Stolichki, a major pharmacy chain in Russia, experienced a significant cyberattack that disrupted payments and access to medication reservations for patients. The attack halted operations in about 1,000 stores, with only half reopened by Wednesday. Employees were sent home, and online services, including drug reservations and loyalty programs, were disrupted. The incident is part of a surge in cyberattacks on Russian businesses, with similar attacks on Aeroflot and Novabev Group.

The high-profile hacking group Crimson Collective claimed to have breached Nintendo, allegedly gaining unauthorized access to sensitive internal data, including production assets, developer files, and backups. A screenshot shared by cybersecurity firm Hackmanac on X (Twitter) appeared to show folders containing Nintendo’s proprietary data, though the company has not yet confirmed the attack’s legitimacy. Given Crimson Collective’s prior attack on Red Hat—where they stole 570GB of data from GitHub repositories and attempted extortion—it is speculated that this breach follows a similar pattern: data theft followed by ransom demands to prevent leaks. If confirmed, the attack could compromise Nintendo’s intellectual property (IP), including unreleased game assets, internal development tools, and potentially employee or partner data exposed in backups. While no customer personal data has been reported as stolen, the leak of confidential production materials could severely impact Nintendo’s competitive edge, reputation, and legal standing, given its aggressive protection of IP. The company’s historical silence on breaches (unless legally mandated) suggests details may remain undisclosed unless regulatory or public pressure forces transparency. The incident aligns with a growing trend of gaming industry cyberattacks, following similar breaches at Rockstar, Insomniac Games, and CD Projekt Red, where source code and internal files were leaked or held for ransom.

Utsunomiya Central Clinic, a cancer treatment center in Japan, suffered a cybersecurity breach due to a ransomware attack by the Qilin gang. Services were disrupted and data of nearly 300,000 individuals, including patients and staff, was exfiltrated. Compromised information included names, birthdates, medical details, and contact information. Although Social Security numbers and financial details were not affected, exposed health information such as radiology images and medical files was confirmed. Individuals affected are being cautioned about potential fraud.

WormGPT Database Leaked: Threat Actor Exposes 19,000 Users of Malicious AI Tool A threat actor known as Sythe has claimed responsibility for leaking the full database of WormGPT, a cybercrime-focused AI platform sold on dark web forums since 2023. The breach, observed by Hackmanac, exposed sensitive data from over 19,000 users, including email addresses, user IDs, and subscription and billing metadata. Built on the GPT-J language model (developed in 2021), WormGPT was designed to bypass ethical restrictions, offering cybercriminals tools for phishing, malware development, and exploit creation. Unlike mainstream AI platforms, it includes features like unlimited character support, chat memory retention, and code formatting all tailored for malicious use. Advertised on underground forums since June 2023, the platform provided subscription-based access with specialized AI models for tasks such as business email compromise (BEC) attacks and ransomware scripting. Security researchers found WormGPT capable of generating "remarkably persuasive" phishing emails, malicious code (including ransomware and spyware), and deceptive web forms. It also supports multilingual social engineering, enabling attackers to scale operations without advanced technical skills. Former black hat hacker Daniel Kelley warned in 2023 that the tool lowers the barrier for entry, allowing even novice cybercriminals to launch sophisticated attacks rapidly. The leaked database could aid law enforcement in tracking cybercriminals but also risks retaliatory attacks or further exploitation of exposed user data. The incident underscores the growing threat of AI-powered cybercrime, as generative AI tools like WormGPT continue to evolve and expand the attack surface.