Synthesizing all three sources, the OSINT indicates that an unauthorized third party exploited a previously unknown vulnerability in Oracle E-Business Suite in August 2025 to hack the Oracle EBS environments of the University of Pennsylvania and the University of Phoenix.

A ransomware group known as Devman allegedly attacked the Georgia Superior Court Clerks’ Cooperative Authority, disrupting access to real estate records across Georgia and claiming theft of 500 GB of sensitive data, which has delayed closings and impacted buyers, sellers, and real estate professionals statewide.

Threat actors associated with the Qilin ransomware operation infiltrated Asahi’s Japan network through compromised equipment, exfiltrated personal and business data affecting roughly 1.5–2 million customers, employees, and related contacts, and deployed ransomware that encrypted multiple servers and PCs, causing widespread operational shutdowns and significant service disruption across Japan.

A nationwide ransomware attack on CodeRED forced Crisis24 to shut down its emergency alert system, steal user data, and rebuild from months-old backups—leaving cities scrambling to warn residents that their warning system is down.