🔪 Slice For Life - Part 2 🔪
‼️ Possible ShinyHunters clearnet domain seizure as of about 7 hours ago detected by my FBI Watchdog script. Site is currently down.
Looks like the domain was indeed suspended by the registrar as of now. I will follow up if anything more comes of it. The Pay or Leak portal is still online.
❤1
‼️ New Dark Web Informer Blog Post!
Title: Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution
Link: https://darkwebinformer.com/mansoura-university-allegedly-leaked-exposing-731-contact-records-from-the-egyptian-academic-institution/
Title: Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution
Link: https://darkwebinformer.com/mansoura-university-allegedly-leaked-exposing-731-contact-records-from-the-egyptian-academic-institution/
Dark Web Informer
Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution
Google's Threat Intelligence Group has documented what it describes as the first confirmed instance of threat actors leveraging artificial intelligence to engineer a zero-day exploit, marking a significant escalation in how AI is being weaponized for cyberattacks. The exploit successfully circumvented multi-factor authentication protections in a web-based administrative tool.
https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access?e=48754805
According to the report, attackers used AI systems to assist in discovering and developing the exploit code targeting a previously unknown vulnerability. The bypass allowed unauthorized access to administrative interfaces despite MFA being enabled, undermining one of the most widely recommended security controls for protecting privileged accounts.
This finding represents a notable shift in the threat landscape. While security researchers and defenders have warned for years that generative AI could lower the barrier to producing sophisticated malware, most documented cases until now have involved AI being used for phishing content, social engineering scripts, or refinement of existing malicious code rather than original vulnerability research and exploit development.
The report underscores growing concerns that AI tools are accelerating the offensive capabilities of threat actors, potentially compressing the timeline between vulnerability discovery and weaponization. Organizations relying on MFA as a primary defense layer may need to revisit their security architecture, layering in additional controls such as phishing-resistant authentication methods, behavioral analytics, and stricter access policies for administrative tools.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access?e=48754805
According to the report, attackers used AI systems to assist in discovering and developing the exploit code targeting a previously unknown vulnerability. The bypass allowed unauthorized access to administrative interfaces despite MFA being enabled, undermining one of the most widely recommended security controls for protecting privileged accounts.
This finding represents a notable shift in the threat landscape. While security researchers and defenders have warned for years that generative AI could lower the barrier to producing sophisticated malware, most documented cases until now have involved AI being used for phishing content, social engineering scripts, or refinement of existing malicious code rather than original vulnerability research and exploit development.
The report underscores growing concerns that AI tools are accelerating the offensive capabilities of threat actors, potentially compressing the timeline between vulnerability discovery and weaponization. Organizations relying on MFA as a primary defense layer may need to revisit their security architecture, layering in additional controls such as phishing-resistant authentication methods, behavioral analytics, and stricter access policies for administrative tools.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Google Cloud Blog
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog
Explore GTIG's 2026 report on how adversaries leverage AI for zero-day exploits, autonomous malware, and industrial-scale cyber operations.
❤1🔥1
‼️ New Dark Web Informer Blog Post!
Title: Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit
Link: https://darkwebinformer.com/google-threat-intelligence-group-reports-first-known-ai-developed-zero-day-exploit/
Title: Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit
Link: https://darkwebinformer.com/google-threat-intelligence-group-reports-first-known-ai-developed-zero-day-exploit/
Dark Web Informer
Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit
Google's Threat Intelligence Group has documented what it describes as the first confirmed instance of threat actors leveraging artificial intelligence to engineer a zero-day exploit, marking a significant escalation in how AI is being weaponized for cyberattacks.
❤1
‼️🇲🇽 InterLAB allegedly breached exposing data from 30 Mexican laboratories via compromised server
A threat actor claims to have compromised a server belonging to InterLAB (interlab.mx, also known as biosystem.mx), a Mexican clinical laboratory software provider, and exfiltrated data from 30 affiliated laboratories. The actor states they attempted to negotiate a deal with the company, were refused, and are now releasing the data for free. The leak contains patient records, billing data, and clinical test results captured through the platform's "Modificar Paciente" and "Captura de resultados" interfaces. Each folder in the dump corresponds to a separate laboratory, with company information stored in a datosempresa.csv file inside each.
