The San Diego Community College District is facing a major cyberattack that began Saturday and has taken certain digital services, including email and enrollment platforms, offline. All campuses remain open and most classes continue while the district reports no data compromise and is communicating with students through alternative channels. #SanDiegoCommunityCollegeDistrict #EmailSystems
Category: Cyber Attack
ALS Limited detected malicious cyber activity that involved unauthorized access to some of its IT systems and temporarily disrupted certain operations. The company has implemented containment and remediation measures, notified the Australian Cyber Security Centre, and is assessing the scope of the breach and potential impacts on customer data. #ALS #AustralianCyberSecurityCentre
A critical pre-authentication bypass, CVE-2026-41940, was disclosed in cPanel/WHM and coincided with a sharp spike in hosts classified as malicious. Analysis indicates two active campaigns—post-compromise Mirai deployments and a large-scale file-encrypting campaign appending “.sorry” to files—heavily targeting cPanel systems. #CVE-2026-41940 #cPanel
A Latvian national, Deniss Zolotarjovs, was sentenced to 102 months for his role as an enforcer in a Russia-based ransomware organization that stole data from over 54 companies and contributed to hundreds of millions in estimated losses. He escalated extortion by analyzing stolen data and exploiting sensitive information — including pediatric health records — and was arrested in Georgia, extradited to the United States, and prosecuted by the DOJ and FBI. #DenissZolotarjovs #Conti
Emden/Leer University of Applied Sciences was hit by a cyberattack on 1 May 2026, prompting a preventive shutdown of central IT services and disruption to its website. Systems were rapidly contained with no reported data loss, in-person teaching continues, and the university has opened an information point while working on progressive restoration of services. #HochschuleEmdenLeer #hsEmdenLeer
A B.C. judge has certified a class action on behalf of nearly 39,000 people after a December 1, 2020 breach at TransLink exposed extensive personal and financial records across multiple subsidiaries. The court found plaintiffs plausibly allege TransLink “wilfully and without a claim of right” failed to safeguard data despite alleged foundational cybersecurity deficiencies, and common issues will be determined at trial. #TransLink #CoastMountainBusCompany
Columbia Surgical Partners’ parent company was hit by a ransomware attack this week, leaving patients’ electronic medical records inaccessible. The clinic in Maury County, Tennessee, said patients were notified while Advanced Diagnostic Imaging (ADI) in Nashville and authorities work to restore access and investigate. #ColumbiaSurgicalPartners #AdvancedDiagnosticImaging
B&G Foundation reported on April 27, 2026 that its servers were hit by a malware attack, resulting in a system outage. No external leakage of personal or confidential data has been identified so far, and the foundation is prioritizing identification of the cause and restoration of systems. #BGFoundation #BGMaritimeCenters
The Ambroise-Paré Clinic in Beuvry suffered a cyberattack on April 21 that disrupted critical information systems, including its patient records management software and IT network. The full extent of the impact on the facility, which has been operating since 2002, is still being determined. #AmbroisePareClinic #PatientRecordSystem
Today’s Information was targeted in a ransomware attack that was detected following an alert for anomalous activity. The security unit activated incident response and conducted inspections; preliminary assessments show internal systems and the website are operating normally with no material damage or leakage of confidential data. #TodaysInformation #syntecclub
Airbus-owned Stelia North America confirmed a ransomware attack and says it isolated affected systems and activated cyber defence protocols to contain the incident. External researchers report the Rhysida group claims responsibility and is demanding 27 bitcoin for 10 TB of data with a seven-day deadline. #Rhysida #SteliaNorthAmerica
LayerX researchers found that Cursor stores session tokens and API keys in an unprotected local SQLite database, allowing any installed extension to steal credentials. Cursor acknowledged the behavior as within the user’s “trust boundary” and the issue remained unfixed as of April 28, 2026. #Cursor #LayerX…
School Center B3 in Bruck an der Mur was hit by a cyberattack that involved attempted ransom demands. Attackers are threatening to disclose sensitive data unless paid, but Styria’s education authorities have refused to negotiate with the extortionists. #SchoolCenterB3 #BruckAnDerMur
The Rural Municipality of Gimli reported it was the target of a cyberattack that affected its computer systems. The municipality has hired a cybersecurity firm to investigate the incident and residents are advised to pay bills directly through their bank while the municipal office cannot process payments. #RMofGimli #gimli_ca
Threat actor 0056113 is offering compromised law-enforcement and government email accounts, forged legal documents, and EDR-as-a-Service on a public cybercrime marketplace. The listing enables fraudulent Emergency Data Requests to major platforms, allowing buyers to obtain IP logs, device data, and message metadata that can be used for doxing, swatting, and other…