A zero-day vulnerability in the Zimbra Collaboration Suite (ZCS), identified as CVE-2025-27915, has been exploited in targeted attacks using weaponized iCalendar files. This stored cross-site scripting (XSS) flaw allows attackers to steal sensitive data from victims' email accounts.

Japanese beer giant Asahi has confirmed a ransomware attack that has led to significant IT disruptions, forcing the company to shut down factories in Japan. The attack has also resulted in evidence of data theft from compromised devices.

WestJet has disclosed a data breach affecting 1.2 million customers due to a cyber-attack in June 2025. Personal information, including names and contact details, was accessed, although sensitive data such as credit card numbers and passwords remain secure.

Oracle has issued a critical patch for a zero-day vulnerability in its E-Business Suite, tracked as CVE-2025-61882, which allows unauthenticated remote code execution. The flaw has been actively exploited in data theft attacks by the Clop ransomware gang.