Post details:
▸ Actor(s): Alameda_slim
▸ Sector: Healthcare / Clinical Laboratories
▸ Type: Data Breach / Server Compromise
▸ Format: CSV (multiple folders, one per lab)
▸ Price: Free
▸ Records: Data from 30 laboratories
▸ Country: Mexico
▸ Date: 11/05/2026
Compromised data:
▪️ Patient ID (Clave)
▪️ Patient name (Nombre)
▪️ Patient ID number (Cedula Pac.)
▪️ Date of birth (Fecha de Nac)
▪️ Age (Edad)
▪️ Sex (Sexo)
▪️ Blood type (Tipo Sanguineo)
▪️ Classification (Clasificación)
▪️ Credit days and credit amount (Dias Credito, Credito)
▪️ Home phone (Tel. Casa)
▪️ Mobile phone (Celular)
▪️ Address (Direccion)
▪️ Email address (E-Mail)
▪️ Access key and password (Clave de acceso, Contraseña) stored in plaintext
▪️ Family risk and medical conditions (Riesgo Familiar, Padecimientos)
▪️ Observations (Observaciones)
▪️ Billing data (RFC, Nombre, Pais, Estado, Municipio, Calle, No Exterior, No Interior, Colonia, Reg. Fiscal, Localidad, CP, Referencia)
▪️ Clinical test results including general urine exam (EGO), physical exam (color, aspect, volume), chemical exam (density, pH, proteins, glucose, ketones, hemoglobin, bilirubin, urobilinogen, leukocyte esterase, nitrites), and microscopic observation (leukocytes)
▪️ Folio number, test date, and signature field per result
▪️ Company/laboratory metadata stored in datosempresa.csv per lab
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have compromised a server belonging to InterLAB (interlab.mx, also known as biosystem.mx), a Mexican clinical laboratory software provider, and exfiltrated data from 30 affiliated laboratories. The actor states they attempted to negotiate a deal with the company, were refused, and are now releasing the data for free. The leak contains patient records, billing data, and clinical test results captured through the platform's "Modificar Paciente" and "Captura de resultados" interfaces. Each folder in the dump corresponds to a separate laboratory, with company information stored in a datosempresa.csv file inside each.
Post details:
▸ Actor(s): Alameda_slim
▸ Sector: Healthcare / Clinical Laboratories
▸ Type: Data Breach / Server Compromise
▸ Format: CSV (multiple folders, one per lab)
▸ Price: Free
▸ Records: Data from 30 laboratories
▸ Country: Mexico
▸ Date: 11/05/2026
Compromised data:
▪️ Patient ID (Clave)
▪️ Patient name (Nombre)
▪️ Patient ID number (Cedula Pac.)
▪️ Date of birth (Fecha de Nac)
▪️ Age (Edad)
▪️ Sex (Sexo)
▪️ Blood type (Tipo Sanguineo)
▪️ Classification (Clasificación)
▪️ Credit days and credit amount (Dias Credito, Credito)
▪️ Home phone (Tel. Casa)
▪️ Mobile phone (Celular)
▪️ Address (Direccion)
▪️ Email address (E-Mail)
▪️ Access key and password (Clave de acceso, Contraseña) stored in plaintext
▪️ Family risk and medical conditions (Riesgo Familiar, Padecimientos)
▪️ Observations (Observaciones)
▪️ Billing data (RFC, Nombre, Pais, Estado, Municipio, Calle, No Exterior, No Interior, Colonia, Reg. Fiscal, Localidad, CP, Referencia)
▪️ Clinical test results including general urine exam (EGO), physical exam (color, aspect, volume), chemical exam (density, pH, proteins, glucose, ketones, hemoglobin, bilirubin, urobilinogen, leukocyte esterase, nitrites), and microscopic observation (leukocytes)
▪️ Folio number, test date, and signature field per result
▪️ Company/laboratory metadata stored in datosempresa.csv per lab
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Heberger
Domain:
Country: 🇩🇪 DE
Date: May 7th, 2026
Summary:
L'entreprise de construction Heberger, basée à Schifferstadt, a été victime d'une cyberattaque la semaine dernière. L'incident, confirmé par une porte-parole de l'entreprise, aurait eu lieu le jeudi 7 mai tôt le matin. Malgré des normes élevées en matière de sécurité informatique, l'entreprise a été touchée par cette intrusion.
Source: https://www.rheinpfalz.de/lokal/ludwigshafen_artikel,-cyberangriff-auf-baufirma-heberger-_arid,5889199.html
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Heberger
Domain:
heberger.comCountry: 🇩🇪 DE
Date: May 7th, 2026
Summary:
L'entreprise de construction Heberger, basée à Schifferstadt, a été victime d'une cyberattaque la semaine dernière. L'incident, confirmé par une porte-parole de l'entreprise, aurait eu lieu le jeudi 7 mai tôt le matin. Malgré des normes élevées en matière de sécurité informatique, l'entreprise a été touchée par cette intrusion.
