[January-17-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

The provided data indicates a high-velocity wave of cyber activity characterized by simultaneous ransomware campaigns, mass website defacements, and significant government data breaches. A total of 104 incidents were analyzed1. The activity is global, with notable concentrations of victims in India, France, Brazil, and Indonesia.

Key trends include:

  • Ransomware Aggression: The Qilin and TENGU groups are executing aggressive campaigns across multiple continents.
  • Critical Infrastructure Risk: Operational Technology (OT) and SCADA systems in water treatment and heating sectors have been compromised22222.+3
  • Hacktivism & Defacement: A surge in low-sophistication but high-volume defacement attacks, particularly targeting Indian and Pakistani educational and commercial sites.

2. Incident Category Analysis

The incidents generally fall into four primary categories:

A. Data Breaches (High Volume)

The majority of incidents involve the exfiltration and sale of databases.

  • Government & Public Sector: There were significant leaks from the Australian personal data pool 3, the Fortaleza Municipal Government in Brazil 444, and the Algerian National Center for Commercial Register (CNRC)555.+3
  • Medical & Health: Unicancer (France) suffered a breach exposing staff profiles 666, and Agence Régionale de Santé Auvergne‑Rhône‑Alpes saw over 3,000 records leaked77.+4
  • Consumer Data: Large datasets were exposed, including a 39GB archive from NAZ.API containing billions of records 8, and banking data (IBAN/DNI) from Spain9.+1

B. Ransomware Campaigns

Several groups are actively extorting organizations, often threatening to publish data within a week.

  • Qilin: The most active ransomware group in this dataset, targeting diverse sectors globally, including Orthopaedic Specialists of Massachusetts (USA) 101010, UGS (Singapore/Oil & Gas) 111111, Colacem Spa (Italy/Construction) 121212, and Fluorsid (Italy/Chemicals)13.+3
  • TENGU: Targeted Nafae Sanitaire (Malaysia) 1414and Amphibius Accounting System (Dominican Republic)1515.+1
  • Kill Security: Compromised the Water Utilities Corporation in Botswana 161616and DR.Claims FL LLC in the USA171717.+4

C. Defacements (Hacktivism)

There is a massive volume of website defacements, often politically motivated or done for notoriety.

  • BROTHERHOOD CAPUNG INDONESIA is responsible for a spree of attacks on targets ranging from The American Beat 1818to the Prabharani Institute of Education1919.+1
  • NotraSec focused heavily on Indian infrastructure and manufacturing, defacing sites for Lush Granites, Kosh Innovations, and AARCS Engineering2020202020202020.+3

D. Operational Technology (OT) & Initial Access

  • SCADA Compromise: A threat actor claimed access to a wastewater treatment SCADA system in Canada, alleging control over pumps and disinfection systems21.
  • Heating Systems: The QuietSec group claimed access to MTK-ACMO hybrid heating system controllers, stating they disabled safety protections22.
  • Network Access Sales: Actors are selling VPN/RDP access to unidentified telecom companies and SSH servers in the USA2323232323.+3

3. Geographic and Industry Impact

Top Victim Geographies:

  1. India: Heavily targeted by defacement groups (NotraSec, Team Bangladesh) and data breaches (Assa Abloy India, BNMI)242424242424242424.+2
  2. France: Sustained significant data breaches across healthcare (Unicancer), government (City of Sevran), and e-commerce (Wobz Print)252525252525252525.+2
  3. Brazil: A primary target for government-related data exfiltration (Ministry of Culture, SmartGPS)26262626.+1
  4. USA: Targeted by ransomware (Qilin, Kill Security) and access sales272727272727272727.+4

Targeted Industries:

  • Education: Highly vulnerable to defacements and credential leaks (e.g., Canadian University Dubai, Weizmann Institute of Science)28282828.+1
  • Government: High-value data leaks from municipal to federal levels in Brazil, Algeria, and Belgium2929292929292929.+3
  • Infrastructure & Utilities: Water, wastewater, and energy sectors faced ransomware and unauthorized access30303030303030.+4

4. Threat Actor Profile

The following table summarizes the key actors identified in the report:

Threat ActorPrimary ActivityKey Targets / Characteristics
QilinRansomwareGlobal targets; Oil & Gas, Healthcare, Construction313131313131313131.+2
BROTHERHOOD CAPUNG INDONESIADefacementHigh volume of low-security targets; Education, Media32323232.+1
NotraSecDefacementTargeted campaign against Indian manufacturing/engineering33333333.+1
TENGURansomwareThreats to publish data within 5-8 days; Wholesale, Software34343434.+1
RuskiNetData LeakTargeted Romanian IT and French Health sectors35353535.+1
ShinyCorporationData LeakTargeted Belgian Data Protection Authority and Venezuelan Foreign Affairs36363636.+1
Infrastructure Destruction SquadOT AccessTargeted Canadian Wastewater SCADA systems37.

5. Conclusion

The analysis of the January 17, 2026, incident data reveals a bifurcated threat landscape. On one side, sophisticated criminal groups like Qilin and TENGU are successfully deploying ransomware against critical sectors (Healthcare, Utilities, Construction), posing severe operational risks. The compromise of SCADA systems 38and heating controllers 39 highlights a dangerous escalation toward physical infrastructure disruption.+1

On the other side, a swarm of hacktivist entities (e.g., BROTHERHOOD CAPUNG INDONESIA, NotraSec) is exploiting weak web security in the Education and Manufacturing sectors, particularly in South Asia, to cause reputational damage through mass defacements.

