Cybersecurity threats continue to surge, affecting organisations and individuals across multiple industries worldwide.
Attackers are deploying increasingly sophisticated techniques, from ransomware and data theft to espionage campaigns and spoofed websites. In this month’s roundup, we’ll look at incidents spanning early education, automotive manufacturing, aviation, telecommunications, and online services.
Cybercrime is diversifying as cybercriminals continue to find new ways to exploit vulnerabilities and access sensitive information.
Cybercriminals have hacked Kido, a nursery chain with sites in London, the US and India, stealing sensitive data on around 8,000 children, including names, addresses, and photographs.
The group, calling itself Radiant, is demanding ransom and has reportedly contacted some parents directly. Experts have condemned the attack as a shocking new low, with the National Cyber Security Centre describing it as “deeply distressing.”
Parents confirmed they were notified quickly, though some questioned the nursery’s data protection measures. Authorities, including the Metropolitan Police and the Information Commissioner’s Office, are investigating. This shows just how important it is to protect personal data, with children’s information now becoming a new target.
Jaguar Land Rover has confirmed that its UK plants in Solihull, Halewood, and Wolverhampton will remain closed until at least next week following a cyberattack earlier this month.
The disruption has halted production of around 1,000 cars a day, with staff sent home and dealerships struggling to operate. The company said some data may have been compromised and is working with regulators and the National Cyber Security Centre.
The hacking group Scattered Lapsus$ Hunters has claimed responsibility, having previously targeted M&S. Business minister Chris Bryant has been in talks with JLR leadership as investigations and recovery efforts continue. The automotive space continues to be an area vulnerable to evolving cyber attacks, with Hyundai having fallen victim to cybercrime back in 2024. You can read more about the attack here.
A cyber-attack on Collins Aerospace’s check-in and baggage software caused widespread disruption across European airports, including Heathrow, on Saturday. Passengers faced long queues, flight delays, and manual check-in procedures, with some missing connections and critical journeys.
Brussels and Berlin airports reported significant impacts, while Dublin and Cork saw minor issues. Heathrow confirmed that most flights were still operating, but warned that delays would continue as recovery efforts progressed. The UK’s National Cyber Security Centre and European authorities are investigating, and authorities have since arrested a man in West Sussex in connection with the attack.
He has been released on conditional bail as the investigation, which has been confirmed to involve ransomware, continues. Collins Aerospace says it is restoring systems and working with airlines to secure future operations, but experts warn this incident highlights aviation’s vulnerability to digital system failures.
The FBI has issued a warning after discovering fake websites imitating its official Internet Crime Complaint Center (IC3) portal. These fraudulent sites are designed to trick users into sharing personal information, including addresses, banking details and contact data, that could later be used for fraud or identity theft.
The Bureau stressed that the IC3 will never request payment, partner with private firms to recover lost funds, or directly contact individuals for money or sensitive data. To stay safe, officials urge the public to always type ic3.gov directly into their browser, avoid sponsored search results, verify the “.gov” domain, and report spoofed sites only through the legitimate IC3 platform or local FBI offices.
The China-aligned group Salt Typhoon has targeted global telecommunications infrastructure, including routers, firewalls, and VPN gateways, to steal communications metadata, VoIP configurations, and subscriber data. Using custom firmware implants called Demodex and exploiting known vulnerabilities, the group achieves long-term stealthy access while blending into regular network traffic.
Their operations support both intelligence collection and the potential to disrupt communications during crises. Experts recommend patching, rebuilding firmware, and monitoring for unusual outbound traffic to mitigate risks. Chat to our team about solutions to protect telecoms infrastructure against cybercrime.
The recent spate of attacks highlights the importance of implementing robust, proactive cybersecurity measures. Whether defending against ransomware targeting nurseries and carmakers, preventing data exfiltration, or educating the public about fraudulent reporting websites, businesses must implement layered defences and maintain vigilance over both internal and external threats.
At Brigantia, we help partners deploy effective cybersecurity solutions, combining expertise and leading technology to safeguard sensitive data, maintain operational resilience and respond effectively to emerging threats.
Cyber threats are constantly evolving, and staying ahead requires a comprehensive and integrated cybersecurity strategy. Our team works closely with clients to implement tailored cybersecurity solutions using our selection of leading vendors.
From threat detection and prevention to incident response and recovery, we provide the tools and guidance organisations need to protect their data, infrastructure, and customers. To explore our cybersecurity solutions and vendors, please get in touch with our team today.
Enjoyed this article? Want to get the latest in cybersecurity news? Read more blogs from our team.