As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 36, 2025
Information security updates and events from the past week
-
Cyberattack disrupts Jaguar Land Rover UK plants
Jaguar Land Rover (JLR) has reported a major cyberattack that has severely disrupted vehicle production, including at the company’s flagship plants in Halewood and Solihull, UK
– The attack was discovered on Sunday, as JLR prepared to launch new license plates on September 1.
– The systems under attack were detected in real time, and the company was forced to proactively shut down its IT systems to minimize damage.
– Employees were ordered not to come to work, and at some sites were sent home.
– The company’s sales activity was significantly affected, precisely during the peak season for new car purchases. -
Crypto platform Venus Protocol suffers phishing attack – $13.5 million worth of assets stolen
This week, Venus Protocol, one of the leading DeFi platforms on the BNB Chain network, suffered a sophisticated phishing attack that led to the loss of $13.5 million in digital assets.
The platform specializes in providing crypto loans, interest-bearing deposits and issuing stablecoins.
– The attackers managed to steal access details through a phishing attack targeting one of the largest traders.
– The assets were stolen mainly from vUSDT, vUSDC and BTCB coins.
– The Venus Protocol team has suspended some services to prevent further damage.
– The investigation is being carried out in collaboration with information security companies, major exchanges and other partners, to locate and track the stolen assets.
– Some funds are still partially under control, and some have been frozen through collaboration with crypto exchanges. -
Ransomware attack on Pennsylvania Attorney General’s Office disrupts court proceedings
The Pennsylvania Attorney General’s Office (OAG) has confirmed that it has experienced a significant ransomware attack, which has disrupted criminal and civil cases and temporarily disrupted systems.
– The attack was detected in early August 2025 and disabled the office’s servers
– The attackers encrypted files and demanded a ransom to restore the information, no ransom was paid
– At present, there is no indication that sensitive information was leaked
– The office has opened an investigation in cooperation with federal authorities, but the details of the investigation have not yet been released
– During the event, the official website, email systems and internal phone lines were also disabled -
Serious security breach in Pudu Robotics: Hundreds of thousands of robots worldwide were vulnerable to remote control
– Researcher BobDaHacker revealed a critical security breach in the management systems of Pudu Robotics – one of the largest robotics companies in the world.
– The vulnerability allowed full remote control of smart robots such as BellaBot, KettyBot, PuduBot and other service robots, without the need for identity verification.
– The platform provided access to an almost completely open API, any external party could view, modify and control any robot connected to the system. -
The vulnerability allowed initiating missions, changing tasks, updating settings, and sending robots to any destination
It was possible to access mission history, scan locations in real time, and operate cameras on video-enabled robots.
Pudu robots operate in restaurants, hospitals, hotels, offices, and schools; intrusion into the systems could lead to disruption of medical processes, theft of documents, or creating logistical chaos. -
Sinqia S.A., a subsidiary of Evertec that specializes in developing software systems and FinTech solutions for banks and financial institutions in Brazil (including integration with the instant payment system PIX), revealed that hackers broke into its systems to steal approximately $130 million.
The attackers used an external provider’s IT accounts to penetrate the system and transfer funds. Part of the amount was quickly refunded, and the company activated an emergency protocol that included stopping transactions and forensic examinations.
According to the announcement, no damage was done to customers or data of banks such as HSBC, despite initial reports that they were involved. -
Bridgestone, the world’s largest tire manufacturer, reports a cyberattack affecting its manufacturing plants in the US.
The attack affected several manufacturing plants in the US and led to a temporary shutdown. According to the company, the rapid response of the response teams prevented wider access to the network and the theft of sensitive information.
-
Attackers hacked into Brazilian fintech company Sinqia S.A and tried to steal $130 million.
The attackers used stolen identification data from an IT provider with which the company works to penetrate the company’s network into Pix, the instant payment system of the Brazilian Central Bank.
Once they gained access, the attackers tried to make transactions, but Sinqia stopped the transactions and began an investigation.
The company notes that some of the money was returned, but this means that the attackers did manage to steal some amount.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
