New York City Public Schools is investigating two separate cyber incidents: malware was found and quickly removed from shared lab computers at a Manhattan campus, and a nationwide attack on the Canvas learning platform disrupted access to exams and grades in seven schools. The district is working with police and NYC Cyber Command to trace the sources, strengthen defenses, and determine whether sensitive student and staff data was affected. #NewYorkCityPublicSchools #Canvas #NYCCyberCommand
Category: Cyber Attack
The Central Bank of Libya said it contained a cyberattack that affected some of its technical systems and services, with forensic investigations still ongoing. The bank reported no confirmed signs that customer accounts or data were compromised, and key services such as bank cards and LYPAY continue to operate normally. #CentralBankofLibya #LYPAY
A cybersecurity incident has halted sugar production at two mills in the Mackay region of Queensland, Australia, disrupting cane crushing and rail transport. Mackay Sugar is working to restore systems while prioritizing staff safety and business continuity, with no timeline yet given for the outage. #MackaySugar #Mackay #Queensland
A claimed database leak may have exposed more than 339,000 Napoleon Perdis customer records, including names, emails, phone numbers, and home and delivery addresses. The alleged data also includes loyalty and total-spend information, which could help attackers target higher-value customers for phishing and scams. #NapoleonPerdis #Australia…
A threat actor known as 2019 allegedly leaked Zeemart’s database, claiming more than 510,000 records from the Singapore-based F&B procurement platform were exposed. The unverified dataset reportedly includes user, company, outlet, and order information, along with sensitive contact and financial details. #Zeemart #Singapore #2019…
A threat actor using the alias 2019 claims to be selling an Ochre Health patient database containing 25,000+ patients and 700,000+ records, including sensitive medical and identity information. The claim is unverified, but the exposed data allegedly includes Medicare and DVA numbers, appointment histories, and payment details. #OchreHealth #2019 #Medicare #DVA…
ChimeraZ claims to have breached Proprietes-Privees.com, a French real-estate network, and leaked a 2.65 GB database containing 3.28 million records linked to about 2.53 million people. The alleged exposure includes financial profiles, contact details, agent accounts with passwords, and payment records, but the claim remains unverified. #ProprietesPrivees #ChimeraZ #LeboncoinImmobilier…
Le Vieux Campeur was targeted by a major cyberattack on 2026-06-02, prompting rapid containment and hardening measures by its technical teams and cyberdefense experts to limit the impact and restore services. The company reported the incident to the relevant authorities and the CNIL under GDPR, and current investigations suggest that customer data hosted in a secured external environment was not compromised. #LeVieuxCampeur #CNIL #RGPD
AVBOB Funeral Services confirmed a cyberattack by external malicious actors that disrupted its digital platforms and services. The company is working to restore operations, while manual procedures and a temporary secure payment link are keeping essential services running during the ongoing investigation. #AVBOBFuneralServices
A reported leak of more than 542,000 invoices from BRPDV allegedly exposed CPF and CNPJ tax IDs, names, addresses, contact details, and masked bank references. The release could put customers and internal business information at risk of identity theft, fraud, and competitive harm. #BRPDV #CPF #CNPJ…
A threat actor identified as KLINZO007 allegedly offered Tayara’s full user database for sale on Telegram. The claimed leak contains more than 2,000,000 records, totaling about 4 GB, affecting the Tunisian online classifieds platform Tayara. #Tayara #KLINZO007 #tayaratn #Tunisia…
A claimed OkCupid data scrape could expose up to 35 million user records, including sensitive details such as sexual orientation, precise location, dates of birth, and intimate dating preferences. If authentic, the dataset could enable harassment, sextortion, doxxing, stalking, and identity theft, though the scale and authenticity remain unconfirmed. #OkCupid…
A threat actor known as ChimeraZ claims to be leaking an aggregated “Leboncoin Immobilier” dataset with about 4 million French property listings from 13 portals, including Leboncoin, SeLoger, and PAP. The unverified data allegedly contains 1.1 million phone numbers, seller details, property information, and location data, and the actor suggests the…
Play Ransomware’s Grixba tool evolved from a simple .NET infostealer into a modular reconnaissance platform that maps networks, targets security products, and supports staged exfiltration before encryption. Across four versions, the group repeatedly changed size, packaging, and disguise tactics to evade detection while preserving core behaviors like WMI/WinRM enumeration and the C:UsersPublicMusic drop path. #PlayRansomware #Grixba #Symantec #CISA #SentinelOne #Andariel #JumpyPisces
Meta disclosed that a flaw in Instagram’s High Touch Support account recovery system let unauthorized third parties trigger password resets and hijack user profiles. The issue affected 20,225 users, and Meta disabled the AI assistant, invalidated reset links, and began adding stronger validation before redeployment. #Meta #Instagram #HighTouchSupport #MaineAttorneyGeneral…