OpenAI said employees were compromised in the TanStack npm supply chain incident, which may have exposed code signing certificates for iOS, macOS, and Windows. The company is rotating its certificates and urging users to update ChatGPT, Codex, and Atlas to avoid the risk of backdoored software. #OpenAI #TanStack #ChatGPT #Codex #Atlas…
Category: Cyber Attack
Beazley Security responded to a new ransomware group, CMD Organization, which began posting victims in early April 2026 after first surfacing in late March. The group combines data theft and encryption with a leak-site bidding platform that lets buyers compete for stolen data before it is publicly released. #CMDOrganization #BeazleySecurity #StealC
Q1 2026 saw a sharp rise in AI-assisted supply chain abuse, zero-day exploitation, and destructive attacks, capped by the TeamPCP campaign, the Stryker incident, and growing ransomware partnerships. Security teams must assume fast-moving compromise windows, validate exposure during exploitation, and strengthen defense-in-depth across CI/CD, identity, cloud, and endpoint environments. #TeamPCP #Trivy #Checkmarx #LiteLLM #Stryker #HandalaGroup #MicrosoftEntra #MicrosoftIntune #Vect #Mythos #CISAKEV
A threat actor identified as INT3X is selling a database from mutreasury, the payment gateway used by more than 28 Egyptian universities, exposing administrative credentials, ERP API tokens, and student payment transaction records. The seller also claims to be offering a zero-day unauthenticated-access vulnerability that enables persistence and real-time extraction of…
A threat actor claims to have breached Xacria XNO, a cloud-native network orchestration platform used by Italian telecom operators including FASTWEB and SKY ITALIA. The alleged leak contains 446 service orders, subscriber PII, mobile provisioning records, enterprise circuit data, and reused security tokens across webhook integrations. #XacriaXNO #FASTWEB #SKYITALIA #XFlow…
A cyberattack forced the closure of several Murray County government offices in Georgia, disrupting tax and court-related services. County officials said 911, public safety, and primary voting operations remain normal, while details about the attack and any data compromise are still unclear. #MurrayCounty #Georgia
Akitatek, a French IT services and electronics repair company, is allegedly having its customer database leaked by the threat actor ChimeraZ. The exposed 1 MB JSON file reportedly contains 5,400 records with names, addresses, and phone numbers of customers in France. #Akitatek #ChimeraZ…
A threat actor claims to have exfiltrated more than 480,000 records from Vietnamβs Ministry of Health, exposing sensitive personal and professional details of doctors, nurses, and other medical staff. The actor, linked to FEMBOYSec Intelligence Team and KurdFemboys, is threatening to sell the data if the Vietnamese government does not negotiate,…
A threat actor identified as [Citizen] Moelester is reposting the reportedly stolen SIVVI database for sale, exposing about 300,000 UAE customer records from the Dubai-based fashion e-commerce platform now owned by noon. The leaked dataset includes detailed customer, behavior, loyalty, and marketing tables that could enable profiling and analysis of affected…
Boyne City, Michigan is investigating a limited cybersecurity incident that affected parts of its computer network and digital systems. City officials said emergency and critical infrastructure were not impacted, while the full scope of the disruption and any potential data compromise remain under investigation. #BoyneCity
Nitrogen is reportedly extorting Foxconn after claiming to have stolen 8 terabytes of data, including sensitive schematics and customer project details tied to Dell, Google, Apple, and Nvidia. Foxconn confirmed cyberattacks affected some North American factories, while the incident highlights how ransomware crews target major manufacturers that sit deep in global supply chains. #Foxconn #Nitrogen #Dell #Google #Apple #Nvidia #ALPHV #BlackCat #DoppelPaymer #LockBit #FoxsemiconIntegratedTechnology #Instructure #Canvas
Cybercrime in Germany remains at a very high level, with major attacks on companies, public authorities, and critical infrastructure causing estimated damage of 202.4 billion euros. Ransomware, DDoS attacks, and the growing use of AI by cybercriminals are shaping the threat landscape, while international operations such as Endgame, Eastwood, and PowerOFF have targeted key malicious infrastructure. #NoName05716 #OperationEndgame #OperationEastwood #OperationPowerOFF
A threat actor claims to have breached Kuwaitβs Public Authority for Civil Information, exposing identity records, population data, mapping systems, and 5.23 million ID photos. The actor also says they deleted Ministry of Health maps and is selling the stolen data to up to 12 buyers for $1,000. #PACI #KuwaitMobileID #IdentityIssuanceSystem…
A threat actor claims FutureShop Egypt was breached through an exposed unauthenticated API, allegedly leaking customer profiles, order histories, delivery addresses, and admin panel data. The reported dump includes thousands of records linked to Egyptian grocery stores such as Hyper Market, Khodrawat Super Tawfeer, Zad Land, Muluk Al Kebda, and Al…
Microsoftβs Forza Horizon 6 appears to have been prematurely exposed after Playground Games allegedly released pre-load files without DRM protection on Steam, allowing users to bypass the official May 19, 2026 launch. In response to the leak and pirated distribution, Playground Games is reportedly issuing account suspensions and hardware bans to…