🚨 GLOBAL CYBERINTELLIGENCE ALERT: TELEGRAM WAVE OF ATTACKS TARGETING GOVERNMENT AND ACADEMIC SECTORS 📡📂🔓 A series of coordinated attacks and data exfiltrations—executed by various malicious actors and distributed via specialized Telegram channels—has been detected. The activity recorded today, May 3, 2026, reveals an aggressive pattern targeting institutions across Latin America, the United States, and Europe. 🇵🇪 Ministry of the Interior (Peru) Threat Actor: CHRONUSTEAM Sector: Government Impact: Exfiltration of confidential data from the Ministry. This actor has recently demonstrated a tendency to target critical infrastructure and healthcare facilities within the region. 🇨🇱 Universidad de Los Lagos (ulagos.cl) - Chile Threat Actor: NemorisHacking Sector: Education / Academic Impact: Compromise of university infrastructure. Attacks on educational institutions typically aim to acquire databases containing student, staff, and research project data. 🇺🇸 Senzing.com and SumZero Threat Actors: ijpys Sectors: Technology / Data Analytics / Finance Impact: Compromise of platforms specializing in entity resolution and investment networks. These attacks suggest an interest in exfiltrating intellectual property or data belonging to high-profile users. 🇪🇸 Tiwel (tiwel.es) - Spain Threat Actor: l0wiqq Sector: Commercial / Retail Impact: Compromise of the official website. The actor l0wiqq is operating simultaneously across multiple geographic regions today. ⚠️ Risk Implications (VECERT Intelligence) Transnational Attacks: The ability of actors such as l0wiqq and CHRONUSTEAM to strike targets across different continents within a single 24-hour cycle indicates a high level of operational capability and the use of automated tools. Governmental Risk: The compromise of the Ministry of the Interior in Peru poses a national security risk, potentially allowing access to the identities of government officials or public security records. Sensitive Data Exposure: In the case of the University of Los Lagos, the leakage of personal data belonging to the university community could lead to large-scale academic phishing campaigns. 🛡️ Immediate Response Recommendations 🔒 Perimeter Audit: Organizations within the affected sectors must review their access logs for anomalies linked to the TTPs (Techniques, Tactics, and Procedures) of the aforementioned threat actors. 🔑 Credential Updates: Mandate password resets for administrative accounts and verify the integrity of accounts with elevated privileges on compromised systems. 👁️ Telegram Monitoring: Maintain active surveillance of "leak" channels where these actors typically distribute data samples or announce their upcoming targets. Monitor: analyzer.vecert.io #CyberSecurity #Peru #Chile #Spain #USA #DataBreach #ChronusTeam #NemorisHacking #l0wiqq #VECERT #InfoSec #CyberAlert 🌎🛡️⚠️🚨📂