The Coinbasecartel ransomware group claims it breached several major U.S. retail organizations, posting an alleged victim list that includes Carters, Ralph Lauren, and Helzberg. The actor says the compromise exposed full supply chain data for Carters and Ralph Lauren and 33GB of supply chain data from Helzberg. #Coinbasecartel #Carters #RalphLauren #Helzberg…
Category: Cyber Attack
The Hydrological Information Management System (HIMS), run by the Bangladesh Water Development Board (BWDB) and supporting the Flood Forecasting and Warning Center (FFWC), appears to have been compromised with access and data allegedly offered for sale for $100. The data reportedly includes river levels, groundwater, rainfall, real-time flood alerts, historical hydrological…
Foodpapa.pk, a Pakistani food delivery platform, was allegedly compromised when a January 2026 backup was uploaded to a dark web forum, exposing a total of 239,109 accounts. The leaked dataset reportedly includes full names, phone numbers, email addresses, bcrypt password hashes, JWT and Firebase tokens, CNIC numbers, vehicle registrations, home addresses,…
Healthdaq, a healthcare recruitment company in Ireland, has reported a cybersecurity incident. The company has notified regulators and the Garda National Cyber Crime Bureau but cannot provide further details while a criminal investigation is ongoing #Healthdaq #Garda
Hackers claiming to be ShinyHunters say they breached Rockstar Games’ cloud servers by exploiting a vulnerability at third‑party provider Anodot. Rockstar confirmed limited access to non‑physical company information, said players and operations were unaffected, and reported the attackers are demanding a ransom to be paid by April 14, 2026 or they will release sensitive corporate data. #ShinyHunters #RockstarGames
Spring Lake Park School District closed all schools on Monday after a suspected ransomware attack, prompting an immediate shutdown of district systems. Local authorities and cybersecurity experts are investigating to determine the extent of the compromise while teams work to secure networks and restore operations. #SpringLakeParkSchools #SpringLakePark
The ShadowByt3$ group claims to have breached Forestal Atlántico Sur and exfiltrated approximately 9.24 GB of data by scraping the company’s S3 buckets and Azure blobs. They have issued a 72-hour deadline to negotiate a ransom and threaten to sell extensive sensitive records including database backups, employee IDs, medical files, logistics,…
A security audit of commercial and community API aggregators shows hop-by-hop TLS leaves JSON payloads exposed to intermediary routing nodes, enabling data exfiltration and on-path manipulation. The researchers documented malicious code injection, rapid theft of leaked API keys, and the draining of a honeypot Ethereum wallet, and recommend signed response envelopes…
Rockstar Games suffered a data breach after a Snowflake instance used by the company was compromised by the ShinyHunters hacking collective. Rockstar says only “non-substantial” corporate information was taken and operations were unaffected; if the stolen archives are published they could reveal internal expenditures and future launch plans. #ShinyHunters #RockstarGames…
Chevin Fleet Solutions took its FleetWave SaaS environments hosted on Microsoft Azure in the United Kingdom and the United States offline as a precaution following a cybersecurity incident. The incident, detected on 3 April 2026, is under investigation with external specialists engaged; Chevin has not yet disclosed the attack type or whether customer data was affected. #ChevinFleetSolutions #FleetWave
Chevin Fleet Solutions took its FleetWave SaaS offline in the United Kingdom and United States after detecting a cybersecurity incident on 3 April 2026, removing hosted Azure environments as a precaution. The company is working with external specialists to investigate the threat and strengthen security, but it has not yet disclosed the attack type or whether customer data was affected. #ChevinFleetSolutions #FleetWave
Waste management company Saver was hit by a cyberattack on the night of 9 April 2026, causing some of its systems to be taken offline. While waste collection continues, Saver faces service restrictions including an inability to answer phone calls and limited access to certain data; a crisis team is working with a cybersecurity firm to investigate the incident. #Saver #saver_nl
Carwah, Saudi Arabia’s leading digital car rental platform, has allegedly been compromised in a breach that exposed sensitive user and driver information after the dataset was posted by an actor on a cybercrime forum. The leaked data reportedly includes 26,078 customer profiles and 6,824 driver’s licenses containing full names, contact details,…
Guangdong Caiding Market Group was allegedly compromised after reportedly refusing a $2,000 USD extortion demand, with a threat actor posting a 412.24 MB compressed archive on a hacker forum. The leak, posted by “SnowSoul ID-1265”, reportedly includes president’s office photos (including Mr. Xie and Mr. Yi), industrial park master plans and…
Grupo2000, a Spanish corporate training and education organization, has reportedly been breached and an unauthorized party is advertising nearly 100,000 user records for sale on a dark web forum for a base price of $150. The leaked dataset is said to include full names, approximately 100,000 mobile phone numbers, about 97,021…