CIRCLE WITH A DOT

THREAT INTEL | Soprolux🟢 Actor "bravox" claims Undisclosed️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-08-soprolux-ransomware-attack-by-bravox-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

Iranian-backed MuddyWater is using Microsoft Teams to steal credentials, combining the attack with false flag ransomware to hide its espionage activities.#MuddyWater #MicrosoftTeams #CyberAttack #DataBreachhttps://verisizintisi.com/en/blog/2026-05-06-muddywater-microsoft-teams-credential-theft-false-flag

𝐂𝐨𝐥𝐨𝐫𝐚𝐝𝐨 𝐃𝐞𝐧𝐭𝐚𝐥 𝐖𝐞𝐥𝐥𝐧𝐞𝐬𝐬 𝐂𝐞𝐧𝐭𝐞𝐫 𝐋𝐢𝐬𝐭𝐞𝐝 𝐢𝐧 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐋𝐞𝐚𝐤, 𝐒𝐞𝐧𝐬𝐢𝐭𝐢𝐯𝐞 𝐌𝐞𝐝𝐢𝐜𝐚𝐥 𝐚𝐧𝐝 𝐏𝐞𝐫𝐬𝐨𝐧𝐚𝐥 𝐃𝐚𝐭𝐚 𝐈𝐧𝐯𝐨𝐥𝐯𝐞𝐝The files appear to include highly detailed personal and medical information relating to both patients and employees, current and former.https://www.suspectfile.com/colorado-dental-wellness-center-listed-in-ransomware-leak-sensitive-medical-and-personal-data-involved/#Anubis #CDWC #Colorado_Dental_Wellness_Center #Data_Breach #HIPAA #PHI #PII

#Instructure hacker claims data theft from 8,800 schools, universitieshttps://www.bleepingcomputer.com/news/security/instructure-hacker-claims-data-theft-from-8-800-schools-universities/#cybersecurity #privacy #DataBreach #education

#Vimeo #DataBreach exposes personal information of 119,000 peoplehttps://www.bleepingcomputer.com/news/security/vimeo-data-breach-exposes-personal-information-of-119-000-people/#cybersecurity #privacy

THREAT INTEL | maiadouro.pt🟢 Actor "safepay" claims Undisclosed️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-05-maiadouro-ransomware-attack-by-safepay-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

Third-party breach exposes ~120K Vimeo accounts.ShinyHunters leaked data via Anodot compromise.Emails + metadata exposed—no passwords.https://www.technadu.com/almost-120000-vimeo-accounts-exposed-in-shinyhunters-data-breach/627297/Are vendor risks under control?#Infosec #DataBreach

Hanover County Public Schools Confirms Data Breach After Attempted Ransomware AttackHanover County Public Schools confirmed a data breach after an unauthorized actor gained network access and attempted a ransomware attack in March 2026. The incident potentially exposed sensitive personal information of students and staff.****#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/hanover-county-public-schools-confirms-data-breach-following-attempted-ransomware-attack-b-1-8-u-y/gD2P6Ple2L

Instructure confirms data breach, ShinyHunters claims attackhttps://www.bleepingcomputer.com/news/security/instructure-confirms-data-breach-shinyhunters-claims-attack/Read on HackerWorkspace: https://hackerworkspace.com/article/instructure-confirms-data-breach-shinyhunters-claims-attack#databreach #cybersecurity #incidentresponse

THREAT INTEL | manateeair.com🟢 Actor "m3rx" claims UndisclosedAllegedly exposed• Customer data️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-03-manatee-air-ransomware-claim-by-m3rx-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

NEW:Yesterday, the USAO in Maryland issued a press release stating that Matthew Bathula, a clinical pharmacy specialist, had been charged with unauthorized access and ID theft involving patients at "Company A" -- a medical system in Maryland. 195 patients have been notified. If you read the DOJ presser, it alleges a lot of activities that go waaaay beyond the usual insider "snooping." A little digging revealed that "Company A" is the University of Maryland Medical Center, where Bathula was employed during the years of alleged wrongdoing. Read the presser and more at:https://databreaches.net/2026/05/02/maryland-pharmacist-indicted-on-unauthorized-computer-access-related-to-u-maryland-medical-center/#databreach #IDtheft #HIPAA #infosec #insider #healthsec

The PowerSchool data breach could set a precedent for investor liability in cybersecurity incidents. Sensitive data of millions of students and parents has been exposed. #PowerSchool #DataBreach #Cybersecurityhttps://verisizintisi.com/en/blog/2026-05-01-powerschool-data-breach-private-equity-firm-liability

Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them. Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems. I guess we'll find out soon. #EduSec #databreach #hackandleak@douglevin @funnymonkey @mkeierleber

Celebrity Private Communications Exposed in Stalkerware Database BreachA misconfigured database belonging to an individual using stalkerware exposed nearly 87,000 screenshots from a prominent celebrity's device, including private chats and sensitive documents. The breach highlights how spyware bypasses end-to-end encryption by capturing data directly from the device's screen.****#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/celebrity-private-communications-exposed-in-stalkerware-database-breach-u-y-n-m-r/gD2P6Ple2L

Vimeo Discloses Data Breach Following Supply-Chain Compromise of AnodotVimeo reports a data breach after the ShinyHunters threat group compromised its third-party analytics provider, Anodot, using stolen authentication tokens. The incident exposed customer email addresses and video metadata but did not impact core video content or payment information.****#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/vimeo-discloses-data-breach-following-supply-chain-compromise-of-anodot-7-e-e-v-g/gD2P6Ple2L

Almost one year after discovery, Sandhills Medical Foundation notifies 169,017 people affected by a cyberattackThis was an attack by INC Ransom, who dumped the data in June 2025. INC didn't tag it as an encryption invcident -- just as hack, exfil, ransom demand. So I'm not sure why it took Sandhills about a year to make notifications https://databreaches.net/2026/04/29/almost-one-year-after-discovery-sandhills-medical-foundation-notifies-169017-people-affected-by-a-cyberattack/#databreach #HIPAA #incidentresponse #INCransom #healthsec

Over 200 Japanese firms paid ransomware attackers, but 60% of them failed to recover their data. Paying the ransom is no guarantee.#Ransomware #CyberSecurity #DataBreach #Japanhttps://verisizintisi.com/en/blog/2026-04-29-japanese-firms-pay-ransom-60-percent-fail-to-recover-data

Vimeo announces a data breach affecting user information. The incident was caused by a security breach at their vendor, Anodot. Users are advised to be cautious of phishing attempts. #Vimeo #DataBreach #Anodot #CyberSecurityhttps://verisizintisi.com/en/blog/2026-04-28-vimeo-user-data-exposed-in-anodot-vendor-breach

Cybercrime is now structured and scalable.• Small access → large breaches• OAuth abuse rising• Social engineering still dominantFull roundup:https://www.technadu.com/cybersecurity-news-roundup-from-roblox-cheats-to-enterprise-breaches-small-actions-led-to-big-compromises/627052/Your take?#Infosec #Cybersecurity #ThreatIntel #DataBreach

Fidelity Brokerage Services was fined $1.25 million by a regulator due to a data breach. The fine underscores the importance of robust cybersecurity measures. #Fidelity #DataBreach #CyberSecurity #Finehttps://verisizintisi.com/en/blog/2026-04-28-fidelity-brokerage-fined-1-25m-for-data-breach