[February-9-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

This report analyzes 89 distinct cyber incidents recorded over a recent 24-hour period, primarily centered around February 9, 2026. The intelligence data reveals a highly volatile global threat landscape characterized by a mix of politically motivated hacktivism, financially driven data theft, and opportunistic initial access sales.

Key trends observed in this reporting period include:

  • Intense Geopolitical Conflict in the Middle East: A significant portion of the traffic involves targeted attacks between Israeli and Iranian entities, with threat actors like “A K U L A v 2” conducting a high-tempo campaign against Israeli infrastructure.+4
  • Systematic Targeting of French Sports Federations: A specific threat actor, “Kirigaya” (and others), has launched a coordinated effort against major French sporting bodies, including Judo, Hockey, and Basketball federations.+4
  • Widespread Government Data Leaks in Southeast Asia: Indonesia and South Korea are facing severe data sovereignty challenges, with multiple breaches of government ministries and local administrations.+4
  • The “Initial Access” Economy: Telegram channels, particularly those operated by “Pharaohs Team,” are flooding the market with unauthorized access credentials for small-to-medium enterprises (SMEs) across the UK, UAE, and Canada.+4

This report details these incidents by region, sector, and threat actor, concluding with strategic recommendations for mitigation.

2. Regional Threat Analysis

2.1. The Middle East: Cyberwarfare & Critical Infrastructure

The Middle East remains the most active theater for cyber operations in this dataset, driven largely by the “A K U L A v 2” group and “Mrhackbuddy.”

  • Israel: The country faced a barrage of breaches targeting media, telecommunications, and finance.
    • Media: Channel 14 and Mako had admin and login credentials leaked.+4
    • Telecommunications: Global SMS, iCRM SMS, and The Golan Telecom were all compromised, potentially exposing communication infrastructure.+2
    • Banking: “Mrhackbuddy” claimed unauthorized access to the Bank of Israel, allegedly stealing API keys and token patterns.
    • Infrastructure: Breaches were reported at Y. Super Electrical Systems LTD and Radware, a major cybersecurity firm.+1
  • Iran: Conversely, Iranian entities were targeted, likely in retaliation or as part of the same conflict loop.
    • Telecommunications: Login credentials for the Mobile Communications Company of Iran (MCI) were leaked.
    • Industrial: Inim Electronics suffered a website defacement by “Krypr Team”.
    • Finance: Sadad Electronic Payment credentials were exposed.+4
  • Iraq: The Iraqi digital space saw significant government and educational sector leaks.
    • Government: Breaches affected the National Identity Card Affairs Directorate and the Agricultural Cooperative Bank of Iraq.+1
    • Education: Ashur University’s database was leaked by “Sy-Root”.
  • UAE: The UAE faced a mix of government leaks and corporate espionage.
    • Government: Login credentials for the Government of UAE portal were leaked , alongside a passport database leak.+1
    • Corporate: Multiple initial access sales targeted construction and consulting firms like Ocean Stone Construction and Citrix Project Development Consultant LLC.+4

2.2. Europe: Data Privacy & Sports Federation Targeting

Europe saw high-volume data breaches, with a peculiar focus on French organizations.

  • France: A concerted campaign targeted French sports and public sectors.
    • Sports Federations: The French Judo Federation (203k records), Hockey Federation, and Basketball Federation (2.58M records) were all breached, exposing athlete and member PII.+4
    • Public Sector & Education: “Avantages-Jeunes” suffered a massive 92.4GB leak of ID documents. The University of Strasbourg and IFIP (Institut du Porc) were also compromised.+4
  • Spain: A severe breach of the National Identity Database (DNI) was reported, with 4.52 GB of scanned ID cards allegedly offered for sale.
  • European Commission: A cyberattack on mobile device management infrastructure exposed staff personal information, highlighting risks to supra-national governing bodies.
  • United Kingdom: Financial and retail sectors were hit. “Alpha Capital Group” suffered a data breach , and the fast-food chain “Pepe’s Piri Piri” saw customer data leaked.+1

