A threat actor known as [Citizen] Kyyza claims to be leaking more than 20 database datasets tied to Indonesian Professional Certification Institutes (LSP) as part of an extortion campaign. The alleged exposure includes personal, certification, financial, and SQL data that could enable identity theft, phishing, and targeted fraud against participants and…
Category: Cyber Attack
HDFC Asset Management Company’s stock fell 3.8% after the firm disclosed a cyberattack on its IT infrastructure and said it was working to contain the incident. The attack, reported on May 16, highlights rising security risks for India’s financial sector. #HDFCAssetManagementCompany
Chanhassen Dinner Theatres temporarily suspended some performances after detecting an attack on its computer network and disconnecting systems as a precaution. The organization is working with external experts to restore services, reschedule affected shows, and contact ticket holders directly about next steps. #ChanhassenDinnerTheatres
Murray County, Georgia’s government network was hit by a cyberattack, causing several county offices to close or operate with limited services until systems are restored. First responders, public safety operations, 911 services, and scheduled primary voting remain available and unaffected. #MurrayCounty #Georgia
The leak of The Gentlemen’s “Rocket” backend database exposed the internal workings of a highly coordinated RaaS cartel, including chats, logs, payouts, and operational roles. Check Point Research found the group used edge-device exploitation, NTLM relay workflows, AI-assisted tooling, and aggressive double-extortion tactics across victims such as a UK software consultancy…
A threat actor claims to have breached Ícaro Cloud S.L., exposing firewall backups, VPN secrets, TLS certificates, administrator hashes, and plaintext password references from 20 client networks. The allegedly stolen data includes over 3,500 OPNsense configuration backups and is said to be for sale after being obtained through reused MSP credentials….
A threat actor known as Lagui claims to be selling a fresh database dump linked to Auchan, the French retail group, with more than 1.29 million customer entries exposed. The alleged dataset includes customer IDs, names, contact details, address information, and loyalty-related fields. #Auchan #Lagui…
A threat actor known as Lagui claims to be selling a fresh database dump allegedly linked to Stych, a French driving school and mobility training platform. The exposed dataset is said to contain 1,342,952 customer entries with identity, contact, location, license-related, and profile data. #Stych #Lagui…
The FBI warns that the ShinyHunters group, which claimed responsibility for a cyber-attack on an online Learning Management System, may use stolen or alleged sensitive data to extort victims and pressure educational institutions. The agency advises schools and individuals to verify suspicious requests through trusted channels, avoid paying demands, and report suspected incidents to the FBI. #ShinyHunters #FBI #LearningManagementSystem
IFAGE, the Geneva adult education foundation, was hit by a cyberattack in April that exposed ordinary employee data, while pedagogical systems and student information were not affected. The incident was detected on April 13, no ransom was demanded, and the investigation into what was stolen is still ongoing. #IFAGE #Geneva
Google Threat Intelligence Group reports that UNC6671, operating under the BlackFile brand, is using vishing and adversary-in-the-middle tactics to compromise Microsoft 365 and Okta accounts. The group steals large volumes of SaaS data with Python and PowerShell scripts, then uses extortion emails, Session/Tox messaging, and a BlackFile leak site to pressure victims. #UNC6671 #BlackFile #Microsoft365 #Okta #GoogleThreatIntelligenceGroup
A threat actor named smiro662 is allegedly advertising more than 50,000 Burkina Faso passport and national ID scans, claiming the archive includes full PII in original PDF quality. The purported 32 GB dataset contains passport pages, Carte Nationale d’Identité Burkinabè scans, and identifying details such as names, birth dates, document numbers,…
Oriental Diamond reported a ransomware attack on May 4, 2026, that encrypted data on its internal servers and may have exposed personal information. The company isolated its servers, notified law enforcement and the Personal Data Protection Commission, and began restoration and investigation efforts while strengthening authentication and suspending VPN use. #OrientalDiamond
Check Point Software reported that ransomware made up 58% of recorded cyber incidents in Singapore in 2025, with more than 130 major incidents tracked. The report highlights Qilin and Lynx ransomware activity, major DDoS pressure on government systems, and rising risks from AI-driven scams and deepfake fraud. #Qilin #Lynx #HIME666 #NullSecPhilippines #gov.sg
A new Absolute Security report found that 57% of CISOs experienced ransomware attacks that began on endpoint devices, while 58% said they would consider paying attackers to restore operations. The study also showed major recovery gaps, with many organizations taking up to two weeks to recover and relying on physical endpoint remediation instead of remote recovery. #AbsoluteSecurity #CISOs #Censuswide #ClaudeMythos