Wave of Ransomware and Data Breaches Hits Major Companies

On August 5, 2025, a significant surge of cyberattacks has been reported, primarily driven by ransomware campaigns and data breaches impacting major organizations. The Akira group has targeted firms like Hitachi Vantara and Nissan Australia, prompting SonicWall to advise users to disable SSL VPNs on their Gen 7 firewalls due to vulnerabilities initially thought to involve a zero-day exploit, now linked to CVE-2024-4076. Meanwhile, high-profile breaches at Google, Pandora, and Chanel have been attributed to the ShinyHunters group, utilizing social engineering tactics to access sensitive customer data through third-party platforms like Salesforce. The Cybersecurity and Infrastructure Security Agency (CISA) has also updated its Known Exploited Vulnerabilities catalog, adding critical issues like CVE-2021-22054, CVE-2025-26399, and CVE-2026-1603 that are actively exploited. These incidents underline the pressing need for organizations to reinforce their cybersecurity protocols and prepare for potential breaches through effective incident response strategies and regular employee training.

Also In Security Today

CISA Alerts on Active Exploits: CISA warns that several critical vulnerabilities are currently being exploited, urging immediate patching of CVE-2021-22054 and newer flaws to mitigate risks.
SSL VPN Vulnerabilities: SonicWall's advisory on disabling SSL VPNs on Gen 7 firewalls highlights the importance of reviewing firewall configurations and ensuring all systems are up to date with security patches.
Social Engineering Tactics on the Rise: The ShinyHunters group's use of social engineering in recent breaches serves as a stark reminder of the need for ongoing employee training to recognize and respond to phishing attempts.
Ransomware Trends: Experts predict that ransomware attacks will continue to evolve, with attackers increasingly targeting supply chains and third-party services, necessitating enhanced security measures across all sectors.

Analyst's Take

Today's incidents underscore a grim reality in the cybersecurity landscape, where organizations of all sizes are vulnerable to sophisticated ransomware and data breaches. The involvement of well-known threat actors like Akira and ShinyHunters indicates a trend toward targeting high-value assets and leveraging third-party vulnerabilities. Security professionals must prioritize patch management and employee training to combat these threats effectively. The emergence of new CVEs reinforces the necessity for proactive vulnerability assessments and incident response planning. Organizations should not only react but also implement layered defenses to mitigate risks in this evolving threat landscape.