How many cybersecurity events occurred in week 31 of 2025?

In the week between July 28, 2025, midnight and Aug. 4, 2025, midnight, there were a total of 32 cybersecurity events: 15 advisory/vulnerability events and 17 incident/data breach events.

How do week 31 cybersecurity numbers compare to the previous week?

Advisories increased from 11 in week 30 to 17 in week 31 (up 6). Incidents decreased from 27 in week 30 to 17 in week 31 (down 10). The number of impacted individuals also decreased significantly from 4.941 million in week 30 to 456 thousand in week 31.

What was the largest data breach of the week?

The largest breach was the Cycle & Carriage Singapore data breach, which exposed data of 147,000 clients.

What were the main causes of cybersecurity incidents this week?

The main causes were: Malware, Ransomware and Related Attacks (5 incidents), Software Vulnerability and SDLC Exploits (2 incidents), Third Party Compromise (2 incidents), Unauthorized access (2 incidents), and Human bad security behaviour (1 incident).

Which industries were most affected by cybersecurity incidents?

Government was the most affected industry with 4 incidents, followed by Healthcare with 3 incidents, and Education and Retail each with 2 incidents. Other affected industries included Media, Automotive, Telecommunications, Aviation, Finance, and IT/Software/Technology with 1 incident each.

What types of critical vulnerabilities were reported this week?

Critical vulnerabilities were reported in various systems including Apple products (95 vulnerabilities patched), WordPress plugins, AI coding platforms, SonicWall firewalls, Chrome browser, smart cameras, and seismic monitoring devices. Many of these vulnerabilities enabled remote code execution, authentication bypass, or device takeover.

What were the major ransomware attacks reported this week?

Major ransomware attacks included: INC Ransomware gang claiming breach of Dollar Tree, Highlands Oncology Group attack affecting over 113,000 patients, GLOBAL GROUP ransomware claiming breach of Albavisión media conglomerate, Ridgefield Public Schools attack, and cyberattacks crippling government services across Dutch Caribbean Islands.

What practical knowledge items were shared this week?

Four practical knowledge items were shared, including active exploits such as ChatGPT shared conversations being indexed by search engines, CISA warnings about critical PaperCut flaw exploitation, WordPress Alone Theme remote code execution vulnerability, and analysis of a fake Beauty Box giveaway scam campaign.

Knowledge

State of (in)security - Week 31, 2025

Q: How many individuals were impacted by data breaches this week?

There were a total of 456,282 impacted individuals across 8 incidents. Since not all incidents report a number of impacted individuals, the real number is likely higher than this reported figure.

published: Aug. 4, 2025

Take action: AI tools are a mess. Be extremely careful about using AI tools, granting them permissions and giving data. All this technology is not mature and it seems nobody takes the time to fix things.

Learn More

In the week between July 28, 2025, midnight and Aug. 4, 2025, midnight we witnessed a total of:

15 advisory/vulnerability events
17 incident/data breach events

Week over Week comparison of week 31 2025 vs week 30 2025:

We also shared 4 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 456,282 impacted individuals across 8 incidents, with the largest breach being the Cycle & Carriage Singapore reports data breach exposing data of 147 K clients incident exposing 147,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Software Vulnerability and SDLC Exploits	2
Third Party Compromise	2
Unauthorized access	2
Human bad security behaviour	1

Industry breakdown of incidents

Industry	Number of incidents
Government	4
Healthcare	3
Education	2
Retail	2
Media	1
Automotive	1
Telecommunications	1
Aviation	1
Finance	1
IT/Software/Technology	1

Read the Event Details of the Week

Knowledge

active exploit | ChatGPT shared conversations indexed by search engines, easily discovered even if potentially confidential
active exploit | CISA warns of active exploitation of critical PaperCut flaw, mandates immediate patching
active exploit | Remote code execution vulnerability in WordPress Alone Theme is actively exploited
active scam | Scam campaign analysis: Fake Beauty Box giveaway

Vulnerabilities

critical vulnerability | Account takeover flaw reported in widely used Post SMTP Plugin
critical vulnerability | Apple relesases security updates patching 95 vulnerabilities across all products
critical vulnerability | Critical authentication bypass flaw reported in AI coding platform Base44
critical vulnerability | Critical command injection flaw reported in CodeIgniter4 ImageMagick handler
critical vulnerability | Critical flaw in SUSE Manager exposes enterprise deployments to compromise
critical vulnerability | Critical vulnerabilities reported in HT Contact Form Widget
critical vulnerability | Critical vulnerability reported in Güralp FMUS seismic monitoring devices
critical vulnerability | Dahua smart camera flaws enable remote device takeover
critical vulnerability | Email disclosure and account takeover flaws reported in Lovense connected sex toy platform
critical vulnerability | Gemini CLI vulnerability enables silent code execution via prompt injection
critical vulnerability | Google releases one more urgent Chrome update
critical vulnerability | Rockwell Automation patches critical VMware components in Rockwell Automation Lifecycle Services
ransomware | Vulnerability in Cursor AI Code Editor enables remote code execution through prompt injection
critical vulnerability | Vulnerability in SonicWall Gen7 firewalls enables remote Denial-of-Service attacks
critical vulnerability | WordPress AI Engine Plugin vulnerable to malicious file upload and remote code execution

Incidents

critical vulnerability | Hacker gang claims breach of Nokia through a vulnerable third-party contractor
data breach | US spy satellite agency National Reconnaissance confirms cyberattack, data breach
data breach | Cyberattack cripples Russia's Aeroflot, grounding flights and exposing passenger data
data breach | RiteCheck Cashing is reportig a data breach exposig nearly 69,000 people
data breach | Florida prison staff leaks visitor contact information to all inmates at Everglades Correctional Institution
data breach | Chanel Inc. reports data breach affecting U.S. clients
data breach | Pi-hole network Ad-Blocker reports data breach exposing 30,000 donors via a WordPress plugin vulnerability
data breach | Webb Institute Marine Engineering College reports cybersecurity incident affecting over 1,500 people
data breach | Think Big Health Care Solutions еmail аccount compromise expose healthcare data
data breach | New Zealand transport agency data breach leads to targeted vehicle theft
data breach | Cycle & Carriage Singapore reports data breach exposing data of 147 K clients
data breach | Central Maine Healthcare reports data breach impacting patient care
ransomware | INC Ransomware gang claims breach of Dollar Tree, company disputes involvement
ransomware | Highlands Oncology Group hit by ransomware attack affecting over 113,000 patients
ransomware | GLOBAL GROUP ransomware claims breach of Albavisión media conglomerate
ransomware | Ridgefield Public Schools hit by ransomware attack, network taken offline
ransomware | Cyberattacks cripple government services across Dutch Caribbean Islands

Read More
State of (in)security - Week 40, 2023
State of (in)security - Week 51, 2023
Patching still a huge problem - 150k unpatched …
Over 40,000 Internet-connected cameras stream live footage with …
Windows Shortcut exploit abused in active hacker and …