cronopio🇵🇸

🚨 CYBER INTELLIGENCE ALERT: ALLEGED INSTITUTIONAL DATABASE LEAK — COLOMBIA 🇨🇴 💥 CRITICAL THREAT: THREAT ACTOR RELEASES 3GB DATASET CONTAINING OVER 200,000 RECORDS FROM THE UNIVERSITY OF MAGDALENA [STATUS: THREAT UNDER INVESTIGATION / UNVERIFIED // EDUCATION SECTOR] A threat actor using the alias "alecc157," operating on behalf of the cybercrime group "Sociedad Privada 157," has announced the release of a massive database belonging to the University of Magdalena (Unimagdalena). The exposed dataset is 3 GB in size and distributed in structured .json, .csv, and .xls formats; it allegedly consolidates academic, financial, and personal information regarding more than 200,000 students and alumni. 🏢 Affected Entity: University of Magdalena (Unimagdalena - https://t.co/QbCm3wVhfK - Santa Marta, Colombia). 👤 Threat Actor: alecc157 / Sociedad Privada 157 (With acknowledgments in the manifesto to cells such as Marssepe, Alz_157s, Naxiel z, Grifo157, Zion157, and Alice157). ⚔️ Potential Attack Vector: Mass data extraction via advanced automated scraping techniques or API abuse targeting student inquiry portals (specifically the internal AyRE module—Admissions, Registration, and Academic Control), as evidenced by exposed internal control metadata. 🔍 Verification Status: SUSPECTED / UNVERIFIED. This alert is issued pending further review and auditing by CTI analysts to determine whether the dataset stems from a recent intrusion (2026) or represents a historical consolidation of public data. The sample structure was indexed on underground forums on June 16, 2026. ⚠️ CRITICAL RISK ANALYSIS AND EXPOSED FIELDS Technical analysis of the JSON object exposed as a sample reveals a highly intrusive level of detail that compromises the privacy of the university community: 👤 Personally Identifiable and Medical Information (PII): The dataset collects Student IDs, full names, dates of birth, exact age, institutional profile photos, phone numbers, home addresses, socioeconomic stratum, and blood type. 📉 Financial and School Tuition History: Unusually, the sample details the tuition amounts paid by the student during their schooling, along with the name of their previous school. This allows malicious actors to deduce the exact economic capacity and socioeconomic profile of the student or their guardians. 🎓 Registration System Metadata (AyRE): The sample exposes exact command variables from Unimagdalena’s internal academic administration system (student records/dashboards, grades, schedule modifications, CVs, and the 'w' command for selecting student email). This demonstrates that the attacker mapped or cloned the operational logic of the admissions database. 📞 Social Engineering and Targeted Fraud: By including the names of guardians, phone numbers, precise home addresses, and information on whether full standard tuition was paid, local scam rings obtain the perfect raw material for telephone extortion, impersonation schemes involving fake tuition collection, or institutional phishing attacks. 🛡️ TECHNICAL RECOMMENDATIONS AND PREVENTIVE MITIGATION 🛑 Perimeter Blocking and Link Deactivation (Immediate Action): The IT and digital security team at the University of Magdalena is urged to coordinate with the Gofile platform for the immediate takedown of the "1513ZM" download link to mitigate the spread of the 3GB file. 🔄 Comprehensive Audit of the AyRE API: Prioritize the review of access logs for the servers managing the Admissions and Registration system (AyRE), looking for unusual bursts of requests, automated mass queries of student IDs, or unauthorized persistent sessions originating from external IP addresses. 📊 MONITORING AND EVALUATION Intelligence System: https://t.co/wk9bZJ2Nli Quickly assess your website's security at: https://t.co/QZhWp0kFrO #CyberSecurity #Colombia #Unimagdalena #SantaMarta #DataLeak #DarkForums #IdentityTheft #StudentData #AyRE #ThreatIntelligence #CyberAlert #VECERT #Infosec #UnverifiedBreach

Este sábado, el periodista Cristian Herrera, quien actualmente trabajaba para la Alcaldía de Cúcuta y como independiente, pero que hizo casi toda su carrera en el diario La Opinión, fue asesinado en esa ciudad por sicarios en moto en la capital de Norte de Santander. Según las primeras versiones, al comunicador le propinaron al menos seis disparos cuando descendía de su vehículo frente a una vivienda de su familia. Aunque alcanzó a ser trasladado a un centro médico, ya llegó sin signos vitales. Según versiones de colegas cercanos al comunicador, hasta el día de hoy persistían las amenazas que desde los tiempos de su labor investigativa en La Opinión le hacían diferentes actores armados.

