Universities, schools, and other educational entities around the world experienced 251 ransomware intrusions last year, which is only 2% higher than in 2024, compared with the 32% year-over-year increase overall ransomware incidence, K-12 Dive reports.

Nearly 165,000 more accounts were discovered by leading South Korean e-commerce firm Coupang to have been impacted by the massive data breach in November, which was confirmed to have impacted 33.7 million users, reports Korea JoongAng Daily.

Automated investment platform Betterment was reported by data breach notification Have I Been Pwned to have had data from nearly 1.4 million user accounts compromised following a cyberattack last month, according to The Register.

TechCrunch reports that major U.S. government technology provider Conduent had data from over 25 million individuals confirmed to have been stolen as a result of a SafePay ransomware intrusion in January 2025, which resulted in government service outages.

Infosecurity Magazine reports that AI-enabled voice and virtual meeting fraud incidents that typically involved interactive voice response systems for reconnaissance surged by 1,210% between January and December last year, compared with a 195% increase in traditional fraud over the same period.

Almost 7.1% of open-source AI agent OpenClaw skills on the ClawHub marketplace have facilitated the exposure of API keys, credentials, and credit card details due to an issue in SKILL.md instructions, The Register reports.

AI-based scam spoofing law firms uncovered More than 150 domains spoofing law firms have been created as part of an AI-assisted business impersonation scam, according to SecurityWeek.

Attacks leveraging Windows screensaver files to facilitate clandestine delivery of remote monitoring and management tools have been launched against multiple organizations as part of a spearphishing campaign, reports Cybernews.

This evolution coincided with the re-establishment of internet access following a government-imposed blackout, according to a report by SafeBreach.

Alleged sample records shared on BreachForums indicate the inclusion of complete user account details, such as account creation dates, update timestamps, notification preferences, and internal moderation flags like "is_global_admin" and "has_passed_captcha."