Detected Incidents Draft Data

  1. Alleged leak of Personal Data from Australia
    Category: Data Breach
    Content: The threat actor claims to be leaked Personal Data from Australia. The Compromised Data Reportedly contain 438,522 records including First Name, Last Name, Full Name, Gender, Email, Date of Birth, Phone Number, Street Name, City, ZIP Code
    Date: 2026-01-17T23:46:13Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-AUSTRALIA-%E2%80%94-National-Personal-Data-Leak
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/44297e5e-343b-4191-83a0-a9c5da25e13d.png
    Threat Actors: JackValeX
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  2. Alleged data breach of SmartGPS
    Category: Data Breach
    Content: The threat actor claims to have leaked data from SmartGPS, the compromised data reportedly consists of internal source code.
    Date: 2026-01-17T23:44:29Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SOURCE-CODE-SmartGPS-com-br-Data-Breach-Leaked-Download–184698
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6f95d324-769d-4b2d-9e8e-2408d995ac1a.png
    Threat Actors: 888
    Victim Country: Brazil
    Victim Industry: Other Industry
    Victim Organization: smartgps
    Victim Site: smartgps.com.br
  3. Alleged data breach of Aribaut & Associés
    Category: Data Breach
    Content: The threat actor claims to be leaked Aribaut & Associés data from march 2021
    Date: 2026-01-17T23:23:44Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-COLLECTION-3-french-dbs
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6e934712-2f25-4126-a2b2-39bb06a06559.png
    Threat Actors: oef50655
    Victim Country: France
    Victim Industry: Legal Services
    Victim Organization: aribaut & associés
    Victim Site: aribaut-associes.fr
  4. Alleged data breach of Fortaleza Municipal Government
    Category: Data Breach
    Content: The threat actor claims to have leaked a municipal government database allegedly belonging to Fortaleza, Ceará (Brazil), distributed in SQL format (20 MB), reportedly containing government or municipal data
    Date: 2026-01-17T22:50:05Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-BRAZIL-GOV-MUNICIPAL-DB-FORTALEZA-CE
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/37856d86-3ba2-4ced-bac4-4dd81a4fea61.png
    Threat Actors: breach3d
    Victim Country: Brazil
    Victim Industry: Government Administration
    Victim Organization: fortaleza municipal government
    Victim Site: fortaleza.ce.gov.br
  5. Alleged Data Leak of NAZ.API
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of NAZ.API, consisting of a 39GB archive that allegedly contains billions of records, including email addresses, passwords, and log data.
    Date: 2026-01-17T22:45:00Z
    Network: openweb
    Published URL: https://leakbase.la/threads/hq-drop-naz-api-39gb-complete-archive.48270/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/71bc75b7-fefe-49ae-93b5-2c29e1539de4.png
    Threat Actors: tryronin
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  6. Alleged Data Leak of IBAN and DNI Banking Data in Spain
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of IBAN and DNI banking data in Spain.
    Date: 2026-01-17T22:36:22Z
    Network: openweb
    Published URL: https://leakbase.la/threads/iban_dni_banking_spain.48272/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b23a83fa-aa10-4688-8ba8-bbf3918701e4.png
    Threat Actors: Cod3xx
    Victim Country: Spain
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  7. Alleged data breach of Unicancer
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Unicancer, France. The compromised data reportedly contains name, profile url, email, position, etc.
    Date: 2026-01-17T22:24:10Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-FR-Unicancer
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/84d30a38-3e4b-41c5-98ca-1c1e224a3782.png
    Threat Actors: Sahquelfou
    Victim Country: France
    Victim Industry: Hospital & Health Care
    Victim Organization: unicancer
    Victim Site: unicancer.fr
  8. 404 CREW CYBER TEAM targets the website of Weizmann Institute of Science
    Category: Defacement
    Content: The group claims to have defaced the official website of the Weizmann Institute of Science, as well as the subdomain hosting its Conferences Unit.
    Date: 2026-01-17T22:22:59Z
    Network: telegram
    Published URL: https://t.me/crewcyber/567
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f68ad4d2-0c00-4a78-bb36-9af4f47e8f58.png
    Threat Actors: 404 CREW CYBER TEAM
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: weizmann institute of science
    Victim Site: weizmann.ac.il
  9. Alleged data breach of CamSecurity
    Category: Data Breach
    Content: The group claims to have leaked the internal database of CamSecurity in Ukraine
    Date: 2026-01-17T22:22:53Z
    Network: telegram
    Published URL: https://t.me/perunswaroga/1046?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/966645f8-b04d-4235-918a-c12c6a745786.png
    https://d34iuop8pidsy8.cloudfront.net/eb0ceb2b-6676-4277-90ee-9891fe661bf2.png
    Threat Actors: Perun Svaroga
    Victim Country: Ukraine
    Victim Industry: Security & Investigations
    Victim Organization: camsecurity
    Victim Site: camsecurity.com.ua
  10. Alleged data leak of Prabharani Institute of Education
    Category: Data Breach
    Content: The group claims to have defaced the website and leaked the internal database, including administrator credentials and student records from Prabharani Institute of Education in India
    Date: 2026-01-17T22:09:28Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/338
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fb922e14-4a0c-4b76-99e1-b93494dd1bb5.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: India
    Victim Industry: Education
    Victim Organization: prabharani institute of education
    Victim Site: prabharaniinstitutebed.in
  11. 404 CREW CYBER TEAM targets the website of Masterclasses
    Category: Defacement
    Content: The Group claims to have defaced the website of Masterclasses in Israel.
    Date: 2026-01-17T22:07:17Z
    Network: telegram
    Published URL: https://t.me/crewcyber/568
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aa7a8be4-09a9-4eff-8418-4401a98491fd.png
    Threat Actors: 404 CREW CYBER TEAM
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: masterclasses
    Victim Site: masterclasses.org.il
  12. Alleged data sale of Wobz Print
    Category: Data Breach
    Content: Threat actor claims to be selling leaked database of the company Wobz Print, formerly known as Dalvin, based in France. The compromised data reportedly contains 134,000 unique data points including id, name, email address, security key etc.
    Date: 2026-01-17T21:47:14Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-France-wobz-print-ex-Dalvin-By-Wobz-134-000
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d71fdd6c-b710-4e30-9aa9-7e74d1be721c.png
    Threat Actors: Sorb
    Victim Country: France
    Victim Industry: Glass, Ceramics & Concrete
    Victim Organization: wobz print
    Victim Site: resellers.wobz-print.com
  13. Alleged Data Breach of Allo-Internet
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Allo-Internet in Russia.
    Date: 2026-01-17T21:43:51Z
    Network: openweb
    Published URL: https://leakbase.la/threads/dump-of-the-database-of-internet-shop-of-technology-allo-internet-ru.48269/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7291e831-c9bf-4e03-9289-92a608f02b96.png
    Threat Actors: Cod3xx
    Victim Country: Russia
    Victim Industry: Consumer Electronics
    Victim Organization: allo-internet
    Victim Site: allo-internet.ru
  14. Alleged data sale of ASSA ABLOY Opening Solutions (India)
    Category: Data Breach
    Content: Threat actor claims to be selling leaked data of from the Indian division of Assa Abloy Opening Solutions. The compromised data reportedly contains a total of 276,000 personal data items, 276,000 unique phone numbers, 20,000 unique email addresses. The data primarily contains name, phone number, email, bcrypt password hash, address.
    Date: 2026-01-17T21:43:09Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-ASSA-ABLOY-Opening-Solutions-India
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dcd80a87-3970-44a9-8715-252cb02bbdf3.png
    https://d34iuop8pidsy8.cloudfront.net/42994d39-86db-4b03-a42d-7bc316b05ed0.png
    Threat Actors: Sorb
    Victim Country: India
    Victim Industry: Electrical & Electronic Manufacturing
    Victim Organization: assa abloy opening solutions
