As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 20, 2025
Information security updates and events from the past week
1 Major US steelmaker Nucor Corporation forced to shut down facilities following cyberattack
Nucor Corporation, the largest steelmaker in the United States, reported a cyber incident that forced the company to shut down parts of its network systems and take measures. The incident suspended production at several sites, although the full impact on the company’s operations is still unclear.
The company identified unauthorized access to its systems by an external party and reported the incident to law enforcement authorities and hired external cybersecurity experts to assist in the investigation.
Some production activities were temporarily shut down, and the company has already begun a gradual process of restarting them.
Currently, no ransomware group has claimed responsibility for the attack on Nucor, so the identity of the attackers is still unknown.
2 Fashion house DIOR announces a data leak to customers
Fashion house DIOR, one of the world’s leading luxury brands, with a profound impact on the fashion industry since its inception, has issued an official statement about an incident A data breach that occurred on May 7, 2025, in which an attacker gained access to the company’s customer database. DIOR emphasizes that it took immediate steps to contain the incident and that it has notified the relevant regulatory authorities.
The information exposed includes:
– Customer names, gender, mobile phone numbers, email addresses, physical mailing addresses, purchase history, personal preferences, additional information that customers shared with the company.
As a preventive measure, DIOR recommends that its customers be alert to suspicious activity or communications (text messages, phone calls, emails), exercise caution when clicking on links or opening attachments from unknown sources, and refrain from providing sensitive information such as verification codes and passwords.
https://gbhackers.com/customer-data-compromised/
3 160-year-old haulage company collapses after cyberattacking
The haulage company Knights of Old, which was one of the pillars of the logistics industry in the UK for 160 years, was forced to enter liquidation proceedings in 2023 following a cyberattack that paralyzed its financial systems.
Circumstances of the collapse:
– Hackers penetrated the company’s IT infrastructure and embedded a ransom message in its systems
– The attack disrupted critical financial data, and the company was unable to meet reporting deadlines to the relevant authorities
– Despite attempts to continue operations manually, the damage proved irreversible
– The company, which was founded in 1865 and employed 730 people, was unable to recover
4 Pearson reports a cyberattack that led to the theft of sensitive information from the company’s systems.
According to the report, the attackers were able to penetrate the company’s systems after finding an access token to the Gitlab environment.
This access allowed them to enter the company’s code repositories, where they found additional access details to cloud environments.
In the months following the intrusion (which began in January), the attackers were able to download large amounts of information, including source code, customer data, financial documents and more.
The company said that most of the information stolen was “old information”, but did not elaborate further.
Pearson operates in more than 70 countries, providing digital learning solutions, testing systems and educational services to schools and universities.
5 Steam supply chain breach puts 89 million accounts at risk
A hacker named Machine1337 is offering for sale on the darknet for $5,000 a massive database of 89 million user accounts stolen following a breach of a third-party service connected to the supply chain of Steam, Valve’s popular gaming platform.
The leak itself does not stem from a direct Steam hack, but from a service that likely handled related functions such as authentication, communications, or technical support.
6 GlobalX Airline Officially Confirms Cyberattack After Anonymous Activists’ Claims
Global Crossing Airlines, known by its trade name GlobalX, has officially confirmed that it has indeed detected unauthorized activity in its systems, following claims by the hacktivist group Anonymous that the company’s systems have been hacked. The confirmation came in an official report to the US Securities and Exchange Commission (SEC).
https://www.sec.gov/Archives/edgar/data/1846084/000095017025068004/jetmf-20250505.htm
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