Source: https://www.rheinpfalz.de/lokal/ludwigshafen_artikel,-cyberangriff-auf-baufirma-heberger-_arid,5889199.html
DIE RHEINPFALZ
Cyberangriff auf Baufirma Heberger
Bereits vergangene Woche hat es einen Cyberangriff auf das Schifferstadter Bauunternehmen Heberger gegeben.
‼️🇻🇪 familybox.store allegedly breached exposing 1,100,000 PII records from the Venezuelan online supermarket
A threat actor is selling 1,100,000 rows of PII data allegedly obtained from familybox.store, an online supermarket designed for people living anywhere in the world to buy and send goods to people living inside Venezuela. The platform allows users worldwide to send food, personal care, and household items to Venezuela, and is described as the official online store of the TEALCA Group, a Venezuelan logistics company with over 40 years of experience. The actor provided a proof sample consisting of 1 CSV and 1 JPG.
Post details:
▸ Actor(s): BigBrother
▸ Sector: E-Commerce / Online Supermarket / Logistics
▸ Type: Data Sale
▸ Format: CSV
▸ Price: Not disclosed (selling)
▸ Records: 1,100,000
▸ Country: Venezuela
▸ Date: 11/05/2026
Compromised data:
▪️ Customer ID
▪️ Customer full name
▪️ Customer email
▪️ Customer phone
▪️ Customer address
▪️ Customer city
▪️ Customer state
▪️ Customer neighborhood
▪️ Subtotal (VES)
▪️ Tax (VES)
▪️ Total amount (VES)
▪️ Exchange rate
▪️ Total amount (USD)
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is selling 1,100,000 rows of PII data allegedly obtained from familybox.store, an online supermarket designed for people living anywhere in the world to buy and send goods to people living inside Venezuela. The platform allows users worldwide to send food, personal care, and household items to Venezuela, and is described as the official online store of the TEALCA Group, a Venezuelan logistics company with over 40 years of experience. The actor provided a proof sample consisting of 1 CSV and 1 JPG.
Post details:
▸ Actor(s): BigBrother
▸ Sector: E-Commerce / Online Supermarket / Logistics
▸ Type: Data Sale
▸ Format: CSV
▸ Price: Not disclosed (selling)
▸ Records: 1,100,000
▸ Country: Venezuela
▸ Date: 11/05/2026
Compromised data:
▪️ Customer ID
▪️ Customer full name
▪️ Customer email
▪️ Customer phone
▪️ Customer address
▪️ Customer city
▪️ Customer state
▪️ Customer neighborhood
▪️ Subtotal (VES)
▪️ Tax (VES)
▪️ Total amount (VES)
▪️ Exchange rate
▪️ Total amount (USD)
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Notin
Domain:
Country: 🇪🇸 ES
Date: May 10th, 2026
Claimed by: Everest ransomware gang
Summary:
Le fournisseur de services informatiques Notin.es a été victime d'une nouvelle attaque par rançongiciel, cette fois menée par le groupe Crypto24 utilisant le ransomware de Lockbit 5.0. Cette cyberattaque a affecté au moins quinze offices notariaux en Espagne, entraînant l'interruption de leurs services et de leur messagerie électronique.
Source: https://www.escudodigital.com/ciberseguridad/notin-proveeedor-ti-notarias-ataque-ransomware.html
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Notin
Domain:
notin.esCountry: 🇪🇸 ES
Date: May 10th, 2026
Claimed by: Everest ransomware gang
Summary:
Le fournisseur de services informatiques Notin.es a été victime d'une nouvelle attaque par rançongiciel, cette fois menée par le groupe Crypto24 utilisant le ransomware de Lockbit 5.0. Cette cyberattaque a affecté au moins quinze offices notariaux en Espagne, entraînant l'interruption de leurs services et de leur messagerie électronique.
Source: https://www.escudodigital.com/ciberseguridad/notin-proveeedor-ti-notarias-ataque-ransomware.html
I pushed a fix to the threat feed that was causing searches to not show that the data was actually loading, even though it was eventually showing results. You may need to hard refresh the page: CTRL+SHIFT+R.
