1. Castilla y León confirms cyberattack on Educacyl after hiding it for days

The Ministry of Education of Castilla y León recently recognized a massive cyberattack to the Educacyl portal, which managed sensitive data of students and families, including ID, telephone numbers and emails. The attack occurred on May 31 and it was officially confirmed on June 25th, after leaks on dark web networks and forums. It has been reported to the AEPD and the Guardia Civil, and internal technical measures have been reinforced

Consequences of the cyberattack:

  • Mass exposure of personal data, even for minors.
  • Late response and lack of institutional transparency.
  • Urgent need for protocols with fast reaction time.

    • 2. AI phishing grows by 466% in Spain

    A report highlights that the phishing with generative AI Has a shot has been fired 466% since the beginning of 2025. Malicious emails are more sophisticated and realistic, requiring more advanced responses: intelligent filters, mandatory MFA, and ongoing training.

    3. 49% of companies are already recovering in less than a week after ransomware

    According to Sophos, almost the half of Spanish companies affected by ransomware, they are able to restore their systems in less than a week, compared to 27% the previous year. The average cost of recovery without rescue fell by 66% to 1.15 M USD

    Keys:

    • Offline (air-gapped) backups are essential.
    • Fast recovery reduces costs and reputational damage.

    4. Melilla: attack that blocked 90% of its municipal servers

    Un targeted cyberattack The Melilla administration left 90 of its 100 servers inoperative. The access occurred via an employee's device and interrupted procedures, appointments and digital services. El CNI participates in the investigation.

    Key Lessons:

    • Teleworking and open networks are risk vectors.
    • Contingency plans, network segmentation, and independent backups are essential.

    5. International attack on Microsoft Azure AD exposes corporate accounts

    Massive unauthorized access to business accounts was detected through Azure Active Directory, which highlights the need for reinforced protection in corporate cloud environments through segmentation, MFA and advanced monitoring. Although there are still few public details, the incident highlights the global exposure of cloud services

    What Apollo Cybersecurity offers to protect your organization

    • System, network and OSINT exhibition audits
    • 24/7 SOC services and simulate sector-specific attacks
    • Training in cyber hygiene, AI and targeted attacks
    • Legal and operational support in the face of reputational breaches and crises

    ✅ Request a free consultation with our specialists

    Prev Post
    Next Post

    Any questions?
    We're happy to help!

    CONTACT US TODAY!
    info@apolocybersecurity.com
    Data Controller: Apolo Analytics SL
    Purpose: To process your request and respond to your message.
    Legal Basis: Consent of the interested party upon submitting the form.
    Recipients: Data will not be transferred to third parties, except under legal obligation.
    Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
    Additionall information: You can view the full information on our Privacy Policy.

    Thank you!

    Your message has been successfully received.
    Oops! Something went wrong when submitting the form.
    We are waiting for you!
    Schedule a call
    Project photo
    send us an email
    Project photo
    +34 937948378
    Project photo
    Carrer de Sant Joan de la Salle 42, Barcelona, spain
    Project photo
    FAQScontactTERMS AND CONDITIONSWork with Us
    Accelerated by:
    Certifications:
    Light Eyes is part of Apolo Cybersecurity
    LEGAL NOTICEPRIVACY POLICYCookies
    Copyright © 2025 Apollo Cybersecurity