Been there... many times! 😂

❗️Qilin Ransomware claims 6 victims 🇪🇸 Gaviota 🇺🇸 Trivector Services 🇺🇸 Anteriad 🇰🇷 Telstar-Hommel 🇮🇹 The Cressi 🇲🇾 PTS Goldkist Industries Sdn Bhd

🚨 Threat actor dumps stolen source code allegedly belonging to Rucha Engineers Pvt. Ltd., an Indian automotive engineering and manufacturing partner. 📌 India 🇮🇳 ▪️ Company: Rucha Engineers Pvt. Ltd. ▪️ Industry: Automotive Manufacturing / Industrial Engineering ▪️ Type: Source Code Leak ▪️ Threat Actor: 888 ▪️ Samples: Yes Company Overview: Rucha Engineers specializes in mass-production engineering, automation systems, and industrial solutions. The company supplies or partners with major automotive brands including Audi, Fiat, Nissan, Skoda, and Volkswagen India.

❗️🇺🇸 Pennsylvania vet clinic knocked offline by cyberattack

Lancaster County veterinary clinic hit in cyberattack | fox43.com

"We are currently experiencing a cyberattack that has impacted access to our medical records, including vaccine and medication histories," the clinic said. "At this time, we are unable to retrieve or update any patient records."

🚨 CISA adds two vulnerabilities to the KEV Catalog

CISA KEV Catalog

CVE-2009-0556: Microsoft Office PowerPoint Code Injection Vulnerability CVSS: 9.3 CVE-2025-37164: Hewlett Packard Enterprise OneView Code Injection Vulnerability CVSS: 10

🚨 Threat actor claims data breach impacting OpenLoopHealth, exposing over 1.6 million U.S. patient records. 📌 United States 🇺🇸 ▪️Organization: OpenLoopHealth ▪️Industry: Digital Health / Telehealth ▪️Type: Data Sale ▪️Threat Actor: stuckin2019 ▪️Records: 1.6M+ patient files ▪️Samples: Yes Overview: OpenLoopHealth is a U.S. digital health infrastructure provider supporting clinics with clinical, technical, and regulatory systems for virtual-care operations. The threat actor claims to have exfiltrated extensive patient-level PII and medical data. Allegedly Exposed Data Includes: Sample Set 1: ▪️ Full Names ▪️ Email Addresses ▪️ Phone Numbers ▪️ Home Addresses ▪️ Dates of Birth ▪️ Body Stats (Weight, Height) ▪️ Medical Information ▪️ Biometric Data ▪️ More unspecified PHI Sample Set 2: ▪️ Full Names ▪️ Addresses ▪️ Email Addresses ▪️ Phone Numbers ▪️ IP Addresses ▪️ Prescription Information ▪️ FedEx Tracking Numbers ▪️ Additional metadata

OpenAEV: An open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. GitHub:

GitHub

GitHub - OpenAEV-Platform/openaev: Open Adversarial Exposure Validation Platform

Open Adversarial Exposure Validation Platform. Contribute to OpenAEV-Platform/openaev development by creating an account on GitHub.

𝐂𝐨𝐦𝐦𝐮𝐧𝐢𝐭𝐲 𝐍𝐨𝐭𝐞: CryptoPostage[.]info may be exit scamming. Signups and logins are no longer working. CryptoPostage allows you to buy USPS, UPS, or FedEx postage with bitcoin and other cryptocurrencies. Cryptostamps, SpeedyPostage, and AltCoinPostage are some alternatives. Dread: https://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad[.]onion/post/a2ec8b19ffe1ce850828

🚨 LAPSUS$ GROUP claims to have leaked a large database allegedly belonging to Loozap.com, Africa’s online classifieds platform. 📌 South Africa 🇿🇦 ▪️ Website: loozap.com ▪️ Industry: Classifieds / E-commerce / Marketplace ▪️ Type: Data Leak ▪️ Threat Actor: LAPSUS$ GROUP ▪️ Records: ~10GB (uncompressed) ▪️ Format: .RAR dump Allegedly included data: ▪️ Full names ▪️ Emails ▪️ Phone numbers ▪️ Wallet details ▪️ Payment data ▪️ First & last names ▪️ Addresses ▪️ School information ▪️ Dates of birth ▪️ Additional user metadata & profile fields Additional notes: ▪️ Actor claims 7,000 different African IP ranges in the dump

Touching grass > touching Windows.