The SpaceBears ransomware group claims to have breached AbelZeta Pharma, allegedly exfiltrating over 170,000 confidential files and more than 670 archives containing experimental data. The disclosed material reportedly includes studies on CAR032, CAR39, CAR66, CAR168, TIL, CD, and Tcell and may involve documentation linked to partners and investors such as AstraZeneca,…
Category: Cyber Attack
AiLock claims to have breached England Hockey, the national governing body responsible for managing and developing the sport across grassroots and elite levels. The group has not disclosed the specific contents of the compromised data and its leak site lists the publication date as “Coming soon.” #AiLock #EnglandHockey…
The NoName057(16) hacktivist group claims responsibility for a wave of coordinated DDoS attacks targeting multiple government, judicial, and infrastructure sites in Cyprus. Alleged victims include national registries, payment processors, utilities, transport services, and courts, with the Cyprus Ports Authority reportedly closed by geo-blocking. #NoName05716 #JCCPaymentSystems #CyprusGovernmentPortal #SupremeCourtOfCyprus #CyprusPortsAuthority…
Threat actor zSenior is offering root-level access to a South Korean government server on a *.go.kr domain, claiming completed privilege escalation and straightforward pivoting to 42 internal hosts. The actor also reports PostgreSQL superuser access to an internal host (192.168.0.147) containing PII and potential RCE, and is accepting offers with proof…
A threat actor calling themselves bytetobreach claims to have breached Viking Line and published a full passenger database including vehicle registration plates and system credentials. They also published a correlated NetAxept payment dataset tying passengers to onboard transactions and detailed an attack chain exploiting a 2021 Solr LFI to obtain Tomcat…
An Iran-backed hacker group known as Handala is suspected of carrying out a sophisticated cyberattack that crippled global systems at medical technology firm Stryker. The attack forced shutdowns of all company IT systems across Europe, Asia and the United States, forced the removal of data from devices belonging to 4,000 employees in Cork, and halted operations company-wide while the root cause remains unconfirmed. #Handala #Stryker
Hacktivist group Hider Nex claims to have launched a large DDoS campaign called “OpKuwait,” causing widespread outages across Kuwaiti government portals, state ministries, and financial institutions. The actor says the operation is intended to disrupt services rather than steal data, with impacts reported on public-facing web servers, the centralized e-government gateway,…
The Interlock ransomware group claims to have breached Elliott-Lewis, exfiltrating approximately 1,070 GB (1.07 TB) of files. The allegedly compromised data includes confidential contracts, customer and employee records, accounting (180.6 GB), HR and marketing (269.3 GB), mechanical construction documents (494.6 GB), system profiles, home folders, and multiple internal database backups. #Interlock…
Team Fearless claims it carried out distributed denial-of-service (DDoS) attacks that forced the websites of four Israeli entities offline. The group announced the campaign on its Telegram channel under the banners #OpIsrael and #freepalestine, naming a digital marketing and advertising agency, Alon Israel Oil Company Ltd., Goldtec Technologies Ltd., and Amarel…
The Gentlemen ransomware group claims to have breached Docaret, a French company with over 30 years of experience providing technical writing, document management, and digital modeling services for engineering and technical sectors. The leak site currently shows a countdown and has not published the specific files, but the allegedly exfiltrated data…
A threat actor using the handle Heiz is offering a 460MB SQLite database containing over 150,000 patient records allegedly stolen from an unnamed US clinic, including SSNs, dates of birth, contact details, diagnoses, medications, and physician information. The dataset is being sold on a Russian-language hacking forum with prices starting at…
A threat actor operating as PoliceEspDoxedBF claims to have leaked employee records from Spain’s Ministerio de Hacienda containing ID numbers, IBANs, phone numbers, addresses, full names, and email addresses. The actor posted redacted samples, provided a direct download link and Telegram channel, and was banned from the forum, creating a critical…
NyxarGroup is offering 1.8 million patient records from Maple Respiratory Colombia for sale on the open web, reportedly priced at $400 with a sample provided and contact via SimpleX. The breach includes two databases—’users’ with identity/contact details and ‘citas’ containing full medical appointment histories—exposing sensitive protected health information that could enable…
Lehigh Carbon Community College closed all campus sites and moved classes online beginning 4 March after a major IT disruption that remained unresolved as of 9 March. Although the college has not publicly confirmed a cyberattack, forced password resets and partial service availability suggest a network containment effort and raise suspicion of a security incident. #LehighCarbonCommunityCollege #LCCC
The Pays de la Loire Mobility Observatory’s complete operational database is allegedly being sold on a hacker forum for $8,000, potentially exposing the master data that powers the region’s multimodal transport network. The dataset reportedly includes SNCF TER station records, precise WGS84 GPS coordinates and official identifiers, full network topology and…