As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 42, 2025
Information security updates and events from the past week
1. Cyberattack on Canadian airports displayed pro-Palestinian messages
Three airports in Canada experienced a coordinated cyberattack that resulted in the display of pro-Hamas messages on screens and public address systems. The attack caused short flight delays and the opening of a broad federal investigation.
The incident and its scope:
– Windsor, Kelowna and Victoria airports reported a penetration of the display and public address systems (PA System).
– Messages such as “Israel lost the war; Hamas won the war honorably” appeared on the screens along with curses directed at US President Donald Trump.
– The messages bore the signature of the attack group Siber Islam, which also operates on Telegram and X channels.
Windsor Airport CEO Mark Galvin noted that the team worked quickly to disable the screens and public address until the malicious files were removed.
– There were not many passengers in the terminals at the time of the incident, and operations were resumed shortly after.
– The investigation is being conducted by Transport Canada, the Canadian Centre for Cybersecurity and the RCMP Cyber Unit.
– According to officials, another airport in the US experienced a similar attack on the same day.
2. Cyberattack on Volkswagen Group France: Qilin Group claims responsibility, over 150 gigabytes of sensitive data stolen
The Qilin ransomware group announced that it managed to hack into Volkswagen Group France, the French subsidiary of the German car corporation Volkswagen AG, and extract a database of more than 150 gigabytes.
According to the group’s announcement on the leak site, the information stolen includes user, customer and employee details, along with sensitive organizational documents. The group also attached examples of Excel files and images of documents as evidence of the hack.
Currently, Volkswagen has not issued an official response or confirmed the incident itself. However, according to reports, the database includes over 2,000 files and 100 gigabytes of business information.
The incident joins a wave of ransomware attacks that have recently targeted European car companies, Part of a growing trend of attacks against supply chains and customer data in this industry.
https://www.cyberdaily.au/security/12780-qilin-claims-cyber-attack-on-volkswagen-group-france
3. MANGO data breach: Contact details leaked from external marketing server, company reports incident to authorities
Spanish fashion company MANGO announced on October 14, 2025, a data security incident that occurred at its external marketing provider, following which contact details of the company’s customers were exposed.
The announcement was made to the company’s customers across Europe and stated that the leak was caused by unauthorized access to one of the digital marketing services used by MANGO.
Scope of the leak:
– First name, country, zip code, email address, phone number
– The company stressed that no sensitive data, including credit card details, bank accounts, passports, passwords or personal information, was exposed Login.
– In addition, according to MANGO, the company’s internal systems and organizational infrastructure were not compromised at all, and the incident was limited to the external marketing provider only.
– Upon discovery of the incident, the company activated its response procedures, reported it to the Spanish Data Protection Authority (AEPD), and began an internal investigation together with external cyber experts.
4. Cyberattack on the UK rail network: Radiant Group threatens to release information
The attack group Radiant Group claims to have hacked the systems of UK Rail Services, one of the main transport providers in the UK.
The group gave the organization only three days to contact it, otherwise it would start releasing sensitive information or disrupting systems.
5. The attack group Crimson Collective claims to have managed to penetrate Nintendo’s internal systems and access the company’s internal files.
According to security firm Hackmanac, the hackers posted a screenshot of folders labeled “Nintendo topic files,” but Nintendo has not yet confirmed or denied the incident.
The Crimson Collective’s recent history of attacks on other technology companies reinforces the suspicion that this is a real hack, although no actual evidence of a data leak has yet been released.
6. KFC Venezuela is under fire after hackers allegedly managed to break into its servers and steal an extensive database that includes personal customer and order information.
According to reports, 1,067,291 records with a total size of approximately 405MB were leaked, including full names, email addresses, phone numbers, shipping addresses, order details (products, quantities, prices) and order dates.
The information is being offered for sale on darknet forums in a CSV file, allowing attackers to carry out targeted phishing, fraud and identity theft, especially if passwords are reused across other services.
As of now, KFC has not issued an official response, but it is estimated that the source of the leak is an online order management system or a third-party cloud provider.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
