Foodini, an AI-powered dietary intelligence platform that provides ingredient transparency and menu tagging for the food industry, was allegedly breached and had its data leaked online. An unauthorized party reportedly published a compressed archive containing application archives, platform system files, binary data, and internal operational files to a public file-sharing service….
Category: Cyber Attack
Padanama Publication, Sri Lanka’s largest book printing company, has allegedly suffered a data breach with a comprehensive client database listed for sale on a dark web forum for $50. The leaked sample reportedly contains highly sensitive personal and system data including National Identity Card numbers, one-time passwords (OTP), names, contact details,…
CL-CRI-1116 campaigns combine SSO-style phishing pages with antidetect browsers and residential proxies to harvest credentials. Attackers use vishing from spoofed VoIP/CNAM to capture credentials and TOTPs, bypass MFA, abuse Microsoft Graph API and SaaS search to collect sensitive files, exfiltrate data via APIs or file-sharing services, and pressure victims with seven-figure ransom demands and SWATting. #CL-CRI-1116 #MicrosoftGraphAPI
A threat actor named kittykatkrew posted an exfiltration of the Arkansas State Crime Lab claiming to have stolen court calendars and a full personnel directory via the agency’s public LASSO portal. The leak was distributed as a free .rar download linked from spear.cx and biteblob.com, creating acute risks of witness intimidation,…
A ransomware attack encrypted files in Yau Yat Chuen Garden City Club’s customer management system, affecting more than 9,000 current and former members. The Privacy Commission found multiple security weaknesses and issued an enforcement notice while the club has begun remedial measures and disabled the vulnerable remote-access software. #YauYatChuenGardenCityClub #RemoteAccessSoftware
Kyber is a cross-platform ransomware family that targets VMware ESXi datastores and Windows file systems with coordinated Tor-based infrastructure, campaign identifiers, and destructive anti-recovery features. The ESXi variant (C++ ELF) actually uses ChaCha8 with RSA-4096 and partial in-place encryption while the Windows variant (Rust PE) implements the advertised hybrid Kyber1024 scheme and includes elevated service termination and experimental Hyper-V shutdown. #Kyber #VMwareESXi
At-Bay’s 2026 InsurSec Report shows a 7% year-over-year rise in claim frequency and an all-time average severity of $221,000, with ransomware the costliest incident type at a $508,000 average. Remote-access entry vectors dominated ransomware claims (notably VPN compromises and SonicWall devices), Akira activity spiked sharply with rapid deployments and high demands, smaller firms absorbed growing losses, financial fraud leveraged Cloudflare-hosted links, and third-party liability claims (driven by CIPA cases) rose steeply. #Akira #SonicWall
Mile Bluff Medical Center in Mauston reported a cyberattack that encrypted data and disrupted its phone and computer systems. The hospital has activated security protocols and engaged internal and third‑party experts to investigate and restore affected services. #MileBluffMedicalCenter #PhoneAndComputerSystems
Nara Municipal Hospital suspended its emergency services and outpatient clinics following a suspected cyberattack that disrupted operations. The incident, detected on April 21 by network monitoring systems, rendered multiple IT systems including electronic medical records unusable, and authorities are working with police to trace the attack’s origin. #NaraMunicipalHospital #ElectronicMedicalRecords
Reliance Jio Infocomm Limited has allegedly been compromised, exposing sensitive internal infrastructure and an alleged real-time algorithmic trading system reportedly in operation since 2016. The leaked data reportedly includes a redis_dump.txt database file, National Stock Exchange (NSE) Futures & Options trading data, system alerts for ShortCovering, LongBuiltUp, and Resistance Levels, and…
The Qilin ransomware group claims to have breached networks at ten organizations worldwide, affecting companies in logistics, manufacturing, construction, finance, medical packaging, and a local government. The actor posted an alleged victims list on April 21, 2026, and while specific file directories are not yet published, the reportedly exfiltrated data commonly…
Silentransomgroup claims to have breached law firm Rutan & Tucker, LLP and listed the firm on its leak site, indicating a compromise of internal systems. Posted evidence on the actor’s directory index appears to include legal case files, confidential internal records, network drive mappings (net drives.png), and a directory tree (RTtree.txt)….
LayerX researchers uncovered a coordinated campaign of at least 12 browser extensions that pose as TikTok downloaders while secretly tracking users and harvesting telemetry. The operation has compromised over 130,000 users on Google Chrome and Microsoft Edge by reusing a single code family, employing long-lived trust-building tactics, and using remote configuration…
Internal monitoring detected a suspected transfer of a substantial cache of confidential commercial and financial documents affecting multiple NSW Government departments and projects. NSW Treasury reported the matter to NSW Police, who launched Strike Force Civic, led to criminal charges, and now believe the alleged stolen data has been located and secured with no external compromise and no impact to government services. #NSWTreasury #StrikeForceCivic
Threat actor 888 posted a full database dump of Ledil Immobilier (ledil.immo), exposing 6,700 unique user records including names, emails, phone numbers, addresses, property and transaction details. The dataset, apparently exported from a Drupal (Search API) instance and offered as a free download on darkforums.su, greatly increases the risk of targeted…