CPUID, maker of CPU-Z and HWMonitor, was compromised via a secondary API that redirected legitimate update requests to a malicious domain for about six hours between April 9 and April 10, delivering a trojanized installer. The multi-stage, in-memory info-stealer used a fake CRYPTBASE.dll and shared infrastructure with a prior FileZilla campaign;…
Category: Cyber Attack
Ficha, a Japanese AI development company focused on automotive and image recognition, was allegedly compromised with corporate GitHub repositories leaked, exposing core technical frameworks and sensitive customer project files. The leak reportedly contains proprietary SDKs (sdk2, SDK4, AIFramework), ADAS algorithms including FichaDet and LaneDet, DMS neural networks, OCR and LLM integration…
The Anderlues municipal administration in Belgium suffered a large-scale cyberattack that forced its administrative services to shut down for an unknown duration. The incident occurred between midnight and 5:00 a.m. on 8 April 2026, and local and federal authorities are working to restore systems and determine the attack’s origin. #Anderlues #anderluesbe
Inigo App, a digital business card platform, has reportedly been compromised with a large database being offered for sale on a dark web forum. The leak allegedly contains 30 million rows including over 1 million unique email addresses, names, phone numbers, addresses, hashed passwords, social media links, precise geolocation data, company…
Infodesk, a software provider, was allegedly compromised in February 2026, exposing an employee database containing first and last names and email addresses from multiple major global organizations. The breach was posted for sale on a dark web forum and affects high-profile clients across the pharmaceutical, medical, and consulting sectors, including Moderna…
NNPC Health Maintenance Organisation Limited (NNPC HMO), a Nigeria-based health insurer affiliated with the NNPC Group, has allegedly suffered a major data breach exposing a database of roughly 200,000 users. An anonymous attacker posted the data on a cybercrime forum and is demanding $300,000 by April 30, 2026, threatening to sell…
GWF Group, a Swiss provider of industrial fluid management and filtration solutions, has allegedly been compromised. An anonymous user on a dark web forum posted a link to an archive claimed to contain the company’s database, including client names, addresses, device identifiers, and geolocation data. #GWFGroup #OBIScodes…
Global Talent Exchange (Globaltalex), an India-based recruitment platform, has allegedly been compromised with an unauthorized party offering a candidate and user database for sale. The seller claims the dataset contains over 80,000 rows of personal and profile information β including emails, contact numbers, experience histories, timestamps, languages, and account statuses β…
Sumitomo Metal Mining Co.’s Philippine nickel smelting subsidiary, Coral Bay Nickel Corporation, suffered a ransomware attack that led the company to isolate affected servers and engage external specialists to investigate. The incident had a limited impact on operations and is not expected to significantly affect the company’s consolidated results. #SumitomoMetalMining #CoralBayNickel
A suspected cyberattack disrupted passport processing at the Ministry of Foreign Affairs of Colombia, forcing suspension of services in MedellΓn, BogotΓ‘, Cali, and Bucaramanga. The outage was concentrated on the SITAC platform, affecting online passport issuance and apostille services while technical teams work to resolve intermittent faults and improve the system. #SITAC #MinistryOfForeignAffairsOfColombia
A minor code change in the Apache HTTP Server (httpd) accidentally exposed environment variables, including a GitHub token, causing a credential leak that was quickly revoked. The developer confirmed the incident resulted from human error, and GitHub’s automated detection, notifications, and token invalidation significantly reduced the window for exploitation. #ApacheHTTPServer #GitHubToken…
A threat actor known as s1ic3r publicly leaked 175 MB of compressed documents, IC schematics, and proprietary intellectual property allegedly taken from Shanghai Fudan Microelectronics Group in April 2026. The exposed VLSI designs and internal documentation could enable reverse engineering, reveal hardware vulnerabilities in smart cards and security chips, and shed…
Signature Healthcare and Signature Healthcare Brockton Hospital are responding to a cybersecurity incident that affected parts of their information systems, prompting activation of incident response and downtime procedures. Most clinical services remain operational, but chemotherapy infusions are canceled for April 7 and ambulance traffic is being diverted; patients should monitor the hospital website and contact the Greene Cancer Center to reschedule. #SignatureHealthcare #GreeneCancerCenter
Minnesota Governor Tim Walz authorized the National Guard to provide emergency assistance to Winona County after a cyberattack that began on April 7, 2026. Local officials are coordinating with the FBI and cybersecurity experts to secure operations after the attack disrupted municipal and emergency services; the county had also experienced a ransomware incident in January. #WinonaCounty #NationalGuard
On 7 April 2026, National Aerospace Fasteners Corporation (NAFCO) experienced a cyberattack targeting its information systems. The company immediately activated defenses and launched an investigation, and to date reports no sensitive data leakage or significant operational impact. #NAFCO #NationalAerospaceFastenersCorporation