The Morpheus ransomware group claims to have breached SURTECHINC, a South Korean plating manufacturer, and exfiltrated sensitive operational and technical data. Published evidence allegedly includes engineering CAD blueprints (including parts for ILJIN Corporation), HMI system screenshots, and application source code with hardcoded credentials and database connection details. #Morpheus #SURTECHINC…
Category: Cyber Attack
The Insomnia ransomware group claims to have breached Ripple Neuro, a biotechnology research company in Millcreek, Utah, and notified the company on February 14, 2025. The actor has threatened to leak data but has not specified the types of compromised information. #Insomnia #RippleNeuro…
The Inc ransomware group claims to have breached multiple organizations across different sectors and regions and has published a list of alleged victims. The latest list names Empresa de Transportes Via Pajuçara Ltda. (Brazil), Tract Consulting (Canada), and Dari Concepts (United States), with the actor claiming the compromised data spans hundreds…
Threat actor Niphra claims to have breached Remington.bg, Bulgaria’s largest furniture retailer, in early 2026 and is offering datasets containing over 140,000 order rows and over 130,000 customer rows for sale. The exposed records include names, phone numbers, emails, physical addresses, order statuses, timestamps, delivery notes, pricing details, and account metadata,…
A threat actor using the handle HexDex is selling personal information for 352,502 members of the Federation Francaise d’Aikido, Kinomichi et Disciplines Associees (FFAAA). The dataset reportedly includes 343,000 unique full addresses, 63,000 phone numbers, 75,000 email addresses, and parent information for minors; a 1,000-record sample is available and offers are…
DumpSec is claiming to sell data allegedly stolen from French temporary employment agency MyConnect, referencing a prior Adecco breach and indicating a pattern of targeting staffing platforms. The listing advertises about 125,000 records and a document archive of 21,106 files containing national ID scans, banking documents, signed forms, and birth certificates,…
The City of Rome’s library system was targeted in a cyberattack that was promptly countered by the Cyber Security Operations Center. Mayor Roberto Gualtieri announced the incident during the inauguration of the center’s new operations room, and officials say the attack was successfully repelled, preserving the security of municipal data and systems. #RomeLibrarySystem #CyberSecurityOperationsCenter
BDH Clinics in Mecklenburg-Vorpommern, Germany, were hit by a cyberattack that affected part of their IT infrastructure while medical care continues to be provided. Patients are urged to verify requests before sharing personal information as authorities and the clinics work together to secure data and minimize risk. #BDHKliniken #MecklenburgVorpommern
The Health Research Board (HRB) in Ireland has been targeted by a cyberattack; employees were instructed not to open their laptops, to stay home, and to ignore notifications on their work phones. IT staff are working to isolate and contain the incident; the HRB is a public body attached to the Department of Health that funds about €50 million in research annually for universities and hospitals. #HealthResearchBoard #HRB
The Termite ransomware group claims to have breached the Birmingham Museum of Art and exfiltrated a large cache of internal files and directories. The allegedly compromised data reportedly includes financial documents, donor and credit card records, employee and board information, partnership and grant materials, and IT backups and system logs. #Termite…
The Anubis ransomware group claims to have breached Envirogen Technologies and exfiltrated approximately 3.6TB of sensitive corporate data. Leaked files reportedly include client databases, call records, contracts, technical drawings, employee identification, and information related to military projects. #Anubis #EnvirogenTechnologies…
DevChallenges.io, a platform dedicated to helping developers practice and improve their coding skills, has allegedly been compromised with a database published on a prominent hacking forum in February 2026. The actor claims the leak contains 20,218 user records including full names, email addresses, subscription and feedback invoices, GitHub usernames and avatar…
Myconnect, a French digital temporary employment agency, is reported to have been compromised with a threat actor claiming to have exfiltrated 18GB of data including 21,106 files and 15,978 folders. Screenshots posted on a prominent hacking forum are being used to market the full database to a single buyer, and the…
A threat actor using the handle malconguerra2 posted a 217 MB compressed JSON dataset claiming to leak approximately 315,000 records from Venezuela’s School of Planning Foundation (FEVP). The exposed data reportedly contains highly sensitive personal fields including cedula (national ID), full names, dates of birth, ethnicity, family details, and address information….
KittyKatKrew claims to have breached Tricolor Holdings, a U.S.-based technology-enabled auto finance company serving underserved and credit-invisible consumers. The actor alleges the leaked file tree contains Active Directory exports, financial portfolio exports and master servicing tapes, archived legal and regulatory documents, marketing leads, internal chat logs, employee lists, and production SQL…