Davos 2026 revealed an elite world torn between ambition and anxiety as AI promises growth while threatening jobs, power grids and geopolitics. From warnings of mass workforce disruption to energy bottlenecks and strategic rivalry, leaders framed AI as both engine risk shaping decades ahead
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
Berlin-based GeneralMind, founded by the team behind German unicorn Razor Group, has secured $12 million in pre-seed funding to develop its AI-driven "System of Action" for automating enterprise workflows. The platform acts as an autopilot for repetitive white-collar tasks across ERPs and email.
Louis Vuitton confirms global data breach affecting UK, South Korea, and Turkey customers. Critical Wing FTP Server vulnerability actively exploited with CISA warning. Romanian authorities arrest 13 in £47 million UK tax phishing operation.
Cyber News Centre's cyber update for 15th July 2025: Louis Vuitton has disclosed a global data breach affecting customers across the UK, South Korea, and Turkey, with attackers accessing systems for nearly a month before detection. Wing FTP Server has confirmed active exploitation of a critical vulnerability that CISA warns "guarantees total server compromise." Meanwhile, Romanian authorities have arrested 13 individuals in connection with a sophisticated phishing campaign that cost UK taxpayers £47 million.
French luxury retailer Louis Vuitton, owned by LVMH Group, specializes in high-end fashion, leather goods, and accessories with a global customer base spanning premium markets worldwide.
Update: Louis Vuitton discovered a security breach on July 2, 2025, that exposed customer personal information across multiple countries including the UK, South Korea, and Turkey. The incident compromised customer names, contact details, and purchase histories, though the company confirmed that passwords, payment card data, and other financial information remained secure.
Attackers maintained access to Louis Vuitton's systems for nearly a month before detection, with approximately 143,000 Turkish residents affected. This marks the third breach of LVMH's systems within three months, indicating a concerning pattern of targeting luxury brands. The breach may be linked to a third-party service provider account, and while no ransomware group has claimed responsibility, public information suggests this was a ransomware attack.
Why it Matters: This latest breach reflects a growing trend where luxury conglomerates are becoming prime targets for sophisticated cyberattacks. As brands like Louis Vuitton operate across multiple regions with complex digital supply chains, they face mounting challenges in securing customer data globally. The international scope of this incident also highlights the urgent need for LVMH and similar companies to align their cybersecurity practices with emerging global standards and regulatory expectations.
Wing FTP Server provides file transfer protocol software for Windows, Linux, and macOS, serving thousands of organizations including the U.S. Air Force, Airbus, Sephora, Reuters, and Sony for secure file transfers.
Update: The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-47812 to its Known Exploited Vulnerabilities catalog, warning that this Wing FTP Server flaw "guarantees total server compromise" with a maximum 10.0 CVSS severity score. Active exploitation began on July 1, 2025, with federal agencies ordered to patch by August 4. The vulnerability allows attackers to inject arbitrary Lua code through mishandled null bytes in user and admin web interfaces, enabling complete system takeover.
Huntress security researchers observed multiple attackers targeting the same victim systems, attempting to download malicious files, conduct reconnaissance, and install remote monitoring software. Shadowserver Foundation reports approximately 2,000 Wing FTP Server instances exposed globally, while Censys identified 8,103 exposed devices with 5,004 having vulnerable web interfaces.
Why it Matters: File transfer tools represent high-value targets for cybercriminals due to their access to large data repositories and critical business operations. The maximum severity score and CISA's urgent warning underscore the immediate threat to organizations using unpatched systems. With thousands of exposed instances globally and active exploitation confirmed, this vulnerability poses significant risks to critical infrastructure and enterprise operations.
The pattern of targeting file transfer solutions follows previous campaigns against CrushFTP, MOVEit, and GoAnywhere, indicating systematic attacks on data transfer infrastructure that could facilitate large-scale data theft and ransomware deployment across multiple sectors.
HMRC (His Majesty's Revenue and Customs) serves as the UK's tax collection and customs authority, responsible for collecting taxes and administering various government benefits and payments for millions of British citizens.
Update: Romanian police arrested 13 individuals aged 23-53 in the counties of Ilfov, Giurgiu, and Calarasi on July 10, 2025, in connection with a sophisticated phishing campaign targeting UK's HMRC tax service. The operation involved over 100 Romanian police officers working alongside HMRC investigators in a joint investigation coordinated by the Prosecutor's Office attached to the Court of Appeal in Bucharest and the UK's Crown Prosecution Service.
The suspects face charges of computer fraud, money laundering, and illegal access to computer systems after allegedly stealing personal data to submit fraudulent PAYE claims, VAT repayments, and Child Benefit payments. The campaign affected 100,000 HMRC customers and resulted in £47 million in losses to UK taxpayers, with HMRC confirming it was the third most spoofed UK government body in 2022 behind the NHS and TV Licensing.
Why it Matters: This international law enforcement operation demonstrates the global nature of cybercrime and the necessity for cross-border cooperation in combating sophisticated fraud schemes. The £47 million loss and 100,000 affected customers highlight the massive scale of modern phishing operations targeting government services. HMRC's position as the third most spoofed UK government entity indicates systematic targeting of critical public services that citizens rely on for essential transactions.
The successful arrests show that international cooperation can effectively disrupt cybercriminal networks, but the scale of the operation suggests that similar campaigns may be targeting other government services across multiple countries, requiring enhanced vigilance and coordinated defense strategies.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments that impact cybersecurity.
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
A newly disclosed vulnerability in Schneider Electric's Foxboro DCS, a widely used industrial control system, could allow attackers to disrupt critical infrastructure operations. The flaw, originally from Intel, affects energy and manufacturing sectors worldwide, including Australia.
Microsoft has issued an emergency patch for a critical zero-day vulnerability (CVE-2026-20805) in its Windows operating system that is being actively exploited by attackers. The flaw affects all supported versions of Windows.
Japanese automaker Nissan is the latest victim of the Everest ransomware group, which claims to have stolen 900GB of sensitive data. The breach, announced January 10, threatens internal records, dealer info, and possibly customer data —raising serious concerns for its Australian operations.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
