A threat actor known as ChimeraZ, with help from Cybernox, claims to have leaked Lancy FCโs member database online, exposing about 6,600 records. The alleged data includes sensitive personal details such as names, addresses, phone numbers, dates of birth, and likely information tied to minors and parents, but the claim remains…
Category: Cyber Attack
Mandiant and GTIG identified an active extortion campaign by UNC6240 (ShinyHunters) exploiting CVE-2026-35273 as a zero-day against Oracle PeopleSoft Environment Management Hub endpoints. The attackers used MeshCentral staging servers, masquerading Azure-related binaries, and a propagation script to move laterally and leak stolen data to the ShinyHunters Data Leak Site. #UNC6240 #ShinyHunters #OraclePeopleSoft #CVE-2026-35273 #MeshCentral
Toulouse FC reported a security incident involving a data backup infrastructure managed by one of its service providers and quickly activated its crisis response procedures. The club says no sensitive data was affected or misused so far, but it has warned about possible phishing and identity theft attempts. #ToulouseFC #CNIL #phishing #identitytheft
The University of Nottingham suffered a major cyberattack attributed to ShinyHunters, allowing access to student records that included personal, educational, and financial information. The university took its Campus Solutions system offline for forensic investigation, reported the incident to Action Fraud and the ICO, and warned students to watch for suspicious messages and change passwords. #ShinyHunters #UniversityofNottingham #CampusSolutions #ActionFraud #ICO
A threat actor named ChimeraZ claimed to leak a customer and valuation database from Jestimo, a French real-estate valuation software firm. The alleged leak includes 168,706 records affecting about 389,365 people and was observed on June 11, 2026. #Jestimo #ChimeraZ…
A forum post alleges production Admin API access and leaked payment keys for Wickr Enterprise, Amazon AWSโs secure messaging platform. The claim was attributed to a new account named Orcinusorca and supported by response headers and a JSON snippet. #WickrEnterprise #AmazonAWS #Orcinusorca…
Great Marlow School in Buckinghamshire partially closed after a malware incident disrupted its ICT network, communications, and email systems. The school is working with cyber-security professionals and following guidance from the Department for Education and the National Cyber Security Centre while exams and lessons are affected. #GreatMarlowSchool #DepartmentforEducation #NationalCyberSecurityCentre
Lithuanian authorities say the country is not facing a coordinated cyberattack, despite two major recent incidents involving sensitive data leaks. The latest breach exposed personal data from 62,000 doctors at the State Health Care Accreditation Agency, following an earlier leak of real estate data belonging to more than 600,000 people. #StateHealthCareAccreditationAgency #NKVC
A threat actor using the alias Soral claims to have breached H1 and leaked a database of 2,064,071 medical professional records. The alleged data includes names, specialties, licenses, workplaces, and photos, but the claim remains unverified and H1 has not publicly responded. #H1 #Soral #RPPS…
Malicious AI browser extensions such as Urban VPN, Smart Sidebar, and Chat AI are being used to secretly exfiltrate sensitive conversations from services like ChatGPT, Claude, DeepSeek, and Gemini. Security researchers warn that these tools can bypass user trust and store protections, putting enterprise endpoints and proprietary data at serious risk….
Onslow County Schools in North Carolina is experiencing a widespread phone and internet outage that has disrupted 43 schools and more than 28,000 students. The incident affected end-of-course exams and live graduation ceremonies, while officials have only described it as a technical issue and have not confirmed a cyberattack. #OnslowCountySchools #NorthCarolina
A threat actor using the alias Zab26 claims to be selling 533GB of French and European healthcare data, including PHI documents, Social Security numbers, database rows, credentials, private keys, and TLS certificates. The listing also alleges live access to health systems such as Franceโs DMP platform, Kubernetes clusters, Slack, and mail,…
A partial database allegedly linked to Capifrance may expose data on about 785,000 people, including names, birth dates, addresses, contact details, nationality, marital status, and profession. If authentic, the leak could enable identity theft, phishing, and targeted fraud against property buyers and sellers, with records of deals and signatures adding sensitive…
The Gentlemen ransomware group has rapidly become one of the most active RaaS operations by victim count, fueled by a 90/10 affiliate payout that has drawn experienced operators from rival crews. Researchers have also linked its administrator, known as Hastalamuerte and Zeta88, to a likely real-world identity through forum, Telegram, phone number, and email records. #TheGentlemen #Hastalamuerte #Zeta88 #Izhevsk #AlexanderYapaev
The Central Bank of Libya reported a cyber incident affecting a limited number of its systems and technology services, and immediately activated emergency response and business continuity procedures. The bank said investigations are ongoing with international cybersecurity firms, while services such as banking cards and the LYPAY platform remain operational and there is no evidence yet that customer accounts were affected. #CentralBankofLibya #LYPAY