Threat actors ChimeraZ and misere allegedly posted a partial database from Autosur, a French vehicle inspection firm, containing about 63,349 inspection records. The claimed dataset includes personal and vehicle details such as names, addresses, birth dates, phone numbers, emails, license plates, VINs, and mileage, though the leak remains unverified. #Autosur #ChimeraZ…
Category: Cyber Attack
Novo Nordisk has confirmed a major breach in which attackers stole large amounts of internal data, including AI models, training code, datasets, logs, and container images tied to its drug-discovery work. The incident also exposed pseudonymized clinical trial patient data and has triggered an investigation with Danish regulators and outside cybersecurity…
Attackers used DragonForce ransomware against a major U.S. services firm and hid their C&C traffic inside Microsoft Teams relay infrastructure through a custom Go backdoor tracked as Backdoor.Turn. The campaign also used BYOVD abuse, DLL sideloading, and multiple vulnerable or malicious drivers to evade defenses and maintain long-term access. #DragonForce #BackdoorTurn #MicrosoftTeams #Hackledorb #HWAuidoOs2Ec.sys #HavocProcessTerminator
Spartanburg County in South Carolina has been dealing with a multi-day network and internet outage since June 10, 2026, with the South Carolina Law Enforcement Division assisting the county amid a suspected cyber incident. Several public services and internal communications, including at the sheriff’s office, have been disrupted, marking the county’s third cybersecurity-related incident in less than three years. #SpartanburgCounty #SLED
Kee Wah Bakery was hit by a ransomware attack that disrupted its internal network system on June 12, 2026, prompting the company to contact potentially affected employees, business partners, online customers, and loyalty program members. It reported the incident to the police and the Privacy Commissioner, while confirming that payment and credit card information were not affected and physical stores remain open. #KeeWahBakery #奇華餅家
iRhythm Holdings disclosed a cybersecurity incident involving unauthorized access to data, with suspicious activity identified on June 8 and an investigation launched with external experts. The company said the incident did not affect patient safety, device systems, manufacturing operations, or financial reporting systems. #iRhythmHoldings #SocialEngineering
The Uncanny Automator breach exposed customer records and led to a backdoored Pro plugin update, version 7.3.0.5, being distributed to some live WordPress sites. Uncanny Owl confirmed the incident, released a clean 7.3.0.6 version, and warned that any site running the compromised build should be treated as infected. #UncannyAutomator #UncannyOwl #automatorplugincom…
A threat actor claims to have scraped 146,000 records from the French property platform Superimmo, but the data is described as publicly available business and listing information. The alleged dataset appears more useful for bulk outreach and lead harvesting than for exposing sensitive customer data, and its scope and authenticity remain…
A threat actor known as 0xSec claims to have leaked a database from the French job platform Local’Emploi, allegedly exposing about 26,900 records across four CSV files. The reported data includes job seeker personal details, résumé references, job offers, and company contact information, but the claim remains unverified. #LocalEmploi #0xSec #France…
Kredietbank Limburg in the Netherlands reported a digital intrusion, but said the impact remained limited and the damage appears minor. No further details were provided about the nature of the intrusion or the full extent of the impact. #KredietbankLimburg
A threat actor breached a victim environment, accessed a hypervisor, created a new virtual machine, and used it to stage and launch Akira ransomware. The investigation also found use of Easyupload.io via LimeWire, WinRAR, and WinSCP for staging and likely exfiltration, along with rapid disabling of Microsoft Defender and little effort to hide activity. #Akira #LimeWire #Easyuploadio #WinRAR #WinSCP #MicrosoftDefender
Murray County, Georgia says a ransomware attack on its computer network has been resolved and most systems are back online as restoration continues. County officials disclosed they paid a $200,000 fee after consulting cybersecurity and forensic experts, saying the move was meant to prevent county data from being published. #MurrayCounty
A threat actor known as ChimeraZ, with help from Cybernox, claims to have leaked Lancy FC’s member database online, exposing about 6,600 records. The alleged data includes sensitive personal details such as names, addresses, phone numbers, dates of birth, and likely information tied to minors and parents, but the claim remains…
Mandiant and GTIG identified an active extortion campaign by UNC6240 (ShinyHunters) exploiting CVE-2026-35273 as a zero-day against Oracle PeopleSoft Environment Management Hub endpoints. The attackers used MeshCentral staging servers, masquerading Azure-related binaries, and a propagation script to move laterally and leak stolen data to the ShinyHunters Data Leak Site. #UNC6240 #ShinyHunters #OraclePeopleSoft #CVE-2026-35273 #MeshCentral
Toulouse FC reported a security incident involving a data backup infrastructure managed by one of its service providers and quickly activated its crisis response procedures. The club says no sensitive data was affected or misused so far, but it has warned about possible phishing and identity theft attempts. #ToulouseFC #CNIL #phishing #identitytheft