Weekly Cybersecurity News: August 17-24, 2025

Major Indian Cybersecurity Events

1. India Leads Global Malware Attacks with AI-Driven Surge

India emerged as the most targeted nation globally for malware attacks, accounting for 12.4% of all monitored endpoints, according to Acronis’ biannual cyberthreat report released on August 22, 2025. The report, based on data from over one million unique endpoints worldwide, revealed that India’s rapidly expanding digital economy has created an enlarged attack surface, making it increasingly vulnerable to sophisticated threats such as AI-powered phishing and impersonation attacks.theweek+3

Key findings show that ransomware remains the primary threat for large and medium-sized businesses, with cybercriminal groups increasingly leveraging AI to automate their activities. Phishing incidents on collaboration platforms like Microsoft Teams and Slack surged dramatically from 9% to 30.5% in the first half of 2025. Advanced email threats, including payload-less and spoofed attacks, rose sharply from 9% to 24.5%, highlighting the urgent need for AI-informed security systems across Indian enterprises.ndtv+3

2. Intensified Cyber Threats Around Independence Day Celebrations

Ahead of India’s 79th Independence Day on August 15, 2025, hacktivist groups and cybercriminals launched over 4,000 coordinated attacks targeting government, finance, and defense sectors. The threat escalated following the Pahalgam terror attack, with threat actors from Pakistan, China, and other nations executing sophisticated campaigns including phishing, fake websites, data breaches, and targeted scams.cloudsek

Pakistan-nexus APT groups including APT36 (Transparent Tribe) and SideCopy actively targeted Indian government and military websites by registering new domain infrastructure that meticulously impersonated the Indian Army, DRDO, Ministry of Defence, and government email services. These groups deployed custom malware such as CapraRAT through spear-phishing emails, enabling persistent espionage against high-value defense and government targets. China-linked APT41 also expanded its targeting to sectors including telecom, manufacturing, technology, and finance in India, leveraging supply chain intrusions and credential theft campaigns.cloudsek

Global Cybersecurity Developments

3. Microsoft Emergency Update for Broken Windows Recovery Systems

Microsoft released emergency out-of-band updates on August 21, 2025, to fix a critical issue where the August security updates broke Windows reset and recovery operations. The problem affected millions of users on Windows 11 23H2/22H2 and Windows 10, causing the “Reset this PC” and “Fix problems using Windows Update” features to fail completely.windowslatest+3youtube

The buggy updates included KB5063875 for Windows 11 and KB5063709 for Windows 10, which caused reset attempts to immediately roll back changes, leaving users unable to reinstall their systems. Microsoft’s emergency fixes were released as KB5066189 for Windows 11 and KB5066188 for Windows 10. The incident highlighted serious quality control issues with Microsoft’s patch management process, as the company should have pulled the faulty updates immediately upon discovery.youtubeforbes+3

4. Manpower Group Ransom Hub Ransomware Disclosure

Global staffing firm Manpower disclosed on August 12, 2025, that a RansomHub ransomware attack had compromised the personal information of 144,189 individuals. The attack occurred between December 29, 2024, and January 12, 2025, at a Lansing, Michigan franchise, with the breach discovered during an IT outage investigation on January 20, 2025.bleepingcomputer+1

RansomHub claimed to have stolen approximately 500GB of highly sensitive data, including Social Security cards, passports, driver’s licenses, employee work hours, worksite details, customer lists, financial statements, HR analytics, and confidential contracts. The attackers posted screenshots of the stolen files as proof, demonstrating the extensive nature of the breach. This incident underscored the significant value of HR-related data to cybercriminals and highlighted vulnerabilities in staffing industry systems that manage sensitive employee and client information.theregister+2

5. Data I/O Corporation Ransomware Attack

Electronics manufacturer Data I/O reported a ransomware attack to the SEC on August 21, 2025, that began on August 16 and severely impacted critical operational systems. The Redmond, Washington-based company, which produces electronics for automotive and consumer devices with clients including Tesla, Panasonic, Amazon, Google, and Microsoft, experienced outages affecting shipping, manufacturing, production, and support functions.therecord