❤1
🔪 Slice For Life - Part 2 🔪
Cyberattack News Alert ━━━━━━━━━━━━━━━━━━━━━━━━━ Victim: Notin Domain: notin.es Country: 🇪🇸 ES Date: May 10th, 2026 Claimed by: Everest ransomware gang Summary: Le fournisseur de services informatiques Notin.es a été victime d'une nouvelle attaque…
I still have no idea why this is not translating to english
❤1
‼️🇨🇴 Emergia Contact Center allegedly breached exposing 12 TB of data from the Colombian/Spanish BPO and 75 client companies
A threat actor, in collaboration with NyxarGroup, claims to have exfiltrated approximately 12 TB of data from Emergia Contact Center and Conalcréditos (a debt collection unit), as well as PLUS CONTACTO SERVICIOS INTEGRALES SL, operated by Albert Ollé, described as one of Spain's wealthiest businessmen.
The actor states the intrusion began by exploiting vulnerabilities in the perimeter through an obsolete Cisco ASA, pivoted into the Fortinet topology connecting Spain (Gran Canaria, Madrid, Córdoba, Catalonia) with Colombia (Bogotá, Medellín, Manizales/Pensilvania, Malambo, Davivienda), and escalated via a public Active Directory password reset portal to gain full control of corporate email (emergiacc) and the GSuite directory.
The actor maintained access until April 7 over two months of active intrusion, claims credentials were never rotated, and is selling the 12 TB dump for $3,000. The actor also alleges the leak originated from an internal source, ****************, formerly of the customer security department, and names CISO ****************, ****************, and **************** as having manipulated the incident narrative.
Post details:
▸ Actor(s): Petro_Escobar (in collaboration with NyxarGroup)
▸ Sector: BPO / Contact Center / Debt Collection
▸ Type: Data Breach / Data Sale
▸ Format: Shared resources, PST files, SFTP files, full backups
▸ Price: $3,000
▸ Records: ~12 TB across 75 compromised clients
▸ Country: Colombia / Spain
▸ Date: 11/05/2026
Compromised data:
▪️ Approximately 12 TB exfiltrated over two months of active intrusion
▪️ Shared internal resources from Emergia infrastructure
▪️ PST email archives
▪️ SFTP file transfers
▪️ Full system backups
▪️ Corporate email accounts (emergiacc)
▪️ GSuite user directory
▪️ Active Directory credentials and Kerberos data
▪️ Cisco ASA and Fortinet VPN configurations spanning Spain and Colombia
▪️ Data from 75 affiliated client companies across multiple sectors
▪️ Spanish services clients
▪️ Conalcreditos clients
▪️ Emergia CC SL clients
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor, in collaboration with NyxarGroup, claims to have exfiltrated approximately 12 TB of data from Emergia Contact Center and Conalcréditos (a debt collection unit), as well as PLUS CONTACTO SERVICIOS INTEGRALES SL, operated by Albert Ollé, described as one of Spain's wealthiest businessmen.
The actor states the intrusion began by exploiting vulnerabilities in the perimeter through an obsolete Cisco ASA, pivoted into the Fortinet topology connecting Spain (Gran Canaria, Madrid, Córdoba, Catalonia) with Colombia (Bogotá, Medellín, Manizales/Pensilvania, Malambo, Davivienda), and escalated via a public Active Directory password reset portal to gain full control of corporate email (emergiacc) and the GSuite directory.
The actor maintained access until April 7 over two months of active intrusion, claims credentials were never rotated, and is selling the 12 TB dump for $3,000. The actor also alleges the leak originated from an internal source, ****************, formerly of the customer security department, and names CISO ****************, ****************, and **************** as having manipulated the incident narrative.
