The European Space Agency has confirmed a significant security breach where hackers stole 500 GB of sensitive data, including operational procedures and contractor information. The attackers claim they still have access to ESA's systems, prompting a criminal investigation into the incident. This breach follows another incident just a week prior where 200 GB of ESA data was listed for sale.

A 16TB unsecured MongoDB database was discovered, containing around 4.3 billion professional records, primarily linked to personal data like emails and job histories. Researchers believe this data could facilitate targeted cyber attacks, including phishing and corporate fraud. The database's ownership is still unclear, but it may belong to a lead-generation company.

Genea IVF has confirmed that sensitive patient health information, including personal and medical details, has been posted on the dark web following a cyber attack five months ago. Patients are now calling for stricter laws to hold companies accountable for data breaches, as the Australian Federal Police continue to investigate the incident.

Over 300 entities have been affected by a new variant of the Atomic MacOS Stealer malware in a recent campaign. This malicious software targets MacOS systems to extract sensitive information, raising concerns about the security of Apple devices. Cybersecurity experts are advising users to remain vigilant and implement protective measures.

A significant data breach at the UK's Legal Aid Agency has exposed millions of personal records from legal aid applicants dating back to 2010, including addresses and financial information. The Ministry of Justice confirmed the attack was detected in late April but the extent of the breach was only understood mid-May, prompting advice for affected individuals to be vigilant against potential scams. The agency is currently working to enhance security and has taken its online services offline to protect users.

Cyberattacks surged during the summer of 2025, with ransomware groups targeting healthcare and retail sectors, while nation-state actors engaged in geopolitical cyber activities. Major incidents included the rise of the Interlock and Qilin ransomware groups, significant data breaches in retail, and the exploitation of Microsoft SharePoint vulnerabilities in a widespread campaign. Organizations are urged to improve their defenses by patching vulnerabilities, training personnel, and monitoring for lateral movement post-intrusion.

Pakistanis are being urged to change all their passwords immediately following a significant global data breach that has compromised numerous accounts. Authorities recommend enhancing security measures to protect personal information from potential exploitation.

Louis Vuitton has suffered a data breach affecting its UK operations, with hackers accessing customer names, contact details, and purchase histories. This incident marks the third cyberattack on LVMH's systems in recent months, raising concerns about the security of personal information, particularly for high-net-worth individuals associated with the luxury brand. The company has informed authorities and urged customers to be vigilant against potential phishing attempts.

A threat actor is reportedly selling a massive database containing 1.2 billion records from Facebook, raising significant privacy and security concerns. The breach includes personal information, such as phone numbers and user IDs, which could be exploited for various malicious activities. Experts are urging users to enhance their online security and remain vigilant against potential scams or breaches.

The FBI reported that the Play ransomware group has breached approximately 900 organizations as of May 2025, a significant increase from previous counts. The gang employs advanced tactics, including recompiled malware and threats to leak stolen data, while urging affected organizations to enhance their security measures, including implementing multifactor authentication and maintaining updated systems.

F5 Networks has reported that government hackers gained long-term access to its systems, resulting in the theft of source code and customer data. The breach highlights significant security vulnerabilities within the company, raising concerns about the protection of sensitive information.

Around 8,000 children's names, pictures, and addresses have been stolen from the Kido nursery chain by a hacking group named Radiant, who are demanding ransom from the company. The breach has raised significant concerns regarding the safety of sensitive data related to children and has prompted responses from cyber-security experts and law enforcement.

Coinbase has disclosed a data breach that resulted from an extortion attempt, where threat actors gained unauthorized access to customer information. The company is working to investigate the breach and mitigate any potential damage while notifying affected users.