Over the last two months (August 23–October 23, 2025), significant cyber incidents have involved major companies like Allianz Life, Jaguar Land Rover, and F5 Networks. Attacks have also targeted airports, government entities, and healthcare systems, with ransomware remaining a top threat.
Major corporate cyberattacks
- F5 Networks hack: In October 2025, network hardware company F5 disclosed a breach that exposed broad risks to its customers, which include Fortune 500 companies. Some experts have compared the incident to the 2020 SolarWinds hack due to its potential widespread impact.
- Allianz Life data breach: In September, Allianz Life Insurance Company of North America confirmed that a data breach, which originated from a hack of its software provider Salesforce in August, affected most of its 1.4 million U.S. customers.
- Jaguar Land Rover attack: A ransomware attack on the automotive company in the fall of 2025 reportedly became the costliest in UK history, with analysts estimating losses of £2.1 billion.
- Asahi breweries attack: In September and October, the Japanese brewing giant was hit by a major cyberattack that halted all its Japanese production, forcing the company to revert to manual systems.
- Outsourcing firm Capita fined: In October, the UK data watchdog fined outsourcing firm Capita £14 million for a hack that stole the data of millions of clients.
- Discord data leak: In October, Discord announced that ID photos of up to 70,000 users may have been leaked during a data breach.
Critical infrastructure and public sector attacks
- European airport systems hit: A cyberattack in October disrupted electronic check-in and boarding systems at several major European airports.
- Healthcare network disrupted: A cyberattack in October forced a nonprofit healthcare system in North Central Massachusetts to take its IT network offline and divert ambulances.
- Salt Typhoon targets telecoms: The Chinese-affiliated cyberespionage group “Salt Typhoon” continued its campaign against European telecom companies in October.
- Government institutions targeted: An Iranian state-linked group, MuddyWater, conducted a global espionage campaign against over 100 organizations, including government bodies, over the last two months.
Noteworthy malware and threat activity
- Surge in ransomware: A Q3 2025 analysis by BlackFog reported a 36% year-over-year surge in ransomware attacks, with critical infrastructure sectors like airlines and governments among the top targets.
- ToolShell vulnerabilities exploited: Threat actors actively exploited path traversal vulnerabilities (CVE-2025-53770 and CVE-2025-53771) in unpatched on-premises Microsoft SharePoint servers throughout Q3 2025. Chinese state-linked actors were among those leveraging this exploit.
- Qilin ransomware active: The Qilin ransomware group remained a significant threat throughout Q3 and into Q4, heavily targeting healthcare and professional services companies.
- Compromised credentials for phishing: Trend analysis showed that hackers are increasingly using compromised internal email accounts to launch more convincing and legitimate-seeming phishing campaigns.
- Cybercriminals use legitimate tools: In a Qilin ransomware incident, attackers were found to be using the legitimate, open-source forensic tool Velociraptor to maintain persistence on compromised systems.
Obtain your IT Cyber Security Training and Certifications from CED Solutions: https://www.cedsolutions.com
CED Solutions is one of the largest IT certification providers in North America, offering a range of services including IT training, certification courses, and testing services. With a focus on real-world application and practical skills, CED Solutions has provided certification training to more than 50,000 students over the past 25 years. Recognized for their dedication to student success and career development, CED Solutions is committed to providing opportunities for lifelong learning and professional growth.