State of (in)security - Week 29, 2025
Take action: A government can fuck up with data protection just as easily as a private organization. But the shocking part is that a government can make a court order to hide that they have fucked up, while leaving the individuals at risk. Most countries do not have a strict regulation of how political parties handle personal data, and are usually excluded from most requirements of privacy laws. A perfect example of "do as I say, don't do as I do".
Learn More
In the week between July 14, 2025, midnight and July 21, 2025, midnight we witnessed a total of:
- 10 advisory/vulnerability events
- 23 incident/data breach events
Week over Week comparison of week 29 2025 vs week 28 2025:
- Advisories are down and incidents are up from the previous week. Advisories are down from 17 in week 28 to 10 in week 29. Incidents are up from 21 in week 28 2025 to 23 in week 29 2025.
- The number of known impacted individuals is down - from 85 million in week 28 to 46.9 million in week 29 2025.
We also shared 4 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 46,972,490 impacted individuals across 7 incidents, with the largest breach being the Indian crypto exchange CoinDCX hit by cyber attack, loses $44.2 million incident exposing 44,200,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 10 |
| Human bad security behaviour | 2 |
| System Misconfiguration Exploits | 2 |
| Software Vulnerability and SDLC Exploits | 1 |
| Third Party Compromise | 1 |
| Unauthorized access | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Government | 4 |
| Healthcare | 4 |
| Finance | 4 |
| Consulting/Professional Services | 3 |
| Retail | 2 |
| IT/Software/Technology | 2 |
| Energy | 1 |
| Construction/Realestate | 1 |
| Other | 1 |
| Food and Beverage | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | Critical Fortinet FortiWeb SQL injection vulnerability actively exploited
- active exploit | Critical vulnerability in CrushFTP actively exploited to hijack servers
- active exploit | Microsoft reports on-premise SharePoint vulnerability under active attack
- active phishing | North Korean hackers deploy malware during technical job interview via malicious software packages
Vulnerabilities
- critical vulnerability | Cisco reports another critical vulnerability in Cisco ISE that enable enable unauthenticated root code execution
- critical vulnerability | Critical template Injection flaw in LaRecipe Documentation Package enables remote code execution
- critical vulnerability | Critical VMware vulnerabilities enable Virtual Machine escape, host compromise
- ransomware | Fully patched SonicWall SMA 100 devices targeted in ongoing rootkit attack
- critical vulnerability | Google releases urgent patch for Chrome, fixes actively exploited flaw
- critical vulnerability | Multiple vulnerabilities reported in Hitachi Energy Asset Suite, at least one critical
- critical vulnerability | NVIDIA reports container escape vulnerabilities in Container Toolkit
- critical vulnerability | Oracle releases July 2025 Critical Patch Update addressing 309 vulnerabilities
- critical vulnerability | Remote code execution flaw reported in Kafbat UI
- critical vulnerability | Ubiquiti reports critical command injection flaw in UniFi Access devices
Incidents
- critical vulnerability | Ukrainian Military Intelligence claims cyberattack on Russia's energy giant Gazprom
- critical vulnerability | Dutch public prosecution service shuts down due to suspected Citrix NetScaler breach
- data breach | Australian Migration Authority leaks internal agent data via Website search function
- data breach | Gladney Centre for Adoption leaks 1.1 Million sensitive records
- data breach | DragonForce ransomware gang claims breach of Belk department store
- data breach | Premier Health Partners reports data breach exposing 154 K patients' information
- data breach | New American Funding reports third party data breach exposing customer data
- data breach | Anne Arundel Dermatology reports cyberattack, data breach affecting almost 2 M patients
- data breach | Indian crypto exchange CoinDCX hit by cyber attack, loses $44.2 million
- data breach | Louis Vuitton Hong Kong data breach exposes personal information of 419 K customers
- data breach | Independent Title Agency hit by ransomware attack
- data breach | Solix Inc. reports data breach exposing employee email accounts, personal information
- data breach | Avantic Medical Lab hit by ransomware attack, data breach
- data breach | British Ministry of Defence exposes MI6 Agents and Afghan allies
- data breach | Namibian municipality hit by ransomware attack
- data breach | London Properties reports data breach nearly a year after the incident
- data breach | Century Support Services reports data breach exposing data of 160 K customers
- data leak | DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI models
- ransomware | Australian political parties hit by ransomware attack exposing supporter data
- ransomware | Major vodka producer hit by ransomware attack, closes 2,000+ stores
- ransomware | SGI Seoul Guarantee hit by cyberattack, suspects ransomware
- ransomware | Everest Ransomware gang claims breach on Saudi industrial giant Rezayat Group
- ransomware | Cookeville Regional Medical Center Suffers hit by ransomware attack disrupting IT systems
