When a cyberattack happens, its effects often linger long after the incident and that’s what we’re seeing with Jaguar Land Rover (JLR).
A major cloud provider is also in the spotlight after outages. Two companies face trouble after their partners suffer a ransomware attack and a data breach.
Meanwhile, an Australian energy firm uncovered an insider threat. An airport, airline and toy store have also been breached.
In Hanoi, a new global cybercrime treaty has just been signed.
Learn all about these below.
Global Cybercrime Treaty Signed in Hanoi
About 60 countries gathered in Hanoi over the weekend to sign a new United Nations treaty against cybercrime. The goal is to make it easier for countries to work together against crimes like phishing, ransomware, and online trafficking.
Once 40 nations ratify it, the treaty will become official international law.
At the signing, U.N. Secretary-General Antonio Guterres referred to the treaty as a step toward a safer online space. Vietnam’s President, Luong Cuong, praised the moment as proof that countries can unite for peace and stability.
Still, not everyone is convinced. The Cybersecurity Tech Accord, which includes big tech companies, warned that the treaty might become a “surveillance tool,” giving governments too much access to private data. But the U.N. Office on Drugs and Crime insists there are human rights protections built in, but some experts remain skeptical, given Vietnam’s record with online censorship.
What’s the Implication of This?
If implemented fairly, this could become the strongest global move against cybercrime. It would allow governments to share evidence easily and track attacks across borders. But it also means more power in government hands, which could threaten privacy or freedom of expression if abused.
What You Can Do
- See if your government plans to ratify it and under what conditions.
- Monitor proposed domestic rules on data sharing or cybersecurity that may appear in response.
- If you are in tech or law, follow how “cybercrime” and “ethical hacking” are being defined in your country’s legal system.
Hackers Target Adobe Commerce and Magento Again
If your website runs on Adobe Commerce or Magento, there’s a new danger. Security company Sansec has warned of a flaw that allows hackers to sneak in fake session files and plant PHP backdoors, which can give them full control over a site.
The issue, listed as CVE-2025-54236, is a deserialization flaw. In simple terms, it lets attackers trick the system into running harmful code. The bad news is that exploit codes are already out in public, which means anyone with basic skills can use them.
The attacks use the “/customer/address_file/upload” route, the same path customers use for normal uploads, making them hard to detect.
What’s the Implication of This?
This could lead to stolen customer data, hijacked payment pages, or full website takeovers. Since the exploit code is public, the number of attacks could rise quickly. It also shows that some online store platforms are still struggling to patch long-term weaknesses.
What You Can Do
- Install the latest Adobe patch immediately.
- Check your “upload” folder for strange PHP files and review your access logs for suspicious IPs like, 34.227.25[.]44, 4.212.43[.]34, 54.205.171[.]35, 155.117.84[.]134, 159.89.12[.]166.
- Limit who can upload files, and stay updated on Adobe’s future advisories since these flaws often come in pairs.
Dublin Airport Data Breach Exposes Millions
If you passed through Dublin Airport in August, your travel information might be part of a new data breach. The airport operator, DAA, confirmed that one of its suppliers, Collins Aerospace, suffered a cyberattack that exposed passenger boarding details from August 1 to 31.
That month was one of the busiest in Dublin’s history, with nearly 3.8 million passengers. Officials said daa’s main systems were not affected, but Ireland’s Data Protection Commission has been notified. Investigators suspect that hackers may have already shared samples of the stolen data online.
Airlines are now contacting affected travelers. Cork Airport, also managed by DAA, was not affected.
What’s the Implication of This?
This shows how a single third-party vendor can compromise a large system. Even if the main airport servers are protected, outside partners can become weak points. If the leaked data includes boarding or booking details, travelers could face phishing attempts or scam emails disguised as airline messages.
What You Can Do
- Be cautious of emails claiming to be from airlines or booking platforms.
- Do not click on random links asking you to confirm flight details.
- Visit airline websites directly instead.
- Change passwords for travel accounts and monitor them closely over the next few weeks.
Alaska Airlines Cancels 400 Flights After IT Failure
Alaska Airlines grounded hundreds of flights across the United States after a system failure at its main data center. The outage forced the carrier to cancel over 400 flights, affecting about 49,000 passengers.
The airline said it has now restored operations but admitted the disruption revealed deeper issues with its IT systems. Shares fell 6% after the incident. Alaska Airlines plans to bring in outside experts to inspect its entire technology setup to avoid a repeat of the problem.
This isn’t the first time such an outage has happened. A similar issue in July led to hours of grounded flights and cost the company money in its quarterly report. The airline stressed that the latest failure was not caused by a cyberattack but by an internal system issue.
What’s the Implication of This?
The repeated failures show how fragile airline technology systems can be. Even without hackers involved, one data center problem can affect thousands of passengers and cost millions.
What You Can Do
- If you’re flying soon, download Alaska Airlines’ app and turn on flight alerts.
- Keep essential items like medication or chargers in your carry-on in case of long delays.
