Distinctive Systems Ltd, a UK provider of management software for the coach, bus, and tour industry supporting over 2,600 systems globally, was listed by the INC Ransom group on January 29, 2026 after the actor claimed to have compromised the company. The group says it exfiltrated a wide range of sensitive…
Category: Cyber Attack
The Sinobi ransomware group claims to have breached LeMatic, a Jackson, Michigan–based leader in automated baking technology (maker of AutoOp® and AutoEye®), and has listed the company on its dark web leak site. Screenshots posted by the actor indicate deep access to LeMatic’s virtualization environment — identifying VMware ESXi hosts esx2.lematic.domain…
Reseau.Site (RS), a French e-commerce platform and business service provider, is alleged to have been compromised after a database containing information on over 73,000 clients was leaked online. The January 2026 exposure includes approximately 30,000 unique email addresses and sensitive customer records, increasing the risk of targeted phishing and identity theft…
A threat actor using the handle “Sorb” claims to have exfiltrated the full MySQL database from French IT services platform reseau.site and posted proof on BreachForums on January 28, 2026. The alleged 184 MB dataset reportedly contains over 24,000 unique email addresses, 65,000+ phone numbers, 29,000+ mobile numbers, full names, physical…
The Sinobi ransomware group claims responsibility for breaching multiple organizations and has listed several victims on its dark web leak site. Reportedly compromised data includes Active Directory dumps with user credentials, proof packs of internal documents and client records, and proprietary files encrypted by the group. #Sinobi #ActiveDirectory…
The Federal Mortgage Society (Sociedad Hipotecaria Federal) was hit by a ransomware attack that suspended appraisal procedures and may have exposed sensitive information. Databases and organizational records are encrypted, and local IT leaders estimate a potential ransom of 100 to 300 million pesos. #SociedadHipotecariaFederal #SHF
Sanxenxo City Council suffered a ransomware attack that encrypted thousands of administrative documents. The attackers demanded a $5,000 payment in bitcoin, but the council refused to pay, filed a complaint with the Guardia Civil, and expects to restore systems within hours using daily backups. #SanxenxoCityCouncil #GuardiaCivil
0APT Group Breaches Metropolis, Apex, TechnoSoft, GreenValley, Sunrise, Rapid Food, Dr. Smith, Orion
The 0APT group claims to have breached multiple organizations across government, logistics, IT services, education, manufacturing, food distribution, healthcare, and legal sectors. The actor alleges theft of extensive data including PII (SSNs, driver passports, admin emails), financial records, source code and API keys, blueprints and R&D schematics, and sensitive records like…
A threat actor operating as “Saturned33” is auctioning unauthorized RDP and shell access to an unidentified Spain-based business services organization on the Exploit forum. The listing claims Domain Admin and SYSTEM privileges across more than 20 hosts, disabled Windows Defender, access to over 5TB of internal data and two NAS devices,…
A threat actor using the handle markopollo is auctioning unauthorized CMS administrator access to an unidentified New Zealand e-commerce store on the Exploit forum. The listing claims admin-level CMS access and a deployed payment redirection intercepting Afterpay, internet banking, and credit card payments, with 4,400 total orders (Oct 1, 2025–Jan 27,…
A cybersecurity incident hit the BMW dealership Gady in Austria, disrupting its business operations. The incident is under investigation and affected systems remain temporarily unavailable. #BMWGady #gady_at
Axtria, a global cloud software and data analytics provider, reportedly suffered a January 2026 breach with proprietary source code published to the DarkForums hacking community. Leaked repositories appear to include the SalesIQ platform, generative AI/copilot assets, infrastructure and DevOps configurations, and backend database schemas and code. #Axtria #SalesIQ…
Zebra Technologies has allegedly been breached, with a threat actor on a popular breach forum claiming responsibility for the theft of extensive internal assets in January 2026. Leaked material reportedly includes source code for core products and acquisitions (Profitect, Antuit), SQL and configuration files, Terraform definitions, API tokens, and client-specific directories…
zHealthEHR, a cloud-based EHR and practice management platform for chiropractors and wellness providers, has allegedly been breached with a threat actor claiming to have exfiltrated 15 GB containing over 1.2 million records. The actor is demanding $500,000 with a February 17, 2026 deadline, and the exposed data reportedly includes full names,…
Today’s Information was targeted in a hacker attack on 27 January 2026, but its defensive measures prevented any personal or confidential data from being leaked and kept operational impact minimal. The company is continuing to reinforce the security of its information systems. #TodaysInformation #PTTech