memory. The Clop ransomware group exploited a previously unknown flaw in Progress Software’s MOVEit Transfer, commonly used for secure file transfers. They automated the attack, scanning the internet for exposed instances and stealing data from thousands of targets.