SecureFact – May 4, 2026
Cloud platforms, ransomware groups, retailers, and global service providers face major cyber incidents exposing millions of records and critical infrastructure risks.
Vercel confirms breach as hackers claim stolen data sale
Cloud development platform Vercel confirmed unauthorized access to internal systems after attackers compromised a third-party AI tool integration. Threat actors claiming to be ShinyHunters alleged theft of API keys, source code, internal deployments, and employee records. Vercel engaged incident response experts, notified law enforcement, and advised customers to rotate sensitive credentials.
(Source: Read full report)
Payouts King ransomware uses QEMU virtual machines to bypass endpoint security
Researchers uncovered a ransomware campaign using hidden QEMU virtual machines to evade endpoint detection and maintain covert access within compromised environments. Attackers leveraged exposed VPN services, scheduled tasks, and reverse SSH tunnels to deploy ransomware and exfiltrate sensitive data while bypassing traditional security monitoring.
(Source: Read full report)
Grinex exchange blames Western intelligence for $13.7M crypto hack
Cryptocurrency exchange Grinex suspended operations after suffering a $13.7 million cyberattack impacting digital asset wallets. The company controversially attributed the incident to Western intelligence agencies, while blockchain analysts linked the breach to laundering operations and coordinated crypto theft campaigns targeting Russian-linked exchanges.
(Source: Read full report)
McGraw-Hill confirms data breach following extortion threat
Education company McGraw-Hill confirmed a breach tied to a Salesforce misconfiguration after the ShinyHunters extortion group threatened to leak stolen data. Exposed records reportedly included names, addresses, phone numbers, and email information linked to millions of users, though the company stated no student or financial data was compromised.
(Source: Read full report)
European gym giant Basic-Fit breach impacts 1 million members
Fitness chain Basic-Fit disclosed a cyberattack affecting nearly one million members across multiple European countries. Exposed information included names, contact details, dates of birth, and bank account information. The company stated the breach was detected quickly and contained with help from external security experts.
(Source: Read full report)
Rockstar Games analytics data leaked by extortion gang
Rockstar Games confirmed a third-party data breach after the ShinyHunters extortion group leaked internal analytics information allegedly stolen through compromised cloud integrations. The exposed datasets reportedly included player analytics, support metrics, fraud detection testing data, and operational insights tied to online gaming services.
(Source: Read full report)
Booking.com data breach forces reservation PIN resets
Booking.com forced reservation PIN resets after unauthorized access exposed customer booking information including names, contact details, and reservation communications. The company warned users about phishing attempts and suspicious messages while continuing investigations into the breach activity.
(Source: Read full report)