Alert: Major Global Cyber Attacks and Critical Vulnerabilities Reported on July 15, 2025

Published: July 15, 2025

New Cyber Incidents Today

• Critical SAP NetWeaver Vulnerability (CRGV-2025-31324) : There has been a wave of targeted exploitation of a recently disclosed weakness in SAP NetWeaver, spurred by China-linked APT threat networks. These attacks have compromised at least 581 critical systems globally, focusing on the gas, water, and medical manufacturing communities in the UK and US — as reported by Bright Defense.

• %%Major Ransomware and Data Breaches%% : The acceleration of giant ransomware and data breaches in the past months includes these very large incidents:

• Nearly 24.45 million customer records were leaked in a breach involving Motel One by the ALPHV/BlackCat ransomware group GetAstra.

• Johnson Controls suffered a launch of a targeted ransomware attack by Dark Angels. This organization absorbed over 27 TB (terabytes) of data exfiltrated on their virtual infrastructure, and encrypted many VMware ESXi virtual machines in their mainlines CM-Alliance

• Bank Sepah Attack : Quickly after the revelation between Iran and Israel, a banking group with alleged links to Israeli intelligence announced they broadly disrupted banking services, ATM withdrawals, card payments, and multiple fuel services CM-Alliance

• %%Government Targets and Spear Phishing%% : A series of political and intelligence-targeted attacks continues. Chinese-backed groups targeted US government administrators and infrastructure operators in the US, gas and water sectors in the UK (and more), as well as ministries in Saudi Arabia CSIS, Bright Defense

Defense recommendations:

• Ensure to apply the latest SAP NetWeaver patches, closely monitoring all critical IT web applications.
• Update directories immediately about any dark web vulnerabilities recently reported.