Post details:
▸ Actor(s): Petro_Escobar (in collaboration with NyxarGroup)
▸ Sector: BPO / Contact Center / Debt Collection
▸ Type: Data Breach / Data Sale
▸ Format: Shared resources, PST files, SFTP files, full backups
▸ Price: $3,000
▸ Records: ~12 TB across 75 compromised clients
▸ Country: Colombia / Spain
▸ Date: 11/05/2026
Compromised data:
▪️ Approximately 12 TB exfiltrated over two months of active intrusion
▪️ Shared internal resources from Emergia infrastructure
▪️ PST email archives
▪️ SFTP file transfers
▪️ Full system backups
▪️ Corporate email accounts (emergiacc)
▪️ GSuite user directory
▪️ Active Directory credentials and Kerberos data
▪️ Cisco ASA and Fortinet VPN configurations spanning Spain and Colombia
▪️ Data from 75 affiliated client companies across multiple sectors
▪️ Spanish services clients
▪️ Conalcreditos clients
▪️ Emergia CC SL clients
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇺🇸 Qilin Ransomware Claims Keller Williams Real Estate - Exton County as a Victim
No samples.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
No samples.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: SAWTAD Allegedly Leaked Exposing 2,211 Files (2.19 GB) of SAW Sensor Diaper Tech R&D and SPMet Metrology Archive
Link: https://darkwebinformer.com/sawtad-allegedly-leaked-exposing-2-211-files-2-19-gb-of-saw-sensor-diaper-tech-r-d-and-spmet-metrology-archive/
Title: SAWTAD Allegedly Leaked Exposing 2,211 Files (2.19 GB) of SAW Sensor Diaper Tech R&D and SPMet Metrology Archive
Link: https://darkwebinformer.com/sawtad-allegedly-leaked-exposing-2-211-files-2-19-gb-of-saw-sensor-diaper-tech-r-d-and-spmet-metrology-archive/
Dark Web Informer
SAWTAD Allegedly Leaked Exposing 2,211 Files (2.19 GB) of SAW Sensor Diaper Tech R&D and SPMet Metrology Archive
A threat actor is selling a full archive described as one of the deepest technical leaks in the field of Surface Acoustic Wave (SAW) sensors and their application in smart diapers (Smart Diaper / Wetness Sensing).
‼️ CB FINANCIAL SERVICES, INC. has filed form 8-k due to a cybersecurity incident
https://www.stocktitan.net/sec-filings/CBFV/8-k-cb-financial-services-inc-reports-material-event-9d71c207862a.html
"On May 5, 2026, Community Bank (the “Bank”), the wholly-owned subsidiary of CB Financial Services, Inc. (the “Company”), became aware of an internal incident involving the handling of certain non‑public customer information using an unauthorized artificial intelligence-based software application. Upon discovery, the Bank promptly took steps to secure the information at issue and initiated an internal investigation with the assistance of external cybersecurity advisors. The investigation into the incident, including the scope and root cause, remains ongoing.
The incident did not involve a disruption to the Bank's operations, customer access to accounts or services, payment systems, or core information technology infrastructure; however, due to the volume and sensitive nature of the non-public information at issue, on May 7, 2026, the Company determined the event to be material. Among the customer information the Bank has determined was disclosed are customer names, social security numbers and dates of birth.
The Company is evaluating the customer data that was affected and is conducting notifications as required by applicable federal and state laws and regulatory guidance. The Company has been, and continues to be, in communication with relevant banking and financial regulators regarding the incident.
The Company has taken, and continues to take, actions designed to contain and remediate the incident. The Company remains committed to protecting its customers' data and is taking measures designed to prevent future similar incidents, including but not limited to, strengthening existing controls, implementing additional controls and enhancing monitoring measures.
As of the date of this disclosure, this incident has not had, and is not expected to have, a material impact on the Company’s consolidated financial condition or results of operations."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.stocktitan.net/sec-filings/CBFV/8-k-cb-financial-services-inc-reports-material-event-9d71c207862a.html
"On May 5, 2026, Community Bank (the “Bank”), the wholly-owned subsidiary of CB Financial Services, Inc. (the “Company”), became aware of an internal incident involving the handling of certain non‑public customer information using an unauthorized artificial intelligence-based software application. Upon discovery, the Bank promptly took steps to secure the information at issue and initiated an internal investigation with the assistance of external cybersecurity advisors. The investigation into the incident, including the scope and root cause, remains ongoing.
The incident did not involve a disruption to the Bank's operations, customer access to accounts or services, payment systems, or core information technology infrastructure; however, due to the volume and sensitive nature of the non-public information at issue, on May 7, 2026, the Company determined the event to be material. Among the customer information the Bank has determined was disclosed are customer names, social security numbers and dates of birth.
The Company is evaluating the customer data that was affected and is conducting notifications as required by applicable federal and state laws and regulatory guidance. The Company has been, and continues to be, in communication with relevant banking and financial regulators regarding the incident.
The Company has taken, and continues to take, actions designed to contain and remediate the incident. The Company remains committed to protecting its customers' data and is taking measures designed to prevent future similar incidents, including but not limited to, strengthening existing controls, implementing additional controls and enhancing monitoring measures.
As of the date of this disclosure, this incident has not had, and is not expected to have, a material impact on the Company’s consolidated financial condition or results of operations."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations