Top 5 Cybersecurity News Stories August 29, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. IT system supplier cyberattack impacts 200 municipalities in Sweden

A cyberattack has struck Miljödata, an IT system supplier providing HR, rehabilitation, and personnel administration services to around 80% of Swedish municipalities. The incident, discovered on August 23, 2025, has disrupted operations in municipalities including Skellefteå and Karlstad, with local governments activating incident response procedures.

Authorities are investigating potential exposure of sensitive personal data, though the extent of the breach remains unclear. Impacted organizations are preparing reports to the Swedish Data Protection Authority (IMY) while containment and recovery efforts continue under established crisis protocols.
Read more on BleepingComputer

2. Someone Created the First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model

A novel form of ransomware has been developed using the open-source model GPT-OSS:20B, marking the first instance of AI-powered ransomware. Leveraging a large language model, the code demonstrates how AI can autonomously craft malware—signifying a shift in threat sophistication and evolution of automated attack tools.

Security professionals must anticipate adversaries increasingly leveraging AI for autonomous development, testing, and deployment of malware. This development highlights the widening attack surface as AI capabilities grow within offensive security.
Read more on The Hacker News

3. Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Between August 8 and August 18, 2025, attackers exploited a compromised OAuth integration between Salesloft and the Drift AI chat agent, exfiltrating OAuth and refresh tokens tied to Salesforce customer environments. The campaign has been attributed to UNC6395, per Google Threat Intelligence Group and Mandiant.

By using these tokens, actors accessed customer data within Salesforce, escalating the risk of broader CRM-targeted attacks. The incident underscores critical vulnerabilities arising from third-party SaaS integrations and highlights urgent need for better token management and access controls.
Read more on The Hacker News

4. TransUnion suffers data breach impacting over 4.4 million people

Credit reporting agency TransUnion has reported a data breach impacting over 4.4 million individuals in the United States. The compromised data was stolen from the company’s Salesforce account, according to BleepingComputer.

While TransUnion has not confirmed a network-level breach, the incident raises concerns about CRM-based exfiltration and data governance practices, particularly concerning Personally Identifiable Information (PII) stored in SaaS platforms. A review of token access and integration security may be warranted to prevent similar incidents.
Read more on BleepingComputer

5. Nevada IT Systems Hit by Cyberattack – State Office Closed for Two Days

Nevada state IT systems suffered a cyberattack resulting in the closure of state offices for two days. The disruption affected internal operations across government functions, though precise technical details—including the nature of the breach, affected systems, or threat actors—remain undisclosed.

The incident highlights the real-world impact of cyber threats on public service delivery, emphasizing the need for resilient infrastructure, incident response preparedness, and continuity planning across government IT environments.
Read more on CybersecurityNews

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!