Running Aces Casino, Hotel & Racetrack experienced a Qilin-attributed ransomware intrusion that compromised its network, enabling unauthorized access and exfiltration of sensitive customer PII (names, Social Security numbers, dates of birth, and driver’s license numbers), prompting regulatory notification and remediation actions.

A ransomware attack fully encrypted the Village of Golf Manor’s computer network and all available backups, prompting the council to pass Resolution No. 2025-30 to hire third-party experts who may advise whether paying a ransom for a decryption key is in the village’s best interest, while officials state they are not currently inclined to pay.

A security researcher used automated TruffleHog scans across all 5.6 million public GitLab Cloud repositories and found 17,430 live secrets tied to 2,804 domains—including cloud, database, messaging, and OpenAI keys—showing that many organizations still expose long-lived credentials in public code despite some revocations after notification.

Attackers used a compromised account to access the French Football Federation’s club administration software and stole members’ personal and contact information (names, demographics, and contact details) before the account was disabled and passwords reset.

A smishing-enabled cyberattack against analytics provider Mixpanel led to unauthorized access and export of limited analytics datasets, including OpenAI platform user profiles and device/usage details, but not ChatGPT content or credentials, creating downstream phishing and social-engineering risk for affected customers while prompting OpenAI to sever Mixpanel integrations and Mixpanel to execute a full incident-response and hardening program.

Synthesizing all three sources, the OSINT indicates that an unauthorized third party exploited a previously unknown vulnerability in Oracle E-Business Suite in August 2025 to hack the Oracle EBS environments of the University of Pennsylvania and the University of Phoenix.

A ransomware group known as Devman allegedly attacked the Georgia Superior Court Clerks’ Cooperative Authority, disrupting access to real estate records across Georgia and claiming theft of 500 GB of sensitive data, which has delayed closings and impacted buyers, sellers, and real estate professionals statewide.

Threat actors associated with the Qilin ransomware operation infiltrated Asahi’s Japan network through compromised equipment, exfiltrated personal and business data affecting roughly 1.5–2 million customers, employees, and related contacts, and deployed ransomware that encrypted multiple servers and PCs, causing widespread operational shutdowns and significant service disruption across Japan.

A nationwide ransomware attack on CodeRED forced Crisis24 to shut down its emergency alert system, steal user data, and rebuild from months-old backups—leaving cities scrambling to warn residents that their warning system is down.

Synopsis The analysis indicates that Everest is a highly capable, financially motivated ransomware group able to maintain long-term access, conduct large-scale exfiltration of structured customer and payment data, manipulate operational records, and in some cases encrypt core systems, creating a single loss event that spans operational disruption, regulatory exposure, and widespread customer impact. This information elevates strategic decision making by forcing executives to

Akira’s campaign demonstrates a high-capability extortion threat that routinely exploits phishing, valid-account abuse, and internet-facing vulnerabilities, driving measurable strategic, operational, and financial risk with an expected loss frequency of about one event every two years and substantial potential impact on sensitive data and organizational resilience.