OSRS Monthly Threat Report – May–June 2025: Digital Storm Rising
- Dr. Oludare Ogunlana
- Jun 28, 2025
- 3 min read
I. INTRODUCTION
The digital world continues to evolve, offering unparalleled connectivity—but also exposing critical infrastructure, businesses, and individuals to persistent and growing cyber threats. The months of May and June 2025 saw a significant escalation in cyber incidents both across Africa and globally. This report outlines 10 major African incidents and key global breaches to help security professionals, public institutions, and private firms stay ahead of adversaries.
At OSRS, our mission is to secure organizations through real-time threat intelligence, forensic investigation, training, and proactive defense strategies. This report highlights the incidents and trends that shaped the threat landscape over the last 60 days.
II. AFRICA UNDER CYBER SIEGE
According to INTERPOL’s June 2025 Cyberthreat Report, cybercrime now accounts for over 30% of reported crimes in many African countries. Below are 10 major incidents observed across the continent:
# | Incident | Country | Date | Type | Impact | Actor |
1 | Flutterwave | Nigeria | June 2025 | Financial Fraud | $7M lost via phishing and WhatsApp grooming | Scammers |
2 | Eastplats | South Africa | May 27 | Data Breach | Internal files leaked | Unknown |
3 | South African Airways | South Africa | May 3 | Disruption | Website & systems impacted | Cybercriminals |
4 | ENEO | Cameroon | June | Ransomware | Utility disruption | Unspecified |
5 | Telecom Namibia | Namibia | Dec 2024–May 2025 | Ransomware/Data Leak | 400k+ files exfiltrated | Hunters International |
6 | Kenya National Assembly | Kenya | May 31 | DDoS/Spam | Email system shut down | Unknown |
7 | ANCFCC | Morocco | June 2 | Leak | 20k+ land documents released | Jabaroot |
8 | Gov’t & Security Agencies | Morocco | June 4–10 | DDoS & Data Theft | 27 attacks, 16.6TB data stolen | NoName057(16) |
9 | Business Email Compromise | Nigeria | 2024–2025 | Sextortion/BEC | $19.6M+ in losses | Various |
10 | Africa-wide Trend | Multi-country | Ongoing | Mixed Methods | >$3B losses since 2019 | Multiple actors |
OSRS RESPONSE: OSRS supports African governments and enterprises with:
Dark web monitoring
Endpoint threat detection
Simulation-based staff training
Real-time forensic support for ransomware and fraud cases
III. GLOBAL CYBER THREATS
In May 2025 alone, 44 major global cyber incidents were disclosed, exposing more than 1.4 billion records. Key highlights include:
Facebook API Breach: 1.2B records scraped and exposed.
Credential Leak: 184M email-password pairs published from infostealers.
AT&T: Unverified claim of 31M user records posted online.
Iran-Israel Cyber War: Hacktivists and proxies launched over 100 cyberattacks; $90M erased from a crypto exchange.
Co-op UK: DragonForce (linked to Scattered Spider) compromised 20M customer records.
LexisNexis: Breach of 364k individuals' data, including SSNs.
City of Sheboygan, USA: Ransomware attack affected 67k residents.
Healthcare Targets: Ransomware crippled hospitals in Dubai, Ohio, and New Hampshire.
Viasat: Chinese-linked Salt Typhoon group targeted satellite and telecom systems.
IV. EMERGING CYBERSECURITY TRENDS
AI-enhanced Attacks: AI is being used to automate phishing, generate polymorphic malware, and deploy deepfakes.
Hacktivism: Political conflicts (e.g., Iran-Israel) increasingly trigger cyber offensives.
Vendor & Supply Chain Risk: Third-party compromises remain a top entry point.
Healthcare Vulnerabilities: Patient data and critical services remain frequent targets.
Tightening Regulation: EU NIS2, U.S. SEC, and Australia’s SOCI Act drive mandatory reporting.
IoT & Mobile Weaknesses: Endpoint proliferation without protection grows the attack surface.
V. OSRS RECOMMENDATIONS
To remain resilient in this threat environment, OSRS recommends:
Adopt Zero Trust Architecture – Assume breach, always verify access.
Enforce Multi-Factor Authentication (MFA) – Add a vital layer of identity protection.
Perform Regular Patch Management – Apply the 3-2-1 backup rule.
Train Employees Continuously – Combat human error and phishing susceptibility.
Monitor Dark Web – Detect and respond to compromised data.
Run Quarterly Incident Drills – Test preparedness before real threats emerge.
VI. CONCLUSION
May and June 2025 have reaffirmed a stark truth: cyber threats are increasing in both volume and sophistication. Africa’s digital transformation continues to expose new vulnerabilities, while global incidents confirm that no sector or region is immune.
At OSRS, we take a holistic approach to cyber defense. Whether you lead a financial institution, critical infrastructure, or a local municipality, OSRS offers tailored solutions to anticipate, prevent, and respond to threats.
To schedule a security consultation or learn more, visit www.ogunsecurity.com or email contact@ogunsecurity.com.
Stay vigilant. Stay informed. Stay secure with OSRS.
Comments