As your dedicated cybersecurity services provider, CyberOne equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 18, 2026
Information security updates and events from the past week
1.Dutch cosmetics giant Rituals is reporting a security incident that involved a breach of its loyalty club database, My Rituals.
Information exposed includes names, email addresses, phone numbers, dates of birth, gender and residential addresses, but the company emphasizes that no passwords or payment details were accessed. Although no financial information was leaked, the exposed identities were used in fraud attempts or customer-targeted phishing attacks against the company.
2.Virginia Health Services has been hit by a ransomware attack by the worldleaks Group.
The incident involves a real risk of exposing patient data and sensitive information stored on the company’s systems.
The incident resulted in disruption and disruption to the care and rehabilitation services provided by the organization to seniors in Hampton Roads.
3.The LockBit5 group has been on the rampage in the last 24 hours, claiming six new victims
The organizations currently suffering from them are Indonesian ICT provider PT Murni, Brazilian logistics company ERS Transportes, and Panamanian bank Bladex
The network and exploitation of every “open door” without a central plan. Ransomware attack paralyzes KDL library network in the US
The Kent County Library Network (KDL), which operates 20 branches in Michigan, was forced to completely shut down all operations following a ransomware attack that infiltrated the organization’s core systems.
The activity led to a complete paralysis of IT services, from digital lending systems to access to public Wi-Fi networks. This checks the depth of the penetration, with the fear of theft of personal information of thousands of subscribers and encryption of servers.
4.Hack on French government portal ANTS: Personal information of citizens exposed
The ANTS agency, the French government body responsible for issuing identity cards, passports and driver’s licenses and operating the portal ants.gouv.fr, discovered on April 15, 2026, a security event that may have involved the exposure of information of private account holders and users of the portal.
What was exposed
- Username, Full name, email address, date of birth and unique account ID
- Providing service also residential address, place of birth and phone number
- The section between account and account and not all the fields in each account
A technical investigation is underway to determine its source and scope
5.The ShinyHunters group continues its journey: cruise giant Carnival and video platform Vimeo join the list of victims
After Zara, Vercel, Udemy and ADT, the group adds two more big names to the list this week: cruise giant Carnival Corporation and video platform Vimeo.
The Carnival hack:
- The Have I Been Pwned (HIBP) service marked 7.5 million unique email addresses linked to the hack
- This is a total of 8.7 million records
- Related to the Mariner Society loyalty program of Holland America Line, a subsidiary of Carnival
- That which will be disclosed includes names, dates of birth, gender and membership details in the loyalty program
- Carni company confirmed which was a security incident but claims an account in a phishing attack against a single user and that it still gave the contract.
Vimeo hack:
- Vimeo is a video sharing platform that was acquired in 2025 by Bending Spoons for $ 1.4 billion
- The company also has a branch in Israel
- According to the group, access to Vimeo was gained through the hack of Anodot, the same Israeli company through which other companies were also hacked
https://haveibeenpwned.com/Breach/Carnival
6.The Lapsus$ hacker group has published a claim of hacking the international company Vodafone, one of the largest telecom companies in the world.
The Lapsus$ group has already claimed to hack Vodafone before, in 2022 As of this stage, Vodafone has not published an official response.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. CyberOne is here to help! Check out our services.
