North America
Apple and Google users
Apple and Google issued a new round of cyberthreat notifications, warning users worldwide about what they describe as unprecedented activity by state-linked mercenary spyware groups.
Google recently warned users about continued activity from a sanctioned spyware vendor known as Intellexa, which has remained active despite international crackdowns. Apple has now confirmed it also sent threat notifications to users. The company did not disclose details about the suspected hacking activity, the number of users affected or who may be behind the surveillance.
Apple said it has sent threat notifications to users in more than 150 countries since 2021 as part of its efforts to protect individuals from highly targeted digital surveillance.
SourceHow it could affect your business
Mercenary spyware is becoming increasingly advanced and widespread, with attacks extending far beyond high-profile targets. As these campaigns scale, employees at all levels can become entry points. Regular user awareness training is critical so staff can spot warning signs, avoid risky links and understand how targeted surveillance attempts often begin.
Europe
The French Ministry of the Interior
The French Ministry of the Interior confirmed a cyberattack that compromised its email servers, raising concerns about the security of internal government communications.
The breach was detected overnight between December 11 and December 12, when threat actors accessed some document files stored on the email systems. The investigation is still ongoing, and authorities have not yet confirmed whether any data was stolen.
In response, the ministry said it has tightened security protocols and strengthened access controls across the information systems used by its personnel to reduce the risk of further intrusion.
SourceHow it could affect your business
Email remains one of the most common and effective ways for attackers to gain access, particularly through phishing and impersonation scams. To counter today’s more sophisticated threats, organizations need layered email security that combines generative AI, behavioral analysis and real-time user coaching to stop attacks before a single click leads to a breach.
Australia & New Zealand
New Zealand citizens
New Zealand’s National Cyber Security Centre warned approximately 26,000 people that their devices may have been infected with malicious software.
The cyber agency sent alert emails to roughly 26,000 addresses after identifying infections linked to the Lumma Stealer malware, which is designed to steal sensitive information, including email addresses and passwords. Some compromised credentials were linked to government agency systems and bank accounts, increasing the potential risk.
The agency said this was the first time it had contacted so many people about a single malware campaign. It added that it is working closely with government agencies and financial institutions to help protect affected users and limit further damage.
SourceHow it could affect your business
Malware campaigns like this are becoming increasingly targeted and harder to detect, often stealing credentials quietly before victims realize anything is amiss. Organizations need to strengthen user awareness so employees can recognize warning signs, avoid suspicious downloads and report unusual behavior early. Pairing training with endpoint protection and continuous monitoring helps reduce the risk of stolen credentials being reused across systems.
Europe
Health Service Executive (HSE)
Ireland’s Health Service Executive (HSE) confirmed that it suffered a second ransomware attack earlier this year, following the major cyberattack that disrupted the agency in 2021.
The HSE was already in the process of offering compensation to victims of the 2021 ransomware attack, which caused widespread disruption and cost an estimated €102 million. It has now emerged that another ransomware incident occurred in February, this time involving a third-party data processor. The attack resulted in a data breach, drawing renewed attention to the agency’s cybersecurity challenges.
The HSE said its IT systems were fully restored after the incident and that there is no evidence data was exfiltrated during the attack.
SourceHow it could affect your business
Paying a ransom does not guarantee safety and often invites repeat attacks from the same or related groups. Organizations are better protected when they focus on early threat detection to stop attacks before encryption begins and maintain encrypted, tested backups that allow systems to be restored without negotiating with attackers.
Europe
Bank of Cyprus Oncology Centre
The Bank of Cyprus Oncology Centre confirmed a cyberattack in which hackers breached patient and employee personal data and published some of the stolen information.
The organization said a malicious third party accessed its systems and illegally extracted sensitive data. The attackers have already released some of the stolen information and are threatening to publish more through media outlets and social media platforms. The exposed data includes personal information belonging to both patients and employees.
The center said it is working closely with state authorities as part of the investigation. It has also implemented additional security measures to strengthen system safety and reduce the risk of further unauthorized access.
SourceHow it could affect your business
Health care organizations remain prime targets because stolen medical and personal data is highly valuable to attackers. Breaches like this can lead to regulatory scrutiny, patient distrust and long-term reputational damage. To reduce risk, healthcare providers should strengthen access controls, closely monitor systems for unusual activity and ensure sensitive data is encrypted and securely segmented across their networks.