⚠️ New "IronWorm" supply-chain attack: 30+ npm packages from @ asteroiddao shipped a malicious Rust binary firing on preinstall. It sweeps 86 env vars + 20 credential files (AWS, GCP, Vault, npm, plus AI keys like Anthropic & OpenAI), hits Exodus wallets, hides behind an eBPF rootkit, and beacons over Tor. Self-propagates via npm Trusted Publishing OIDC, with backdated commits faked as claude/dependabot/renovate.

🚨🇨🇴 A threat actor known as DozerMx is distributing a dataset allegedly scraped from the Bogotá Secretary of Education (SED) in Colombia. The actor claims data from 20 institutions is exposed, covering 27,406 students, 1,183 teachers, and 42 campuses, broken down per institution into student records, teacher records, guidance details, and campus information. Claim is unverified. 💥 Stop guessing what's redacted. Paid subscribers see everything: https://t.co/281Qjc6p2J

❗️ Over 30 official Red Hat npm packages were compromised. How they got in: - A Red Hat employee's GitHub account was compromised. - Attackers pushed "orphan commits" (detached from branch history) straight in, bypassing code review with no pull request. - Payload "Miasma" (Mini Shai-Hulud variant) steals GitHub/cloud/Vault/SSH/npm secrets. Rotate everything since June 1. - The commits added a workflow (ci.yaml) + script (_index.js) that abused npm trusted publishing, requesting a real OIDC token to publish backdoored versions.

El llamado conteo transmitido no tiene fuerza vinculante. sus datos no son norma pública. Como presidente no acepto los resultados del preconteo de la firma privada de los hermanos Bautista, porque debiendo estar quietos los algoritmos del software de conteo y escrutinios, en la última semana fueron variados en tres oportunidades y agregaron 800.000 cédulas más de personas que no están en el censo oficial presentado. Hay dos censos en este momento, el oficial y el del software de los hermanos Bautista que tiene 800.000 personas adicionales. Las mesas ya impugnadas demuestran que centenares de miles de votos fueron agregados.s8n existencia de sufragantes. Por tanto y conforme a la ley, los resultados vinculantes que el presidente atenderá y aceptará son los de las comisiones escrutadoras dirigidas por los jueces de la República.

🚨 CYBER INTELLIGENCE ALERT: POTENTIAL CRITICAL DATA BREACH - NATIONAL ELECTORAL COUNCIL (CNE) OF 🇨🇴 COLOMBIA ⚠️ STATUS: UNDER INVESTIGATION; LIMITED REPORT, SAMPLES VIEWED A cyber incursion against the National Electoral Council (CNE) of Colombia has been identified, perpetrated by the actor identified as Hydr0gen, under the banner of the EsqueleSquad collective. 📋 INCIDENT SUMMARY Access Vector: The actors claim to have gained direct access to the CNE's servers, extracting classified material that compromises the institution's confidentiality. Scope of Exfiltrated Information: The group claims to possess: Confidential internal documents, including audit reports and formal complaints regarding irregularities in the electoral process. Sensitive correspondence between CNE officials and campaign teams. Financial records from the 2026 campaigns, including donor lists, money transfers, and significant financial discrepancies. Evidence: The group has shared screenshots showing CNE administrative management interfaces and detailed campaign income and expenditure forms, along with an external link to verify the data's legitimacy. 🛡️ SECURITY RECOMMENDATIONS Given the seriousness of this breach, the competent authorities and the public are urged to consider the following measures: Immediate Containment: The CNE must conduct an urgent forensic audit to close the access vector, revoke compromised access, and secure the affected endpoints. Information Verification: Electoral entities and oversight bodies must issue official statements to verify or refute the authenticity of the leaked documents and prevent the spread of misinformation. ⚡Strategic Monitoring Tools Intelligence Platform: https://t.co/wk9bZJ2Nli Security Verification: https://t.co/5LuqwzYuS6 #CyberSecurity #DataBreach #Colombia #CNE #ThreatIntelligence #EsqueleSquad #IncidentResponse #Infosec #CiberSeguridad