The company admitted that the expected costs related to the incident are “reasonably likely to have a material impact” on its financial condition, with the attack forcing systems offline across its global IT network. Data I/O reported $5.9 million in sales last quarter, making the financial impact particularly significant for the company. The incident reflects the broader trend of ransomware attacks targeting industrial entities, with cybersecurity firm Dragos tracking 657 such attacks globally between April and June 2025.therecord

The week of August 17-24, 2025, demonstrated the evolving cybersecurity landscape with AI-enhanced threats, nation-state activities around significant dates, critical infrastructure vulnerabilities, and the continued effectiveness of ransomware attacks against both government and private sector targets.

1. https://timesofindia.indiatimes.com/technology/tech-news/india-leads-global-malware-attack-list-as-ai-driven-ransomware-escalates-acronis-report/articleshow/123456423.cms
2. https://www.theweek.in/wire-updates/business/2025/08/22/dcm41-biz-acronis-cybersecurity-report.html
3. https://www.ndtv.com/india-news/india-tops-global-malware-attack-chart-as-ai-drives-ransomware-surge-report-9139860
4. https://telematicswire.net/india-emerges-as-ground-zero-for-global-cyberthreats-finds-acronis-latest-report/
5. https://cisoforum.in/acronis-report-reveals-india-tops-global-malware-charts-as-aifuels-surge-in-ransomware/
6. https://www.cloudsek.com/blog/cybersecurity-in-focus-recent-threats-targeting-india-amid-independence-day-celebrations
7. https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-updates-to-fix-windows-recovery/
8. https://www.windowslatest.com/2025/08/19/microsoft-admits-it-broke-reset-this-pc-in-windows-11-23h2-kb5063875-windows-10-kb5063709/
9. https://www.youtube.com/watch?v=zTDAQRjaidk
10. https://www.forbes.com/sites/zakdoffman/2025/08/19/microsoft-confirms-windows-is-broken-emergency-update-on-way/
11. https://www.theregister.com/2025/08/19/windows_reset_recovery_broken/
12. https://firecompass.com/weekly-cybersecurity-intelligence-report-cyber-threats-breaches-11-aug-18-aug/
13. https://www.bleepingcomputer.com/news/security/manpower-staffing-agency-discloses-data-breach-after-attack-claimed-by-ransomhub/
14. https://www.theregister.com/2025/08/12/manpower_franchise_data_breach/
15. https://www.hrdive.com/news/manpowergroup-ransomware-attack-leaked-customer-data/757800/
16. https://therecord.media/electronics-manufacturer-dataio-ransomware
17. https://www.idsa.in/wp-content/uploads/2025/01/ICCOE_Report_2024.pdf
18. https://eventussecurity.com/cybersecurity/india/cyber-attacks/
19. https://www.ecsinfotech.com/top-ransomware-attacks-in-india/
20. https://thehackernews.com
21. https://www.india-briefing.com/news/massive-data-breaches-cyber-threats-india-15405.html/
22. https://konbriefing.com/en-topics/cyber-attacks.html
23. https://sansadtv.nic.in/episode/perspective-rise-in-cyber-fraud-in-india-12-august-2025
24. https://bostoninstituteofanalytics.org/blog/cybersecurity-ethical-hacking-news-key-updates-and-threats-from-2nd-to-9th-august-2025/
25. https://cybernews.com
26. https://www.quickheal.co.in/documents/threat-report/india-cyber-threat-report-2025.pdf
27. https://cybersecuritynews.com
28. https://www.cm-alliance.com/cybersecurity-blog/major-cyber-attacks-ransomware-attacks-and-data-breaches-of-june-2025
29. https://www.hornetsecurity.com/en/blog/monthly-threat-report/
30. https://tech.co/news/data-breaches-updated-list
31. https://www.integrity360.com/cyber-news-roundup-august-8th-2025
32. https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
33. https://www.brightdefense.com/resources/recent-data-breaches/
34. https://www.linkedin.com/pulse/cybersecurity-news-week-patch-report-august-17-2025-stan-stahl-phd-arrzc
35. https://spin.ai/resources/ransomware-tracker/