2.3. Asia-Pacific: Government & Education Vulnerabilities

  • Indonesia: A hotspot for government data leaks.
    • Government: Breaches were reported at the Dukcapil Ministry of Home Affairs, Tegal City Government, and the Secretariat General of the DPR RI (Parliament). Defacement of the Palembang City Government website was also recorded.+4
  • South Korea: Massive data exposure occurred, with “Infrastructure Destruction Squad” claiming to leak data from government institutions and threatening to destroy infrastructure. Educational platform “Mint09” was also breached.+4
  • China: A significant breach of the Ministry of Public Security was alleged, involving 1.5 million records of vehicle plate data.
  • India: Educational and tech sectors were targeted, including the Association of Indian Universities and Sujal Technologies.+1

2.4. The Americas: Financial & Commercial Exploitation

  • USA: Threats ranged from government document sales to commercial access.
    • Government: A threat actor claimed to sell secret FBI documents and a general PII database of US citizens.+1
    • Commercial: Initial access to a construction management company and breaches of platforms like Duolingo and Farcaster were reported.+4
  • Canada: Focus was on initial access sales for web development and marketing firms like Monolith IMC and unauthorized PrestaShop access.+1
  • Argentina: Unauthorized admin access to e-commerce shops was sold.+1

3. Industry Sector Impact Assessment

3.1. Government & Public Sector

The public sector was the primary target by volume of sensitive records. The breach of the Spanish DNI and UAE Passport database represents a critical failure in protecting national identity data. In Indonesia and South Korea, the leaks appear to be systemic, affecting multiple layers of administration from city governments to national ministries.+3

  • Impact: Identity theft, national security risks, and erosion of public trust.

3.2. Financial Services

Banks and trading firms remain lucrative targets.

  • Incidents: Alpha Capital Group (UK) , European Banking Leads (EU) , Bank of Israel , Agricultural Cooperative Bank of Iraq.+3
  • Trend: Attackers are moving beyond simple credit card theft to stealing API keys and lead lists containing IBANs, facilitating sophisticated fraud and money laundering.+1

3.3. Telecommunications & Media

This sector is heavily targeted in the Israel-Iran conflict.

  • Incidents: Channel 14 , Mako , MCI (Iran) , Global SMS.+4
  • Impact: Disruption of information flow, propaganda dissemination, and interception of private communications (SMS).

3.4. Education

Universities and ed-tech platforms are soft targets often holding significant PII.

  • Incidents: Ashur University (Iraq) , Universitas Lambung Mangkurat (Indonesia) , University of Strasbourg (France) , Duolingo (USA).+4
  • Analysis: Educational institutions often lack the hardened security of financial firms, making them attractive for “practice” runs or bulk data harvesting.

3.5. Sports & Entertainment

A unique cluster of attacks targeted sports federations.

  • Incidents: French Judo, Hockey, and Basketball Federations.+4
  • Analysis: These organizations likely share a common software vendor or vulnerability that was systematically exploited by the actor “Kirigaya.”

4. Threat Actor Profiles

4.1. A K U L A v 2

  • Profile: A highly prolific group, likely politically motivated or a “hacktivist” mercenary entity.
  • Targets: Exclusively focused on Israeli and Iraqi targets in this dataset.
  • Tactics: Leaking login credentials and admin access.
  • Victims: Channel 14, Mako, Global SMS, WeSend, Hever Human Capital, Sadad Electronic Payment.+4
  • Assessment: This actor operates with high tempo, releasing multiple leaks within minutes of each other, suggesting automated harvesting or a large backlog of compromised credentials.