    Victim Site: assaabloy.com
  15. Alleged data breach of Algerias National Center for Commercial Register (CNRC)
    Category: Data Breach
    Content: The group claims to have compromised systems belonging to Algeria’s Ministry of Interior Trade and Regulation of the National Market, specifically referencing the National Center for Commercial Records (CNRC) portal. The actor alleges access to databases, sub‑sites, and FTP services used for government file transfers, along with the extraction of server‑side data.
    Date: 2026-01-17T21:25:06Z
    Network: telegram
    Published URL: https://t.me/DarK07xxxxxxx/644
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/52afffb1-89cb-489d-b83f-a30e444e2a0e.png
    https://d34iuop8pidsy8.cloudfront.net/26749f7e-f02b-402a-8f0f-1e99ac7e65ea.png
    https://d34iuop8pidsy8.cloudfront.net/9b96d497-a161-44f4-abf4-2ffc39c802bf.png
    https://d34iuop8pidsy8.cloudfront.net/1be2d9eb-f02a-4b0c-98ac-e608b75e308f.png
    https://d34iuop8pidsy8.cloudfront.net/29fb0d85-ab2a-48d7-b347-4b823c5a0051.png
    https://d34iuop8pidsy8.cloudfront.net/86e1d197-888b-442f-963e-c18b5ae2d69d.png
    https://d34iuop8pidsy8.cloudfront.net/74f9e38c-d08e-41aa-8fd9-9c37e5e56a79.png
    Threat Actors: DARK 07x
    Victim Country: Algeria
    Victim Industry: Government Administration
    Victim Organization: national center for commercial register (cnrc)
    Victim Site: sidjilcom.cnrc.dz
  16. Alleged sale of french consumers data
    Category: Data Breach
    Content: Threat actor claims to be selling 442614 records of French consumers data including last name, id, city, address, number, pwd hash, postal code, mail, note.
    Date: 2026-01-17T21:24:09Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-FAKE-442614-FRENCH-CONSUMERS
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4b6add82-3fa9-46d9-98d7-8058ee966b92.png
    Threat Actors: oef50655
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  17. Alleged data breach of cartedepeche.fr
    Category: Data Breach
    Content: Threat actor claims to have leaked data from cartedepeche.fr, a service platform operated by the Fédération Nationale de la Pêche en France. The compromised data reportedly contains 4 files containing data from all the city of the Gironde.
    Date: 2026-01-17T21:14:40Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-NO-LEAK-DUMP-cartedepeche-fr-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9bfc4080-8360-4d8d-afe7-af3a05e9efd5.png
    https://d34iuop8pidsy8.cloudfront.net/1315fa7a-9b42-4457-a9df-8719add131d2.png
    Threat Actors: AnonymeTorNet
    Victim Country: France
    Victim Industry: Fishery
    Victim Organization: cartedepeche.fr
    Victim Site: cartedepeche.fr
  18. Alleged sale of unauthorized access to an unidentified Network & Telecommunications Company
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized VPN and multiple RDP users access with development and PROD DB server connections to an unidentified Network & Telecommunications Company. The compromised organization reportedly contain 17 hosts on same subnet and revenue of 105 Million.
    Date: 2026-01-17T21:05:52Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-VPN-VPN-RDP-WITH-PROD-DB-TELECOM-NETWORK
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/faf82184-69de-4bd7-8701-868cc3887555.png
    Threat Actors: CHONG
    Victim Country: Unknown
    Victim Industry: Network & Telecommunications
    Victim Organization: Unknown
    Victim Site: Unknown
  19. Alleged data breach of PoradnikZdrowie
    Category: Data Breach
    Content: Threat actor claims to have leaked the database of forum PoradnikZdrowie. The forum was compromised on November 2019 and the compromised data reportedly contains 87,879 records including usernames, email addresses, MD5-hashed passwords with salt, and IP addresses.
    Date: 2026-01-17T20:26:25Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-PoradnikZdrowie-forum-poradnikzdrowie-pl-2019-11-87-87K-Users
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e6f30e2a-2e42-41b3-a2ea-ba10951a679a.png
    Threat Actors: thelastwhitehat
    Victim Country: Poland
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: poradnikzdrowie
    Victim Site: forum.poradnikzdrowie.pl
  20. 7 Proxies targets the website of Kachipara Md. Abdur Rashid Mia Degree College
    Category: Defacement
    Content: The group claims to have defaced the website of Kachipara Md. Abdur Rashid Mia Degree College in Bangladesh
    Date: 2026-01-17T20:13:14Z
    Network: telegram
    Published URL: https://t.me/c/2366703983/935
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/97fdecbd-aad7-4dd4-879e-023c8ea9dce6.png
    Threat Actors: 7 Proxies
    Victim Country: Bangladesh
    Victim Industry: Education
    Victim Organization: kachipara md. abdur rashid mia degree college
    Victim Site: karmdc.edu.bd
  21. Alleged admin access to an unidentified messaging system in Malaysia
    Category: Initial Access
    Content: The group claims to have gained administrative access to a Malaysian messaging system, alleging the ability to modify user accounts, permissions, queues, and routing configurations.
    Date: 2026-01-17T19:49:33Z
    Network: telegram
    Published URL: https://t.me/c/3041653742/68
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c7b12925-e2a7-411a-9adb-7a8f18d93c76.png
    Threat Actors: AL-MUJAHIDEEN FORCE 313
    Victim Country: Malaysia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  22. Alleged access to multiple CCTV systems in Italy
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to multiple CCTV surveillance systems in Italy
    Date: 2026-01-17T19:36:54Z
    Network: telegram
    Published URL: https://t.me/op_morningstar/205?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/55f56413-c7cc-4029-95dd-47d93c9614f6.png
    https://d34iuop8pidsy8.cloudfront.net/4f00a972-be17-4dbf-bd0c-301d4f4fd501.png
    Threat Actors: MORNING STAR
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  23. Nafae Sanitaire falls victim to TENGU Ransomware
    Category: Ransomware
    Content: The group claims to have obtained 18.2 GB of the organizations data and they intend to publish it within 5-6 days.
    Date: 2026-01-17T19:31:32Z
    Network: tor
    Published URL: http://longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion/blog/b4a7f8a258b93ba3de493134d47355ffb5b1247dc32f06d17d036c2fab17c457/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b065cd80-fcaf-49a1-b423-5760bc7ba0dd.png
    https://d34iuop8pidsy8.cloudfront.net/a7f38690-968b-4c5b-b62b-ebee6e32e773.png
    https://d34iuop8pidsy8.cloudfront.net/bb4e8251-28b8-40f9-8632-6795b56042bb.png
    Threat Actors: TENGU
    Victim Country: Malaysia
    Victim Industry: Wholesale
    Victim Organization: nafae sanitaire
    Victim Site: nafaesanitaire.com
  24. Alleged data breach of Data Protection Authority
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Data Protection Authority of Belgium. The compromised data reportedly contains 1 million records including name, date of birth, email address, postal address, etc.
    Date: 2026-01-17T19:19:42Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-BELGIAN-DATA-PROTECTION-AUTHORITY
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e4630319-e6b1-4751-8fc0-b7ed6fdca10b.png
    Threat Actors: ShinyCorporation
    Victim Country: Belgium
    Victim Industry: Government Administration
    Victim Organization: data protection authority
    Victim Site: dataprotectionauthority.be
  25. Alleged data breach of Ministry of Culture
    Category: Data Breach
    Content: Threat actor claims to have leaked database of Ministry of Culture, Brazil. The compromised data reportedly contains 2.9 GB of data.
    Date: 2026-01-17T19:18:12Z
    Network: openweb
    Published URL: https://breachforums.cz/index.php?threads/brazilian-ministry-of-culture.17/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a885cdcf-dd95-406d-a71c-cae68446161c.png
    Threat Actors: breach3d
    Victim Country: Brazil
    Victim Industry: Government Administration
    Victim Organization: ministry of culture
    Victim Site: cultura.gov.br
  26. Alleged sale of Spain Crypto-Forex Leads
    Category: Data Breach
    Content: Threat actor claims to be selling crypto-forex leads from Spain. The compromised data reportedly contains 275,000 records including full name, phone number, email, location and whatsapp.
    Date: 2026-01-17T19:08:44Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Crypto-Spain-Forex-Leads
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/13143f85-b29f-459d-9ee6-e587e6571670.png
