Cyber attacks and data violations are wreaking havoc on organizations and users around the world.
From ransomware and the Daniel-of-Services (DDOS) attacks were distributed in casual and third-party data exposure, business running, complex cyber security risks.
Here are some standout cyber attacks and breakdown of data violations, which made headlines this month.
Material:
6 million records exfiltated from Oracle Cloud
Security seller Claudsac exposed a major violation of targeting Oirakal Claude, with 6 million records out through a suspected undeclared vulnerability. More than 140,000 tenants were demanded to demand ransom with the attacker and marketing sensitive data online. Data includes JKS files, encrypted SSO passwords, major files and enterprise manager JPS Keys.
“While threatening the actor has no prior history, his methods indicate high sophistication, Claudsek has assessed this danger with moderate belief and is in the form of rates as high in severity,” Claudsac said.
Fake banking app targets Android users through Telegram
A sophisticated malware dropper was seen targeting Android users in a fishing plan to mimic the IndusInd Bank app and steal sensitive financial information. Displaying a fake banking interface, malicious app tricks users to enter information such as PAN and Aadhaar number -banking credentials.
After depositing data to the victims, it is sent to both the Fishing Server and Telegram-controlled command and control (C2) channel.
Cyber attack Ukrainian Railway hits
A “large -scale” cyber attack on Ukraine’s Railways forced to offline online services. The country’s national railway company Ukrzaliznytsia described the attack as “very systematic, complex and multi-level”. It took down its online portal, rendering online sales of impossible tickets for a period of time, although trains were still able to operate.
“The main objective of the enemy failed: the train traffic remains stable, running on time without delay, and all operating processes have been converted into backup mode,” read the latest updates from Ukrzaliznytsia. “Railways continue to operate despite physical attacks on infrastructure, and even the most crooked cyber attacks cannot stop it. As Ucrazalizantesia has previously been the target of enemy cyber attacks, backup protocols have been implemented within the company.”
Reliable websites exploited for malicious redirects
Another campaign said that Run saw the attackers misusing the long -standing, reliable work on reliable domains, which re -prepare users on fishing pages. By exploiting weak redirect verification, danger actors replaced the URL that looked safe in a launchpad for malicious sites. Since users believed that they were still on legitimate pages, or running between them, they were more likely to fall for the scam.
Supply Series Attack GITHUB Action Against Action
A supply chain attack tied up with popular TJ-action/converted-filled action, affecting more than 23,000 repository. The attackers modified several version tags to refer to a malicious commitment, highlighting the CI/CD secrets in the workflow logs. The vulnerability was present between March 14 and March 15, 2025, and has been reduced since then.
The attack included modifying TJ-action/converted-filled action to execute a malicious python script. The script extracted mysteries from the runner worker process memory and printed them in the Github Action Log, making them publicly accessible in the repository with a public workflow log.
“This Cve enables public github repository with github actions,” said Dimitri Stiliadis, CTO and co-founder Dimitri Stiliadis. “For organizations that manufacture software, if they are using compromise action, they will need to re -configure their pipelines.”
Thousands of New South Wales Court files leaked
Some 9,000 court files – including sensitive documents such as violence orders and affidavits – were leaked in data violations of the online registry of the New South Wales (NSW) court system. The police were alerted for the breech for the NSW online registry website with Cybercrime Detectives of NSW State Crime Command, in which an investigation related to the state communities and justice department (DCJ) began.
The names and addresses of the victims and criminals, as well as allegedly derogatory accounts can be included in the revealed documents, it was reported.
NSW Attorney-General Michael Daily said the department and police were taking the incident seriously and were working to ensure the integrity of the system after significant leakage. He said, “They are also working to identify and contact the affected users immediately and the public will be updated because more information is available,” he said.
