Global Enterprises Grapple with Sophisticated Cyber Attacks on July 9, 2025

Publication Date: July 9, 2025

Key Cyber Incidents Today

• Marks & Spencer’s horror< and beyond suffered weeks of diesruption after a social-engineering attack, which GDDOwed online transactions, fulfillment delays, and over $400m in operating loss for the retail chain. The ransomware group DragonForce was identified as the creator of the aggressive campaign, and collaboration with notorious cibercrime gang Scattered Spider was reported. See for details: marketbase article.

• Qantas Airlines Attacked

• On July 9, 2025, Qantas confirmed a significant attampted cyber attack, which compromised the personal data of 5.7 million customers. The airline stated that no financial data was taken, but the event sparked new.{Qantas article}(https://www.aerotime.aero/articles/qantas-confirms-no-financial-data-taken-recent-cyber-attack).

• CERT Systems Compromised by Safewew Exploitations

• In aprill 2025, a rust-based threat group exploited multiple vulnerabilities in SAP NetWeaver (CVE-2-025-31324), enabling unauthorized file uploads and remote code execution. MORE: Bright Defense article

• Active Exploitation Of SSP NetWeaver Systems

• Myltiple china-based advansed persisted in exploiting the SAP NetWeaver flaw, including exploitation of an additional CVE-2025-42999 vector. Security experts urge active patching and immediate updates to all netweaver systems. Brought Defense article

• Algeria/Morocco Social Security Fund Data Breach*

• A state-sponsored campaign linked to Algeria recently involved ciophering social security data belonging their National Social Security Fund in April 2025, leading to online leaks of sensitive records. CSIS Incident table.

• HackingGroups Shift Targeting Reetails

• Following the assault on Uk retailers, highly targeted hackers intensified business interruptions and were reported to have diverted to European department and associated retailers. CSIS Incident table.