    Threat Actors: Highlo
    Victim Country: Spain
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. Alleged data breach of Ministry of Popular Power for Foreign Affairs
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Ministry of Popular Power for Foreign Affairs (MPPRE) of Venezuela. The compromised data reportedly contains around 2 million records including full name, email address, national identification number, address, city, etc.
    Date: 2026-01-17T18:55:14Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-MINISTRY-OF-FOREIGN-AFFAIRS-OF-VENEZUELA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3a0a3be1-3fbc-42b0-a432-59c7b9a0bfa9.png
    Threat Actors: ShinyCorporation
    Victim Country: Venezuela
    Victim Industry: Government Administration
    Victim Organization: ministry of popular power for foreign affairs
    Victim Site: mppre.gob.ve
  28. Alleged data breach of Service Public Federal Justice
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Service Public Federal Justice, Belgium. The compromised data reportedly contains more than 50 confidential files including PDFs from lawyers and more.
    Date: 2026-01-17T18:46:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SPF-Justice-HawkSec-Belgium
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/08015626-9d53-4fa6-8936-8937189ca5b8.png
    https://d34iuop8pidsy8.cloudfront.net/f1c25ea7-53c6-47e3-ad03-46c27b1a94b2.png
    Threat Actors: HawkSec
    Victim Country: Belgium
    Victim Industry: Government Administration
    Victim Organization: service public federal justice
    Victim Site: justice.belgium.be
  29. Alleged data breach of Apilage AI
    Category: Data Breach
    Content: Threat actor claims to have leaked full database of Apilage AI, a Sri Lankan AI learning platform. The compromised data reportedly contains over 1200 students data including all tables, PII (names, emails, phones, student IDs), chat histories, registration details, etc.
    Date: 2026-01-17T18:32:44Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Apilage-AI-apilageai-lk-Sri-Lanka-Student-Platform-Full-DB-1-2k-Records
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/806512e3-f4fa-4945-8c51-ceb60c2e30b0.png
    Threat Actors: l4z4rusv01d
    Victim Country: Sri Lanka
    Victim Industry: E-Learning
    Victim Organization: apilage ai
    Victim Site: apilageai.lk
  30. Alleged data sale of yachtshop.it
    Category: Data Breach
    Content: Threat actor claims to be selling unauthorized access and leaked database of yachtshop.it. The compromised data reportedly contains 35,000 records including ID, name, telephone, email, password, mobile, etc.
    Date: 2026-01-17T18:22:04Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-yachtshop-it-full-access-on-database
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/161e8cb3-8802-472f-9d3e-16c1f8e18155.png
    https://d34iuop8pidsy8.cloudfront.net/3a46f412-58b8-4065-a62a-9858ba79be6c.png
    Threat Actors: Disease
    Victim Country: Italy
    Victim Industry: E-commerce & Online Stores
    Victim Organization: yachtshop.it
    Victim Site: yachtshop.it
  31. Alleged data leak of WebDo
    Category: Data Breach
    Content: Threat actor claims to have leaked data from WebDo, a cloud-based website builder and hosting platform operated by Q-bis Consult S.R.L., based in Romania. The compromised data reportedly contains 500,000 records including last name, first name, job title, phone, email, url, city, and country code.
    Date: 2026-01-17T18:10:34Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-WebDo-com-Breached-500K-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3225f194-1008-4476-9300-b335bdf40ded.png
    Threat Actors: RuskiNet
    Victim Country: Romania
    Victim Industry: Information Technology (IT) Services
    Victim Organization: webdo
    Victim Site: webdo.com
  32. Alleged leak of over 19,000 Algerian institutional email credentials
    Category: Data Breach
    Content: The group claims to have leaked 19,381 email accounts and passwords allegedly belonging to Algerian government entities, companies, universities, and banks.
    Date: 2026-01-17T17:32:11Z
    Network: telegram
    Published URL: https://t.me/DarK07xxxxxxx/637?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0e0046a6-5d2d-4a91-b823-c4565621fb4b.png
    Threat Actors: DARK 07x
    Victim Country: Algeria
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  33. Orthopaedic Specialists of Massachusetts falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained of organizations data.
    Date: 2026-01-17T17:19:15Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=570dc719-84f3-3537-b786-46fae6eb04cf
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cd067804-64bb-4af1-9a77-546bc6fb88e9.png
    https://d34iuop8pidsy8.cloudfront.net/183e19b0-1f9e-4118-bb97-cfe11e2feeed.png
    https://d34iuop8pidsy8.cloudfront.net/c7bd0b1b-8dfc-4711-9301-2daa542059fc.png
    Threat Actors: Qilin
    Victim Country: USA
    Victim Industry: Medical Practice
    Victim Organization: orthopaedic specialists of massachusetts
    Victim Site: orthomass.com
  34. AN0M949_GHOST_TRACK targets the website of Koyandes Institute of Fashion Studies
    Category: Defacement
    Content: The group claims to have defaced the website of Koyandes Institute of Fashion Studies
    Date: 2026-01-17T15:47:01Z
    Network: telegram
    Published URL: https://t.me/CyaberGhost/357
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9642c246-1130-421c-ac2f-b0aaed97e119.png
    Threat Actors: AN0M949_GHOST_TRACK
    Victim Country: India
    Victim Industry: Professional Training
    Victim Organization: koyandes institute of fashion studies
    Victim Site: koyandesfashion.in
  35. Alleged unauthorized access to MTK‑ACMO Heating System Controllers
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to MTK‑ACMO, a controller used in hybrid heating systems produced by Italian manufacturer MTK. The actor alleges they modified operational parameters, disabled safety protections, altered heating logic, and enabled engineering‑level controls.
    Date: 2026-01-17T15:37:59Z
    Network: telegram
    Published URL: https://t.me/QuietSecOfficial/147
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/47422832-c4f6-41c6-9aed-1b6ecda82ae0.png
    https://d34iuop8pidsy8.cloudfront.net/0094fed7-53c3-42dc-949b-8ca7da528c08.png
    https://d34iuop8pidsy8.cloudfront.net/1dbbd316-687f-4a48-abe4-af4ea112d9c1.png
    Threat Actors: QuietSec
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  36. Alleged Unauthorized Access to a Wastewater Treatment SCADA System in Canada
    Category: Initial Access
    Content: The group claims to have accessed the SNAW-NAW-AS SCADA system at a wastewater treatment plant in Canada, reportedly providing visibility into automated control of pumps, tanks, bioreactors, filtration, disinfection systems, real-time data, alarms, and operational logs.
    Date: 2026-01-17T14:43:46Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3361
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e6d0f823-f8f4-4515-b5e4-3f0bad563074.png
    https://d34iuop8pidsy8.cloudfront.net/8b698b46-c3f5-4542-9244-223de9f9528d.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: Canada
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  37. Alleged leak of Air France-KLM
    Category: Data Breach
    Content: The group claims to have leaked the organisations data.
    Date: 2026-01-17T13:46:00Z
    Network: telegram
    Published URL: https://t.me/Team_Cy8er_N4ti0n/74?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9951624c-03bb-463d-b726-3303bd64d909.JPG
    Threat Actors: CY8ER N4TI0N
    Victim Country: France
    Victim Industry: Airlines & Aviation
    Victim Organization: air france-klm
    Victim Site: airfranceklm.com
  38. Amphibius Accounting System falls victim to TENGU Ransomware
    Category: Ransomware
    Content: The group claims to have obtained 24 GB of the organizations data and they intend to publish it within 7-8 days.
    Date: 2026-01-17T13:39:28Z
    Network: tor
    Published URL: http://longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion/blog/effd2f3a99a333472d7397332f60f208e445cb97d57df4fb019cbbc4e77be843/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4a0c023b-fd75-4bb8-9fdf-98a203192300.jpg
    https://d34iuop8pidsy8.cloudfront.net/1b57f946-8222-4613-9030-dc91b8e33ff1.jpg
    Threat Actors: TENGU
    Victim Country: Dominican Republic
    Victim Industry: Software Development
    Victim Organization: amphibius accounting system
    Victim Site: anfibius.net
  39. CyberOprationCulture targets the website of Gunturi Family
    Category: Defacement
    Content: The group claims to have defaced the website of Gunturi Family.Mirror : https://haxor.id/archive/mirror/242972
    Date: 2026-01-17T13:38:27Z
    Network: telegram
    Published URL: https://t.me/c/3421269527/85
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c54c77f5-698d-4112-a576-d3961735b915.png
    Threat Actors: CyberOprationCulture
    Victim Country: India
    Victim Industry: Individual & Family Services
    Victim Organization: gunturi family
    Victim Site: gunturifamily.com
  40. Alleged leak of McDonalds
    Category: Data Breach
    Content: The group claims to have leaked the organisations data.
    Date: 2026-01-17T13:34:00Z
    Network: telegram
    Published URL: https://t.me/Team_Cy8er_N4ti0n/79
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ecceb156-c3e1-4cf2-ac33-4f70022fd211.JPG
    Threat Actors: CY8ER N4TI0N
    Victim Country: USA
    Victim Industry: Food & Beverages
    Victim Organization: mcdonalds
    Victim Site: mcdonalds.com
  41. Alleged data leak of unidentified laboratory information operating system
    Category: Data Breach
    Content: The group claims to have leaked the organisations data, allegedly including record no, name, code, hospital type, upper group, region, city and more.
    Date: 2026-01-17T13:33:35Z
    Network: telegram
    Published URL: https://t.me/dienet3/104
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3d2198f5-894f-4664-998a-52f67dae9532.JPG
    Threat Actors: DieNet
    Victim Country: Turkey
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: Unknown
    Victim Site: Unknown
  42. Alleged leak of login access to Storrekeys
    Category: Initial Access
    Content: The group claims to be selling webshell access to Storrekeys
    Date: 2026-01-17T12:16:25Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2059
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c6e17cbc-dc63-4f85-98d7-e9eda875d2f6.jpg
    Threat Actors: HMEI7
    Victim Country: Yemen
    Victim Industry: E-commerce & Online Stores
    Victim Organization: storrekeys
    Victim Site: storrekeys.com
  43. Alleged leak of login access to Buildamatic
    Category: Initial Access
    Content: The group claims to be selling webshell access to Buildamatic
    Date: 2026-01-17T12:12:16Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2059
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/19fae465-84db-409c-a871-5709edfb7fce.JPG
    Threat Actors: HMEI7
    Victim Country: Pakistan
    Victim Industry: Civil Engineering
    Victim Organization: buildamatic
    Victim Site: buildamatic.com
  44. Alleged leak of login access to Nawafiz
    Category: Initial Access
    Content: The group claims to be selling webshell access to Nawafiz
    Date: 2026-01-17T11:57:46Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2059
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e0f96aa0-255f-4db1-9fb2-22d1a6d47185.JPG
    Threat Actors: HMEI7
    Victim Country: Yemen
    Victim Industry: Information Technology (IT) Services
    Victim Organization: nawafiz
    Victim Site: maffraq.com
  45. Alleged leak of Malaysian data
    Category: Data Breach
    Content: The group claims to have obtained organization data.
    Date: 2026-01-17T11:56:26Z
    Network: telegram
    Published URL: https://t.me/Team_Cy8er_N4ti0n/64
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b5c0bfcf-38e5-4645-a31d-2fabba83c5ec.png
    Threat Actors: CY8ER N4TI0N
    Victim Country: Malaysia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  46. Alleged sale of web shell access to Nawafed AI
    Category: Initial Access
    Content: The group claims to be selling web shell access to Nawafed AI
    Date: 2026-01-17T11:51:51Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2060
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fe4f3582-4cd0-4322-baf9-64fef76fb1a5.png
    Threat Actors: HMEI7
    Victim Country: Unknown
    Victim Industry: Information Technology (IT) Services
    Victim Organization: nawafed ai
    Victim Site: nawafed-ai.nawafednet.com
  47. Alleged sale of web shell access to Siginews
    Category: Initial Access
    Content: The group claims to be selling web shell access to Siginews.
    Date: 2026-01-17T11:50:12Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2060
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cc8ed808-69e5-43ce-9489-ce9b68fef712.png
    Threat Actors: HMEI7
    Victim Country: Indonesia
    Victim Industry: Newspapers & Journalism
    Victim Organization: siginews
    Victim Site: siginews.com
  48. BROTHERHOOD CAPUNG INDONESIA targets the website of TamilBlasters
    Category: Defacement
    Content: The group claims to have defaced the website of TamilBlasters.
    Date: 2026-01-17T11:33:15Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c5747711-bf61-48b9-8455-28b4e887196b.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: India
    Victim Industry: Legal Services
    Victim Organization: tamilblasters
    Victim Site: tamilblasters.com.in
  49. Alleged leak of login access to Aasaan Holidays
    Category: Initial Access
    Content: The group claims to be selling webshell access to Aasaan Holidays
    Date: 2026-01-17T11:30:06Z
    Network: telegram
    Published URL: https://t.me/c/2412030007/2059
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f0a34ffc-45d4-4b14-836e-6ce3ec865a60.JPG
    Threat Actors: HMEI7
    Victim Country: India
    Victim Industry: Leisure & Travel
    Victim Organization: aasaan holidays
    Victim Site: aasaanholidays.com
  50. 404 CREW CYBER TEAM targets the website of Soravit on Granville
    Category: Defacement
    Content: The group claims to have defaced the website of Soravit on Granville.
    Date: 2026-01-17T11:29:42Z
    Network: telegram
    Published URL: https://t.me/crewcyber/560
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/40f346c5-fa08-47fd-91e8-c0c698d4a151.jpg
    Threat Actors: 404 CREW CYBER TEAM
    Victim Country: China
    Victim Industry: Hospitality & Tourism
    Victim Organization: soravit on granville
    Victim Site: soravitgranville.com
  51. BROTHERHOOD CAPUNG INDONESIA targets the website of The American Beat
    Category: Defacement
    Content: The group claims to have defaced the website of The American Beat
    Date: 2026-01-17T11:27:08Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7c39755f-ba6b-46e2-bced-44af4f8a1e9b.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: USA
    Victim Industry: Online Publishing
    Victim Organization: the american beat
    Victim Site: theamericanbeat.site
  52. Alleged leak of login credentials from Canadian University Dubai
    Category: Initial Access
    Content: Group claims to have leaked login credentials from Canadian University Dubai.
    Date: 2026-01-17T11:26:10Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/451163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3148f031-4c86-47ae-a0d7-ab860810619a.png
    Threat Actors: Buscador
    Victim Country: UAE
    Victim Industry: Education
    Victim Organization: canadian university dubai
    Victim Site: cudportal.cud.ac.ae
  53. Alleged leak of login access to Top Digital Expert
    Category: Initial Access
    Content: The group claims to have leaked login access to Top Digital Expert, also allegedly claiming to have defaced the website.
    Date: 2026-01-17T11:15:49Z
    Network: telegram
    Published URL: https://t.me/z_bl4cx_h4t_id/11
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3081d630-03f4-4053-ba97-6f7d494eaf9c.JPG
    Threat Actors: Z-BL4CX-H4T.ID
    Victim Country: Spain
    Victim Industry: Information Technology (IT) Services
    Victim Organization: top digital expert
    Victim Site: topdigitalhome.com
  54. BROTHERHOOD CAPUNG INDONESIA targets the website of SajnaAmo
    Category: Defacement
    Content: The group claims to have defaced the website of SajnaAmo
    Date: 2026-01-17T11:15:31Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e4e188ff-3e1f-41a3-81f7-d29ba9e5b881.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Unknown
    Victim Industry: Media Production
    Victim Organization: sajnaamo
    Victim Site: sajnaamo.com
  55. BROTHERHOOD CAPUNG INDONESIA targets the website of streetwearhub.info
    Category: Defacement
    Content: The group claims to have defaced the website of streetwearhub.info
    Date: 2026-01-17T11:15:02Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/674fb59d-d1ca-4235-b5df-7906e3d32bbe.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Spain
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: streetwearhub.info
  56. BROTHERHOOD CAPUNG INDONESIA targets the website of DigiReach Solutions
    Category: Defacement
    Content: The group claims to have defaced the website of DigiReach Solutions.
    Date: 2026-01-17T11:04:35Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1cfbe19a-9d1d-4dca-a313-d16ce90aa56e.jpg
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: UK
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: digireach solutions
    Victim Site: new.digireach.uk
  57. Alleged data breach of Brimob Polda Jabar
    Category: Data Breach
    Content: The group claims to leaked the organisations dataNB: The authenticity of the post is yet to be verified
    Date: 2026-01-17T11:04:17Z
    Network: telegram
    Published URL: https://t.me/Team_Cy8er_N4ti0n/48
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/852d4c62-810e-4689-ae27-ad974e50eaab.JPG
    Threat Actors: CY8ER N4TI0N
    Victim Country: Indonesia
    Victim Industry: Law Enforcement
    Victim Organization: brimob polda jabar
    Victim Site: brimobpoldajabar.com
  58. BROTHERHOOD CAPUNG INDONESIA targets the website of ScriptBari
    Category: Defacement
    Content: The group claims to have defaced the website of ScriptBari
    Date: 2026-01-17T11:01:46Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7daa61e7-dad2-4d47-b691-e5a08ff71de9.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Bangladesh
    Victim Industry: Information Services
    Victim Organization: scriptbari
    Victim Site: scriptbari.com
  59. BROTHERHOOD CAPUNG INDONESIA targets the website of Out Linkify
    Category: Defacement
    Content: The group claims to have defaced the website of Out Linkify.
    Date: 2026-01-17T10:56:46Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/502b0b16-bbca-4687-9790-383fcfa7a5b6.jpg
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Pakistan
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: out linkify
    Victim Site: outlinkify.net
  60. BROTHERHOOD CAPUNG INDONESIA targets the website of Learners Academy
    Category: Defacement
    Content: The group claims to have defaced the website of Learners Academy.
    Date: 2026-01-17T10:48:38Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6bdb3220-baf6-4090-aa87-404b205bcd91.jpg
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Pakistan
    Victim Industry: Education
    Victim Organization: learners academy
    Victim Site: learnersacademyhyd.pk
  61. BROTHERHOOD CAPUNG INDONESIA targets the website of The Internet Chicks
    Category: Defacement
    Content: The group claims to have defaced the website of The Internet Chicks
    Date: 2026-01-17T10:43:51Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d18cded5-373d-415b-b575-caa38aa20d9a.JPG
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: UK
    Victim Industry: Media Production
    Victim Organization: the internet chicks
    Victim Site: theinternetchicks.co.uk
  62. Alleged leak of Health center database of Indonesia
    Category: Data Breach
    Content: The group claims to have leaked data from Health center of Indonesia.
    Date: 2026-01-17T10:39:57Z
    Network: telegram
    Published URL: https://t.me/Team_Cy8er_N4ti0n/53
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b6322635-ed06-4a87-aca1-fc9f3e4fb656.png
    Threat Actors: CY8ER N4TI0N
    Victim Country: Indonesia
    Victim Industry: Hospital & Health Care
    Victim Organization: Unknown
    Victim Site: Unknown
  63. BROTHERHOOD CAPUNG INDONESIA targets the website of MARIO COTOV
    Category: Defacement
    Content: The group claims to have defaced the websites of MARIO COTOV.
    Date: 2026-01-17T10:28:59Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/335
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a3ff8b75-bd5d-4371-8fca-d66642630431.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Netherlands
    Victim Industry: Graphic & Web Design
    Victim Organization: mario cotov
    Victim Site: mariocotov.com
  64. BROTHERHOOD CAPUNG INDONESIA targets the website of urduquran.pk
    Category: Defacement
    Content: The group claims to have defaced the website of urduquran.pk
    Date: 2026-01-17T10:28:21Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b035a8a8-6596-44e5-816e-f1bbfbe57c80.JPG
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Pakistan
    Victim Industry: Education
    Victim Organization: urduquran.pk
    Victim Site: urduquran.pk
  65. BROTHERHOOD CAPUNG INDONESIA targets the website of thrivecrafter.com
    Category: Defacement
    Content: The group claims to have defaced the website of thrivecrafter.com
    Date: 2026-01-17T10:25:46Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d49c2e0e-0b11-4fce-a431-3c840998f9c5.JPG
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: thrivecrafter.com
  66. BROTHERHOOD CAPUNG INDONESIA targets the websites of getradio.online
    Category: Defacement
    Content: The group claims to have defaced the websites of getradio.online.
    Date: 2026-01-17T10:20:08Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e63a9972-c1a0-4497-947e-466a7f7b389c.png
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: getradio.online
  67. BROTHERHOOD CAPUNG INDONESIA targets the website of websitespeedtest.online
    Category: Defacement
    Content: The group claims to have defaced the website of websitespeedtest.online
    Date: 2026-01-17T10:00:30Z
    Network: telegram
    Published URL: https://t.me/c/3054021775/333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2a3e154d-86d0-41d4-a507-aba9eb8c71e5.JPG
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: websitespeedtest.online
  68. Water Utilities Corporation falls victim to Kill Security Ransomware
    Category: Ransomware
    Content: The group claims to have obtained organizations data.
    Date: 2026-01-17T09:59:57Z
    Network: tor
    Published URL: http://ks5424y3wpr5zlug5c7i6svvxweinhbdcqcfnptkfcutrncfazzgz5id.onion/?view=WZrs7quhczIF46K1GbKWvRXZ
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/35e1b460-edf9-4638-a4c2-360b12a68c6f.png
    Threat Actors: Kill Security
    Victim Country: Botswana
    Victim Industry: Energy & Utilities
    Victim Organization: water utilities corporation
    Victim Site: wuc.bw
  69. Benzona ransomware group adds an unknown victim (emint-ho.com) Category: Ransomware Content: The group claims to have obtained 80 GB of the organization’s data. The compromised data includes financial, Hr documents. Date: 2026-01-17T09:17:28Z Network: tor Published URL: http://benzona6x5ggng3hx52h4mak5sgx5vukrdlrrd3of54g2uppqog2joyd.onion/ Screenshots: https://d34iuop8pidsy8.cloudfront.net/1d40811e-8bee-4a13-be6d-467b75802e80.jpg Threat Actors: Benzona Victim Country: Unknown Victim Industry: Unknown Victim Organization: Unknown Victim Site: emint-ho.com
  70. Alleged data breach of Computer Society of India (CSI)
    Category: Data Breach
    Content: The group claims to have leaked data from Computer Society of India (CSI).
    Date: 2026-01-17T08:59:04Z
    Network: telegram
    Published URL: https://t.me/eightsixroot/340
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/09a144a4-cd8f-44bd-815e-f09cdac1e81f.png
    Threat Actors: EIGHT-SIX ROOT
    Victim Country: India
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: computer society of india
    Victim Site: csiindia.org
  71. DR.Claims FL LLC falls victim to Kill Security Ransomware
    Category: Ransomware
    Content: The group claims to have obtained 350 GB of the organizations data.
    Date: 2026-01-17T08:24:04Z
    Network: tor
    Published URL: http://ks5424y3wpr5zlug5c7i6svvxweinhbdcqcfnptkfcutrncfazzgz5id.onion/index.php?view=e7OMIcnZ0RCf3MAY5rhZSkjs
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ca0faadf-307c-4ac4-b9cd-57c299986558.jpg
    https://d34iuop8pidsy8.cloudfront.net/ac2ae368-e5a5-4dee-b5c6-05ea30b14edd.jpg
    Threat Actors: Kill Security
    Victim Country: USA
    Victim Industry: Insurance
    Victim Organization: dr.claims fl llc
    Victim Site: dr.claims
  72. MAD GHOST claims to target Nova Group
    Category: Alert
    Content: A Telegram post titled ‘Those who bought tickets for the Ben Gvir real estate conference in September 2025’ is circulating and publicly lists company websites, including Farkash Group. The claims in the post are unverified, and the listed organizations may face increased cyber risk.
    Date: 2026-01-17T08:20:00Z
    Network: telegram
    Published URL: https://t.me/ARABIAN_GHOSTS/1687
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/51c998b4-9f17-40f9-9f87-554daa8c2a12.png
    Threat Actors: MAD GHOST
    Victim Country: Poland
    Victim Industry: Consumer Goods
    Victim Organization: nova group
    Victim Site: nova-group.co
  73. Alleged leak of Turkish market data
    Category: Data Breach
    Content: The threat actor claims to have leaked 116,000 user records from a Turkish market platform.
    Date: 2026-01-17T08:06:40Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Turkish-Market-116K-USER
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fc50f2b2-cc06-4e17-89e5-4eb157cd3907.png
    Threat Actors: Brazzers
    Victim Country: Turkey
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  74. UGS falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained of organizations data.
    Date: 2026-01-17T07:42:20Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=93466c9a-0736-33e6-89bd-bee553f49f05
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c99039f7-e658-497f-9a27-3e82b055c7f7.png
    Threat Actors: Qilin
    Victim Country: Singapore
    Victim Industry: Oil & Gas
    Victim Organization: ugs
    Victim Site: ugs.com.sg
  75. Alleged data breach of Tirta Sewakadarma
    Category: Data Breach
    Content: A threat actor claims to have leaked 5,000 customer records from Tirta Sewakadarma. The compromised data reportedly includes customer numbers, customer names, customer addresses, and additional information.
    Date: 2026-01-17T07:37:33Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DOCUMENTS-5000-PDAM-customer-data-from-Denpasar-City-Bali-was-leaked
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/87361dbb-6112-4e3d-bab1-a70d7bd7d75b.png
    Threat Actors: AYYUBI
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: tirta sewakadarma
    Victim Site: pdam.denpasarkota.go.id
  76. Colacem Spa falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained of organizations data.
    Date: 2026-01-17T07:37:17Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=9cde3498-8e26-3ca3-9f27-4c6de50f3a77
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ec1b8ee5-29ec-4606-9d3e-11a37ea41637.png
    Threat Actors: Qilin
    Victim Country: Italy
    Victim Industry: Building and construction
    Victim Organization: colacem spa
    Victim Site: colacem.com
  77. Ilumno falls victim to Qilin ransomware
    Category: Ransomware
    Content: The threat actor claims to have obtained the organisations data.
    Date: 2026-01-17T07:28:19Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=9f5b5e3a-0e3a-3d34-ac31-a2d090269f7b
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4f879a3f-6f19-44fa-87b8-cc0fa129a5be.JPG
    Threat Actors: Qilin
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: ilumno
    Victim Site: ilumno.com
  78. Laboratorios Smasac falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained of organizations data.
    Date: 2026-01-17T06:41:33Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=bd2149c3-8de3-3674-9846-8bef1
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8853c719-61b0-4e3a-a962-c5c825dd259e.png
    Threat Actors: Qilin
    Victim Country: Peru
    Victim Industry: Chemical Manufacturing
    Victim Organization: laboratorios smasac
    Victim Site: smasac.com
  79. Alleged Leak of Personal Data From Panama.
    Category: Data Breach
    Content: The threat actor claims to be leaked personal data from Panama. The compromised data reportedly contain 2,666 records including Full names, Phone numbers, Phone numbers.
    Date: 2026-01-17T06:39:23Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-%F0%9F%87%B5%F0%9F%87%A6-1k-Panama-people-Name-Phone-Mail%F0%9F%94%A5
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/006fc8ad-b9b5-4050-968e-fd0c9126a126.png
    Threat Actors: BrokenSygnal
    Victim Country: Panama
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  80. TRASER SEC TEAM targets the website of mihdm.edu.bd
    Category: Defacement
    Content: The group claims to have defaced the website mihdm.edu.bd
    Date: 2026-01-17T06:33:57Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228314
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7a9fec10-188c-4588-8a39-d60aaacf91ec.png
    Threat Actors: TRASER SEC TEAM
    Victim Country: Bangladesh
    Victim Industry: Education
    Victim Organization: muhammadia islamia hafizia dakhil madrasah
    Victim Site: mihdm.edu.bd
  81. NotraSec targets the website of Lush Granites LLC
    Category: Defacement
    Content: The group claims to have defaced the website of Lush Granites LLC.
    Date: 2026-01-17T06:28:55Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228962
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1b2b39d1-cbc6-4f43-8504-2c66e9e993f4.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Manufacturing
    Victim Organization: lush granites llc
    Victim Site: lushgranites.com
  82. NotraSec targets the website of Kosh Innovations
    Category: Defacement
    Content: The group claims to have defaced the website of Kosh Innovations.
    Date: 2026-01-17T06:26:20Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228959
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e6ff21ed-e3be-46e8-b8be-4f913d05cc48.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Manufacturing
    Victim Organization: kosh innovations
    Victim Site: koshinnovations.com
  83. Team Bangladesh cyber squad targets the website of ideatore.net.in
    Category: Defacement
    Content: The group claims to have defaced the website of ideatore.net.in
    Date: 2026-01-17T06:11:47Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228976
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e4659713-447f-428e-80af-4ed5f8ab6c71.png
    Threat Actors: Team Bangladesh cyber squad
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: ideatore.net.in
  84. NotraSec targets the website of AARCS Engineering
    Category: Defacement
    Content: The group claims to have defaced the website of AARCS Engineering
    Date: 2026-01-17T06:07:07Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228936
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f251d6b9-097a-4708-8959-44f0acc7401e.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Building and construction
    Victim Organization: aarcs engineering
    Victim Site: aarcsengineering.com
  85. NotraSec targets the website of LV Solar Solutions
    Category: Defacement
    Content: The group claims to have defaced the website of LV Solar Solutions
    Date: 2026-01-17T06:06:13Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228963
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a709930f-86d2-4d82-9af7-7eb679d55c3d.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Other Industry
    Victim Organization: lv solar solutions
    Victim Site: lvsolarsolutions.in
  86. Notrasec targets the website of Kosh Electra
    Category: Defacement
    Content: The group claims to have defaced the website of Kosh Electra.
    Date: 2026-01-17T06:05:04Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228958
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7b604966-bfce-489a-ac25-a961934d7fd3.png
    Threat Actors: NotraSec
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: kosh electra
    Victim Site: koshelectra.com
  87. Team Bangladesh cyber squad targets the website of HTM Solutions
    Category: Defacement
    Content: The group claims to have defaced the website of HTM Solutions.
    Date: 2026-01-17T06:04:18Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228977
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/35af04b2-2ee3-4c22-aeb0-cf224dff8a88.png
    Threat Actors: Team Bangladesh cyber squad
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: htm solutions
    Victim Site: htmsolutions.in
  88. NotraSec targets the website of Aqua Green Hotel
    Category: Defacement
    Content: The group claims to have defaced the website of Aqua Green Hotel
    Date: 2026-01-17T06:02:34Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228940
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ce4920d5-47a7-426d-9923-187902f01fd3.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Hospitality & Tourism
    Victim Organization: aqua green hotel
    Victim Site: aquagreenhotel.com
  89. Central Group Roofing and Building Solutions falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained of organizations data.
    Date: 2026-01-17T06:01:50Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=ddfb1940-3f0b-35b9-a8bd-6c943cec8967
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/62935015-2d76-4bc9-a589-949ab156bf40.png
    Threat Actors: Qilin
    Victim Country: UK
