Europe
Union européenne
The European Union (EU) and its member states have publicly denounced a Russia-linked malicious cyber ecosystem that has been targeting organizations across the EU for years.
The EU has accused Russia’s Federal Security Service (FSB) of directing several cyberthreat groups, including TURLA, to conduct cyber operations against EU member states and international partners. The alleged activities include infiltrating government networks and sabotaging critical infrastructure. Countries reportedly targeted include France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania and Finland.
According to the EU, the group has conducted cyber espionage against strategic French government entities since 2010 and targeted the country’s defense industry in 2025. In Germany, it has focused on government organizations, while in Poland, it has recently carried out disruptive sabotage operations against critical infrastructure, including combined heating and power plants.
SourceComment cela pourrait-il affecter votre entreprise ?
Nation-state cyberattacks have been increasing in recent years, particularly targeting organizations that work with government agencies and critical infrastructure. These organizations should strengthen their cyber defenses through continuous monitoring, robust access controls, timely patching and well-tested incident response and recovery plans to improve resilience against sophisticated threats.
Australie et Nouvelle-Zélande
Australian businesses
Meanwhile, the Australian Cyber Security Centre (ACSC) has warned Australian businesses that malicious actors are actively scanning websites for vulnerabilities in a range of content management systems (CMS) and plugins.
According to the ACSC, a widespread exploitation campaign is targeting CMS platforms and their plugins globally, with numerous Australian businesses already affected. Threat actors are deploying webshells on compromised websites, potentially leading to service disruptions, data theft and further network compromise. The campaign targets platforms including WordPress, Craft CMS, MaxSite CMS, MetInfo CMS and Joomla JCE, as well as plugins such as Simple File List, WavePlayer, Ninja Forms and Craft CMS.
Reports suggest the campaign may be accelerated by AI, enabling threat actors to identify vulnerable systems and scale their attacks more effectively.
SourceComment cela pourrait-il affecter votre entreprise ?
Website administrators should promptly apply the latest security updates for all CMS platforms and plugins to reduce the risk of exploitation. Organizations should also remove unused plugins, enable automatic updates where possible and implement stronger security measures, such as read-only directories and continuous monitoring for unauthorized file creation, to better defend against such web-based attacks.
États-Unis
AssuranceAmerica
American insurance company AssuranceAmerica disclosed a data breach affecting nearly 7 million individuals after attackers gained unauthorized access to its systems earlier this year.
AssuranceAmerica, which provides auto, renters and commercial auto insurance across 14 U.S. states, revealed in a filing with the Maine Office of the Attorney General that the breach affected 6,998,886 people. The company detected the incident on March 17 and determined that the attackers had stolen a broad range of customer information from its systems. The compromised data includes combinations of names, contact information, automobile insurance policy and account details, driver and vehicle information, claims-related information and driver’s license numbers.
The incident marks the second major breach involving a U.S. insurance provider in recent weeks, following American insurance giant Aflac’s disclosure that a breach at its Japan subsidiary affected more than 4 million customers.
SourceComment cela pourrait-il affecter votre entreprise ?
A data exposure of this scale could fuel widespread phishing campaigns using stolen insurance and personal details. Individuals should review credit reports, bank accounts and other financial statements for unusual activity and immediately notify their financial institution if anything suspicious appears.
États-Unis
Cambridge Mobile Telematics
A ransomware group claimed responsibility for a cyberattack targeting Cambridge Mobile Telematics (CMT), a Cambridge, Massachusetts-based telematics and AI company.
On June 2, the ransomware group CoinbaseCartel claimed responsibility for the attack and threatened to leak sensitive data unless the company entered into negotiations. According to reports, the compromised information may include driving behavior data such as trip logs, acceleration and braking patterns and mobile phone distraction events. The attackers also claim to have obtained location information, including GPS coordinates, travel routes and location history, along with personally identifiable information, user profiles, insurance-related information and account details.
CMT has not yet confirmed the alleged breach or verified that any customer data was compromised.
SourceComment cela pourrait-il affecter votre entreprise ?
The combination of driving history, location data and personal information could enable cybercriminals to launch highly targeted spear-phishing campaigns that appear credible and personalized. Individuals should remain cautious of unsolicited emails or messages requesting personal information or urgent action, even if they appear to reference legitimate account or insurance details.
Europe
Deutsche Bank
Hackers claimed to have breached Frankfurt-headquartered banking giant Deutsche Bank, while the bank confirmed a cybersecurity incident involving a third-party service provider.
A ransomware group known as Unsafe claimed responsibility for the breach, publishing, it says, employee database records on its dark web leak site. As proof, the group posted database extracts, terminal output and commands that appear to show exports from multiple databases, suggesting the data may have originated from internal Deutsche Bank systems. According to reports, the exposed information includes employee email addresses, password hashes, physical addresses and internal database records.
Meanwhile, Deutsche Bank said it was notified of a cybersecurity incident involving an external service provider in Germany that operates a marketing and incentive platform for sales partners. The bank stated that there is no indication its internal systems or networks were affected and that it has found no evidence of unauthorized access to its own network.
SourceComment cela pourrait-il affecter votre entreprise ?
Third-party vendors are increasingly being targeted as a pathway to compromise larger organizations, even when the organizations’ own networks remain secure. Businesses should regularly assess vendor security, limit third-party access to critical systems, continuously monitor external integrations and ensure suppliers adhere to strong cybersecurity practices.


