1. National Defense Corporation (NDC) Ransomware Attack

In March 2025, NDC and its subsidiary AMTEC were targeted by the Interlock Ransomware Group, resulting in the theft of approximately 4.2 TB of sensitive data. While classified materials were not confirmed as exposed, procurement and logistics information were compromised, demonstrating that even defense contractors are vulnerable to cyber threats.

2. Microsoft Zero-Day Exploit (CLFS / Storm-2460)

In April 2025, a zero-day vulnerability in Windows Common Log File System (CLFS), identified as CVE-2025-29824, was exploited by the Storm-2460 group using malware dubbed “PipeMagic.” This exploit allowed attackers to escalate privileges and deploy ransomware across various sectors, highlighting the risks associated with unpatched system vulnerabilities.

3. WestJet Cyberattack

In June 2025, Canadian airline WestJet experienced a cybersecurity incident that disrupted its website and mobile app. Operations largely continued, but internal systems were compromised. The incident is believed to have been caused by social engineering tactics, emphasizing the need for robust defenses against such attacks.

4. Bybit Cryptocurrency Exchange Heist

In February 2025, over $1.46 billion in Ethereum was stolen from Bybit’s cold wallets, attributed to North Korea’s Lazarus group. This incident underscores the importance of securing cryptocurrency infrastructure against sophisticated cyber threats.

5. St. Paul, Minnesota Municipal Cyberattack

A cyberattack disrupted city services in St. Paul, Minnesota, affecting online payments, internal networks, and public WiFi. The attack was significant enough to warrant a state of emergency, highlighting the vulnerability of municipal systems to cyber threats.

6. Jaguar Land Rover (JLR) Supply Chain Disruption

In late August to September 2025, a cyberattack forced JLR to halt production in multiple plants outside China for weeks, affecting thousands of suppliers. This incident demonstrates how attacks on one company can have cascading effects across the supply chain.

7. Collins Aerospace / MUSE Software Attack

On September 19, 2025, an attack on the MUSE check-in/boarding software used by airports caused widespread flight delays and cancellations across Europe. This incident illustrates how vulnerabilities in third-party software can disrupt critical infrastructure.

8. Allianz Life Data Breach

Allianz Life experienced a breach impacting approximately 1.1 million U.S. customers, exposing names, addresses, phone numbers, and emails. While financial data was not compromised, the breach underscores the importance of safeguarding personal information.

9. New York Blood Center (NYBC) Data Breach

Nearly 194,000 individuals’ data were exposed, including names, Social Security numbers, driver’s licenses, bank information, and medical test results. This breach highlights the critical need for securing health and identity data.

10. Bank Sepah Breach

In March 2025, hacker group Codebreakers claimed to have infiltrated Bank Sepah, extracting over 12 TB of data belonging to more than 42 million individuals, including military personnel information and account numbers. The bank initially denied the breach, but the claim raised significant concerns about the security of financial institutions.

11. Supply Chain Breach at a Major Retailer

Recent breaches arise from weak links in vendors or software supply chains. Attackers often bypass the main target by compromising a trusted third party.

12. Zero-Day Exploits Against Enterprise Platforms

Many 2024–2025 attacks used previously undocumented vulnerabilities (zero days) in widely used enterprise software, enabling stealthy access before patches are issued.

13. Ransomware on Healthcare Provider

Several hospital systems and health networks faced ransomware attacks, crippling operations and demanding payment for data recovery. These reinforce that healthcare remains a prime target.

14. Phishing / Credential Stuffing Leading to Exfiltration

A recurring motif in analysis: attackers steal or guess credentials and move laterally in corporate networks, exfiltrating data quietly before detection.

15. Attack on Financial Services Firm

Financial institutions continue to be targeted for customer data, trading data, or proprietary models. Recent cases show threat actors probing APIs, internal tools, or cloud misconfigurations.

16. Intrusion of a Telecom

A telecom operator was breached, exposing customer account data and network logs. This kind of attack hits many downstream users.

17. Attack on a Government

Municipal systems (e.g. payment portals, utility management) are under attack. The 2025 St. Paul, MN case is one example.

18. Critical Infrastructure / Utility Disruption Attack

Attackers are increasingly seeking to impact energy grids, water treatment, or transport systems, aiming for disruption more than just data theft.

19. Cloud Misconfiguration Leading to Open Buckets / Data Exposure

A common vector in cloud storage was left open or misconfigured, exposing large troves of documents, logs, and secrets.

20. Third-Party Analytics / Marketing Platform Breach

Attackers compromised a marketing analytics vendor, then used that access to reach customer databases in many downstream client firms.

21. Board / Executive Targeting via Spear Phishing

In some 2025 cases, top executives were targeted via highly tailored phishing or voice deepfake attacks, giving attackers privileged access.

22. Logistics

A global shipping or logistics firm was hit by ransomware, halting deliveries and operations across multiple countries.

23. Software Vendor (SaaS) Internal Compromise

A SaaS provider’s internal development or admin system was breached, giving attackers access to customer instances or data.

24. Large-Scale Credential Leaks

Massive dumps of usernames, emails, hashed passwords have been pushed publicly, often gleaned from aggregated past breaches, then reused in replay attacks.

25. Attack On a Major Media

Media houses have been breached, leading to leaks of editorial, subscriber, or internal email data.