4.2. Kirigaya (and 0xKirigaya)

  • Profile: A data broker focused on high-volume database leaks.
  • Targets: French sports federations, US tech platforms, and Indian IT services.
  • Tactics: Full database dumps (SQL/JSON).
  • Victims: French Judo/Hockey/Basketball Federations, Duolingo, Farcaster, Sujal Technologies.+4
  • Assessment: Kirigaya appears to be a sophisticated actor capable of extracting millions of records (e.g., 2.58M from FFBB) and is motivated by reputation or sales on dark web forums.

4.3. Pharaohs Team (Market/Channel)

  • Profile: An “Initial Access Broker” (IAB). They do not typically leak full databases but sell the “keys” to the door.
  • Targets: Small to medium businesses in UAE, Canada, UK, and Philippines.
  • Tactics: Selling unauthorized access (likely RDP, VPN, or CMS admin panels).
  • Victims: Ocean Stone Construction, Thai On Rock, VIP Streaming, Cagsons Insurance.+3
  • Assessment: Financially motivated, indiscriminate targeting of vulnerable SMEs.

4.4. Z-SH4DOWSPEECH

  • Profile: A versatile actor targeting diverse regions (South Korea, Singapore, France, Thailand).
  • Targets: Education, Gov, and Fintech.
  • Victims: Mint09, JuzApps, University of Strasbourg, ECG-RESEARCH.+3

4.5. Infrastructure Destruction Squad

  • Profile: Aggressive actor using threats of physical/digital destruction.
  • Targets: South Korea.
  • Tactics: Claims to steal massive datasets (5TB) and encrypt systems.

5. Detailed Incident Analysis by Category

5.1. Major Data Breaches (1M+ Records or High Sensitivity)

  • French Basketball Federation (FFBB): 2.58 million records exposed. This is a massive breach of privacy for French citizens.
  • Ministry of Public Security (China): 1.5 million records including vehicle plates. High sensitivity due to the nature of the target.
  • Sujal Technologies (India): 16 million records including Aadhaar numbers and banking info. This poses a severe risk of financial fraud for affected individuals.
  • Niokobok (France/Senegal): 34 million records allegedly for sale. A massive e-commerce breach.
  • Jamendo (Luxembourg): 6.5 million user emails and metadata leaked. While less sensitive financially, it exposes user identities.

5.2. Initial Access Sales

The dataset highlights a thriving market for “access.” Unlike breaches where data is already stolen, these incidents represent potential breaches waiting to happen.

  • Retail & E-commerce: Access to shops in Argentina and South Africa and specific platforms like “PrestaShop” indicates automated scanning for CMS vulnerabilities.+2
  • Corporate Networks: Access to Citrix Project Development Consultant suggests compromised remote work infrastructure (Citrix/VPN).

5.3. Malware & Tools

  • MaaS (Malware-as-a-Service): Actor “xChimera” is selling malware development services, explicitly excluding .NET and preferring native code.
  • Device Spoofing: “paladius” is selling “Android Antidetect DeviceChanger,” a tool designed to bypass fraud detection systems by spoofing hardware IDs. This tool is likely used to facilitate the banking fraud mentioned in other sections.

6. Strategic Analysis & Recommendations

6.1. The “Credentials-to-Breach” Pipeline

The high volume of “Initial Access” sales by Pharaohs Team and leaks of credentials by AKULA v2 demonstrates that identity is the new perimeter. Attackers are bypassing firewalls by simply logging in.

  • Recommendation: Organizations must mandate Phishing-Resistant MFA (FIDO2/WebAuthn) for all external access points (VPN, Citrix, Admin Panels). Simple SMS OTP is insufficient against modern distinct actors.

6.2. Supply Chain Risks in Sports & Education

The cluster of attacks on French sports federations suggests a supply chain vulnerability—perhaps a shared software provider for member management. Similarly, the education sector breaches indicate shared vulnerabilities in Learning Management Systems (LMS).

  • Recommendation: Federations and educational bodies should conduct a joint audit of shared vendors. National CERTs (e.g., CERT-FR) should investigate commonalities between the FFJDA, FFH, and FFBB breaches.