- Also, check flight status before heading to the airport, especially with carriers that have faced recent outages.
Toys “R” Us Canada Confirms Data Breach
Toys “R” Us Canada has alerted customers that hackers leaked personal records stolen from its database. The breach came to light on July 30 when a threat actor posted customer information on the dark web.
The company hired cybersecurity experts to investigate and later confirmed that the data was authentic. The exposed information includes names, physical addresses, email addresses, and phone numbers.
However, passwords and payment details were not affected.
The company, which operates 40 stores across Canada, has since improved its IT security.
What’s the Implication of This?
Even though credit card data wasn’t leaked, the exposed contact details could be used for targeted phishing. This shows how retail companies remain major targets for data theft because of the amount of customer information they store.
What You Can Do
- Ignore suspicious messages asking for your personal information.
- If you receive an email claiming to be from Toys “R” Us, go to the official website instead of clicking any link.
- Review your email and phone security settings, and consider using spam filters to block unwanted messages.
Jaguar Land Rover Cyberattack Costs $2.5 Billion
It's common knowledge that the cyberattack that happened to JLR paused production for more than a month. Now, experts at the Cyber Monitoring Centre (CMC) say the blow may have cost the UK economy about £1.9 billion ($2.5 billion).
And that's not all, the CMC is calling it the most damaging cyber incident in Britain’s history! JLR had to restart its plants gradually after a full shutdown that almost brought its network of suppliers to a halt.
More than 5,000 organizations felt the impact. A politician even called it a “cyber shockwave,” warning that thousands of jobs were at risk. To soften the hit, JLR rolled out a financing plan to help its suppliers stay afloat. The CMC reports that the cost covers both JLR’s production losses and the effect across its entire supply chain.
What’s the implication of this?
This incident shows how cyberattacks can go beyond company walls and affect entire economies. When a major manufacturer like JLR stops production, the financial shock spreads to smaller businesses and communities that depend on it.
What you can do
- Always review your vendors’ security. A weak link can expose you.
- Segment your network so one breach cannot spread across departments.
- Keep an incident response plan and test recovery from clean, offline backups.
- Give users and systems only the permissions they need to operate.
AWS Restores Operations After Global Outage
Amazon Web Services (AWS) is back up after a major outage that threw thousands of websites and apps off balance. Platforms like Reddit, Snapchat, Venmo, and Zoom were among those affected.
The issue started in AWS’s US-EAST-1 data center in Virginia, where a network health monitoring glitch caused problems across the board. It also hit AWS’s Domain Name System (DNS), which made it tough for apps to reach key services like DynamoDB. Most systems were running again after a few hours, but some took longer to fully recover.
What’s the implication of this?
Experts say the incident is a reminder of how much the internet depends on a handful of cloud providers. Even a brief disruption at a single AWS region can affect the world. Businesses that depend only on one provider risk downtime, loss of revenue, and customer frustration when things go wrong.
What you can do
- If you run cloud-based systems, design for redundancy.
- Use backups, multi-region setups, or even multi-cloud options to keep operations running.
- Test recovery plans regularly, not just on paper.
Verisure Confirms Data Breach Through Billing Partner
Swedish security company Verisure reported a data breach through one of its external billing partners. The affected brand, Alert Alarm, has about 35,000 current and former customers in Sweden.
The exposed data includes names, addresses, emails, and social security numbers. The company said its own systems were not affected and it has notified police and data protection authorities.
What’s the implication of this?
Third-party vendors remain a common weak point. Even companies that specialize in security can fall victim when an external partner’s defenses fail.
What you can do
- Customers should stay alert for emails or calls that request personal information.
- Businesses must conduct regular audits of vendor security and ensure contracts define how data should be protected.
Origin Energy Investigates Insider Data Breach
Australian energy giant Origin Energy confirmed that an employee tried to steal credit and debit card details of over 700 customers. The attempt occurred shortly after the employee was dismissed.
Origin said the data was encrypted and there’s no evidence it was accessed or shared externally, but it could not guarantee it was safe. The company reported the matter to law enforcement and the Australian Signals Directorate.
What’s the implication of this?
According to a 2024 report, most companies still struggle with insider threats. About 71% say they’re at least somewhat vulnerable, and 51% faced six or more insider-related incidents in 2023. It’s a clear warning that the real danger isn’t always from outsiders. When employees mishandle or abuse access to sensitive systems, the damage can be just as serious as a hacker’s attack.
What you can do
- Companies should enforce strict access controls.
- Monitor for unusual or large data transfers.
- Limit the amount of information any single employee can access.
- Individuals affected should replace compromised cards.
- Affected customers should monitor their accounts closely.
- Accept the one-year free credit monitoring offered by Origin Energy.
These incidents remind us that cyber risks are all connected. From ransomwares, data breaches, insider threats to cloud outages so whether it’s a global brand or a small business, security gaps anywhere can have implications. Always review your defenses before someone else does it for you.
Did you find this news roundup helpful? Kindly subscribe to our blog for more real case breakdowns, and don't forget to join our newsletter for security updates.