Collins Aerospace has been targeted by a ransomware attack involving HardBit, causing significant disruptions at major airports across Europe. The attack has led to delays and cancellations, with over a thousand computers reportedly impacted.

A recent Yubico survey highlights that nearly half of respondents interacted with phishing emails in the past year, with Gen Z being the most vulnerable demographic. Despite recognizing the insecurity of passwords, many users and organizations still lack adequate protective measures.

The Trinity of Chaos ransomware collective has launched a Data Leak Site on the TOR network, exposing data from 39 companies, including major firms like Google and Cisco. This incident highlights vulnerabilities in Salesforce and the ongoing threat posed by this group, which is linked to Lapsus$ and ShinyHunters.

Discord has reported a data breach affecting a limited number of users after a third-party customer service provider was compromised. Exposed data includes real names, email addresses, and limited billing details, though full credit card numbers and passwords were not accessed.

The cybersecurity landscape is shifting from endless vulnerability management to proactive, automated remediation. This change aims to alleviate alert fatigue and enhance security resilience through innovative approaches in software development.

WestJet has disclosed a data breach affecting 1.2 million customers due to a cyber-attack in June 2025. Personal information, including names and contact details, was accessed, although sensitive data such as credit card numbers and passwords remain secure.

Microsoft is updating Outlook to stop displaying inline SVG images in an effort to mitigate security risks associated with phishing and malware. While SVG attachments will still be supported, the change aims to reduce the potential for cross-site scripting (XSS) attacks.

A newly patched VMware vulnerability, tracked as CVE-2025-41244, has been exploited as a zero-day for code execution with elevated privileges. The flaw affects VMware Aria Operations and VMware Tools, allowing attackers to escalate privileges to root on managed VMs.

Unity has revealed a significant security vulnerability affecting games built with its development tool since 2017, urging developers to update immediately. While there is no evidence of exploitation, fixes are available, and platform partners like Valve and Microsoft have implemented mitigations.

ParkMobile has concluded a class action lawsuit related to its 2021 data breach that compromised the data of 22 million users. Affected individuals will receive a $1 in-app credit, which must be claimed manually and has an expiration date.

A recent government survey reveals that six out of ten UK secondary schools have experienced a cyber-attack or breach in the past year, with further education colleges and universities facing even higher rates. Analysts attribute the vulnerability of state schools to funding pressures and a lack of specialist cybersecurity expertise.

A zero-day vulnerability in Zimbra Collaboration Suite (ZCS) has been exploited by hackers using malicious iCalendar files. The flaw, identified as CVE-2025-27915, allows attackers to execute arbitrary JavaScript and steal sensitive data from Zimbra Webmail.

Jaguar Land Rover (JLR) is set to restart production at its Wolverhampton plant following a significant cyber-attack that halted operations across multiple sites. The company faces ongoing challenges as it works to restore full capacity and support affected suppliers.

Jaguar Land Rover was targeted in a cyber-attack that forced the company to shut down computers and factories, raising concerns about the preparedness of British businesses against such threats. The attack has had a devastating impact on JLR's supply chain, leading to layoffs and financial strain on smaller suppliers.