    Victim Industry: Building and construction
    Victim Organization: central group roofing and building solutions
    Victim Site: centralroofing.co.uk
  90. NotraSec targets the website of Maha Hydraulics
    Category: Defacement
    Content: The group claims to have defaced the website of Maha Hydraulics
    Date: 2026-01-17T05:58:02Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228964
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5e8f25ac-a3fa-4bda-9c16-08fa97232ddc.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Manufacturing
    Victim Organization: maha hydraulics
    Victim Site: mahahydraulics.com
  91. NotraSec targets the website of Grand Builders
    Category: Defacement
    Content: The group claims to have defaced the website of Grand Builders
    Date: 2026-01-17T05:51:50Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3befc95e-3b11-48a0-94a4-34940758c7f2.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Real Estate
    Victim Organization: grand builders
    Victim Site: grandbuilders.in
  92. NotraSec targets the website of Arunai Super Green Ventures
    Category: Defacement
    Content: The group claims to have defaced the website of Arunai Super Green Ventures
    Date: 2026-01-17T05:47:49Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/228942
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6157220a-df40-4129-a4f5-714e95b84a79.png
    Threat Actors: NotraSec
    Victim Country: India
    Victim Industry: Real Estate
    Victim Organization: arunai super green ventures
    Victim Site: arunaisupergreenventures.com
  93. FLUORSID falls victim to Qilin Ransomware
    Category: Ransomware
    Content: The group claims to have obtained organizations data.
    Date: 2026-01-17T05:41:07Z
    Network: tor
    Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=684eeabb-ed60-3f08-a0d2-e51c04fa6333
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3cc1176f-893e-4088-922d-3b77a0562359.png
    Threat Actors: Qilin
    Victim Country: Italy
    Victim Industry: Chemical Manufacturing
    Victim Organization: fluorsid
    Victim Site: fluorsid.com
  94. Alleged Sale of Exelo Combo Tool v2
    Category: Malware
    Content: Threat actor claims to be offering Exelo Combo Tool v2, a high-volume combo processing and filtering suite designed for handling large-scale credential datasets. The tool is marketed toward power users requiring precise control over combo structure, cleanliness, and output at scale.
    Date: 2026-01-17T05:40:09Z
    Network: openweb
    Published URL: https://demonforums.net/Thread-Exelo-Combo-Tool-v2
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/800607d0-df3f-4939-a66b-f2923a79150f.png
    https://d34iuop8pidsy8.cloudfront.net/cdea1d76-d74f-4885-8d29-9ce5c5d1d9f9.png
    Threat Actors: Starip
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  95. Alleged Sale of DelTaco Checker
    Category: Malware
    Content: Threat actor claims to be offering DelTaco Checker, a high-speed capture-based credential checking and validation tool. The tool is designed for large-scale checking operations, emphasizing raw throughput, minimal UI overhead, and real-time performance metrics.
    Date: 2026-01-17T05:36:16Z
    Network: openweb
    Published URL: https://demonforums.net/Thread-DelTaco-Checker-by-sup1s2d
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bd2385fb-bb67-47c4-80e3-4123ec9358d2.png
    Threat Actors: Starip
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  96. Alleged data leak of North Korea
    Category: Data Breach
    Content: The group claims to have leaked North Korea databases.
    Date: 2026-01-17T05:22:41Z
    Network: telegram
    Published URL: https://t.me/eightsixroot/336
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c1aeadbf-80e1-41c2-9626-3e1c368da20b.png
    Threat Actors: EIGHT-SIX ROOT
    Victim Country: North Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  97. Alleged data breach of Agence Régionale de Santé Auvergne‑Rhône‑Alpes
    Category: Data Breach
    Content: The threat actor claims to have leaked data related to Auvergne, a state public establishment in France. The compromised data reportedly contains 3,824 records, including municipality names, user details, email addresses, project statuses, and health policy-related information.
    Date: 2026-01-17T04:06:25Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-FRENCH-auvergne-rhone-alpes-ars-sante-fr-Leaked
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4a5c73c5-9d30-4fb7-99f8-32f595ec98e7.png
    https://d34iuop8pidsy8.cloudfront.net/2db5615a-afbd-4cb7-9b63-7f90cc727b09.png
    Threat Actors: RuskiNet
    Victim Country: France
    Victim Industry: Hospital & Health Care
    Victim Organization: agence régionale de santé auvergne‑rhône‑alpes
    Victim Site: auvergne-rhone-alpes.ars.sante.fr
  98. Alleged data leak of UK databases
    Category: Data Breach
    Content: The group claims to have leaked over 5000 of UK databases. The compromised data reportedly includes Email, Name and Mobile Phone.
    Date: 2026-01-17T03:03:23Z
    Network: telegram
    Published URL: https://t.me/PRIMZX/60
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b7caf9bc-3ea5-461c-a4d6-9f8cf9028905.png
    Threat Actors: PRIMZX
    Victim Country: UK
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  99. Alleged data leak of unidentified Gambling store in Thailand
    Category: Data Breach
    Content: The group claims to have leaked Thailand Gambling Database.
    Date: 2026-01-17T03:01:58Z
    Network: telegram
    Published URL: https://t.me/PRIMZX/60?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/121600be-3cd0-4bbe-ad73-99641c2178f8.png
    Threat Actors: PRIMZX
    Victim Country: Thailand
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  100. Alleged Sale of Unauthorized Access to USA-Based SSH Servers
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized access to four USA-based SSH access credentials.
    Date: 2026-01-17T02:37:03Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-Selling-4x-USA-BASED-SSH-ACCESS
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7c55b610-85f3-4255-8f6f-1bc568cbbbce.png
    Threat Actors: innocentzero
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  101. Alleged data leak of Belgium
    Category: Data Breach
    Content: The group claims to have leaked Belgium data. The compromised data reportedly includes phone, email, name, Date of birth and Address.
    Date: 2026-01-17T02:34:19Z
    Network: telegram
    Published URL: https://t.me/PRIMZX/61
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/91607cac-ed3c-43bb-ad3d-6c2d3fd06188.png
    Threat Actors: PRIMZX
    Victim Country: Belgium
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  102. Alleged Data Breach of BNMI India
    Category: Data Breach
    Content: The threat actor claims to be leaked data from BNMI India.
    Date: 2026-01-17T02:29:50Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-Database-Leak-https-bnmiindia-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6e1408f3-1770-4aea-a3dd-c121a3407331.png
    Threat Actors: humptydumpty_008
    Victim Country: India
    Victim Industry: Education
    Victim Organization: bnmi india
    Victim Site: bnmiindia.com
  103. Alleged Data Breach of City of Sevran
    Category: Data Breach
    Content: The threat actor claims an alleged data breach involving the City of Sevran, the exposed data originates from a structured CSV directory containing professional and administrative information related to municipal staff members for the period 2023–2025.
    Date: 2026-01-17T02:16:30Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-FR-Sevran-city-staff-2025
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/19794620-8581-4017-ade8-69ca9e06b230.png
    Threat Actors: 307sql
    Victim Country: France
    Victim Industry: Government Administration
    Victim Organization: city of sevran
    Victim Site: ville-sevran.fr
  104. Alleged Data Breach of PIX
    Category: Data Breach
    Content: The threat actor claims an alleged data breach of PIX, the leaked database contains approximately 35,000 records related to students and participants who used the PIX platform during 2023–2024.
    Date: 2026-01-17T01:49:21Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-PIX-FR-FRENCH-WEBSITE-35K
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/40952ef6-827f-4a0f-93a5-766ba7da774f.png
    Threat Actors: 307sql
    Victim Country: France
    Victim Industry: E-Learning
    Victim Organization: pix
    Victim Site: pix.fr

Related Posts