MyLovely.AI, an NSFW AI artwork generation platform, was allegedly compromised with a 2.1 GB JSON database from April 2026 posted to a dark web forum, affecting 106,362 registered users. The leak exposes highly sensitive interactions including user identifiers, generated images and videos, private and negative prompts, gallery URLs, profile metadata, and…
Category: Cyber Attack
A threat actor using the handle hackboy claims to be selling 10,152,989 credit registration records allegedly extracted from the Kbank_Vietnam_Core system in February 2026, exposing detailed personal, employment, and credit information. The dataset contains national ID numbers, salaries, employer names, CIC credit scores, and system metadata, creating high risk for identity…
Deminima, a Serbian gynecology clinic, allegedly suffered a severe data breach after a threat actor published patient records on a public forum and claimed the clinic ignored extortion attempts. The leaked records reportedly include full names, phone numbers, JMBG numbers, addresses, email addresses, dates of birth, and sensitive medical diagnoses including…
Evolve Your English, an educational platform and language institute, is allegedly compromised in a massive data leak after an unidentified Telegram-based threat actor claimed to have stolen a database of 700,000 records spanning 2020–2026. Although advertised as a “Spain Database,” the sample data predominantly features users in Colombia and includes full…
EmergiaCC (Colsubsidio) in Bogota appears to have been compromised after an unidentified actor posted what is claimed to be an internal, confidential database on a hacker forum. The forum post advertises 258 free records for download and lists sensitive data including registration IDs, executive names, GPS coordinates, points of sale, and…
Keymous+ is a North African hacktivist collective that conducts DDoS attacks, system intrusions, and account takedowns while claiming a humanitarian and geopolitical rationale. The group asserts control over multiple sub-groups and persistent access to health systems across Africa and Asia, claims thousands of criminal account takedowns, and warrants close monitoring by…
The Payload ransomware group claims to have breached multiple international organizations, naming Tscherne Consulting Steuerberatung GmbH and United Finance Egypt among its alleged victims. The group says it exfiltrated 104 GB of corporate data from Tscherne and 327 GB, including customer information and the entire infrastructure, from United Finance Egypt. #PayloadRansomware…
Three UK-based airline agency websites—Airdeals, Airtips, and Payair—have allegedly been compromised in a combined data breach and extortion attempt, with the attacker claiming to have taken Airtips offline. The threat actor demands payment within 48 hours, is offering the stolen database and files for sale on a cybercrime forum for $300,…
Check Point Research disclosed that ChatGPT’s Linux-based secure code execution runtime leaked sensitive data via DNS resolution, allowing attackers to exfiltrate encoded fragments and even establish a bidirectional remote shell through DNS tunneling. OpenAI deployed a full fix on February 20, 2026, but researchers warn that evolving assistant capabilities expand the…
The Uffizi Galleries in Florence say they were subject to a cyber-attack but insist their security systems protecting artworks were not compromised. Italian reports claim hackers accessed IT systems and sought a ransom after allegedly extracting access codes, internal maps and CCTV locations affecting the Uffizi, Palazzo Pitti and Boboli Gardens. #UffiziGalleries #PalazzoPitti
Omax Autos Limited confirmed a ransomware attack on its IT infrastructure first detected on March 26, 2026, which affected IT systems while core operations and critical functions remained unaffected. The company is investigating the breach, assessing potential financial losses, and implementing enhanced cybersecurity measures to prevent future incidents. #OmaxAutos #AutoAncillary
Iranian-backed hacker group Handala claimed responsibility for a cyber attack on St. Joseph County, alleging it exfiltrated more than two terabytes of sensitive data and noting it previously leaked FBI Director Kash Patel’s email. County officials counter that only a third-party faxing service was hacked, that internal systems were not compromised, and investigations with federal, state and local law enforcement are ongoing; anyone concerned should contact the Board of Commissioners. #Handala #StJosephCounty
Nacogdoches Memorial Hospital (NMH) discovered a cyber-attack on January 31 that may have exposed patient information, including names, contact details, Social Security numbers, dates of birth, medical record and account numbers, health plan numbers, and possible photographs. NMH says it notified law enforcement, completed an investigation, reinforced its network security, notified potentially affected patients by letter, and is not aware of any misuse of the information to date. #NacogdochesMemorialHospital #NMH
The Cybercrime Center and the Baden-Württemberg State Office of Criminal Investigation have identified the alleged leader and alleged programmer behind the GandCrab and REvil ransomware groups and issued international arrest warrants. Both suspects are accused of organizing and developing ransomware operations linked to attacks including the 2019 incident against the Württemberg State Theatres; the case was built using cryptocurrency transaction analysis and broad international cooperation. #GandCrab #REvil
A school IT system used across Northern Ireland was hit by a cyberattack, forcing the Education Authority to reset passwords for all users. The reset disconnected all schools and pupils, cutting access to essential revision resources ahead of exams. #C2K #EducationAuthority