6.3. API Security

The Bank of Israel breach involved the theft of API keys. This indicates that attackers are targeting the programmatic interfaces of financial institutions to bypass user-level controls.

  • Recommendation: Implement strict API gateway security, including rate limiting, key rotation, and anomaly detection for API usage patterns.

6.4. Geopolitical Shielding

Entities in Israel, Iran, and South Korea are in the crosshairs of state-aligned actors.

  • Recommendation: Critical infrastructure in these regions should operate on an “Assume Breach” mentality, focusing on segmentation and rapid incident response to limit the blast radius of inevitable intrusions.

7. Conclusion

The 24-hour period covered by this report depicts a cyber threat landscape that is relentlessly active and globally distributed. We are witnessing a convergence of criminal enterprise (e.g., the sale of 300 million database records ) and geopolitical conflict (e.g., Infrastructure Destruction Squad targeting South Korea ).+1

The most alarming trend is the commoditization of government data. From UAE passports to Spanish National IDs and Chinese police records, the barrier to obtaining sovereign data has lowered significantly. Furthermore, the targeted dismantling of the French sports ecosystem’s data privacy highlights how niche sectors can suddenly become focal points for specific threat actors.

For security professionals, the immediate takeaway is the necessity of credential hygiene and vendor risk management. The sheer volume of initial access sales confirms that for many organizations, the attacker is already at the door, holding the key.

Detected Incidents Draft Data

  1. Alleged Data Breach of Alpha Capital Group
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Alpha Capital Group, the dataset contains user account, payment, and trading-related information.
    Date: 2026-02-09T23:28:24Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-alphacapitalgroup-uk-Forex
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/582e7ea4-3fe0-4978-a665-9328bb1f9898.png
    Threat Actors: Wadjet
    Victim Country: UK
    Victim Industry: Financial Services
    Victim Organization: alpha capital group
    Victim Site: alphacapitalgroup.uk
  2. Alleged Sale of European Banking Leads Database
    Category: Data Breach
    Content: The threat actor is offering for sale a database of bank leads containing IBAN information from multiple European countries including Germany, France, Spain, and Italy. The dataset allegedly includes personal and financial details such as full names, addresses, email addresses (optional), phone numbers, IBAN numbers, and optional BIC/SWIFT codes.
    Date: 2026-02-09T22:56:21Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-IBAN-LEADS-Germany-France-Spain-Italy–187440
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b3a8935d-a75e-411a-97d7-aeda96a167a5.png
    Threat Actors: kaykaykay
    Victim Country: Unknown
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  3. Alleged data breach of HellHub
    Category: Data Breach
    Content: The threat actor claims to have leaked a 60MB database from the Russian gaming server/community HellHub, allegedly compromised in December 2025. The leaked data reportedly includes user account information such as usernames, player IDs, hashed passwords, IP addresses, session data, and other server-related records.
    Date: 2026-02-09T22:47:53Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-RU-60M-HellHub-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/70b9f9fb-ba15-4d5b-9fa5-68ee00536a12.png
    https://d34iuop8pidsy8.cloudfront.net/b1f83e1f-5785-44ee-8e3d-fc860225a3ab.png
    Threat Actors: leftcheekofpg
    Victim Country: Russia
    Victim Industry: Gaming
    Victim Organization: hellhub
    Victim Site: hellhub.site
  4. Alleged leak of UAE passport database
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly containing UAE passport records.
    Date: 2026-02-09T22:46:45Z
    Network: openweb
    Published URL: https://xforums.st/threads/493-47mb-uae-passport-07-by-x-forums.516646/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cc8a875e-6bda-498c-bd3d-77b6cdc95572.png
    Threat Actors: X Forum Bot
    Victim Country: UAE
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  5. Alleged data breach of Fédération Française de Judo
    Category: Data Breach
    Content: The threat actor claims to have hacked the French Judo Federation (FFJDA) and is offering the allegedly stolen database for sale. its states that the dataset contains around 203,000 records and includes personal information such as full names, dates of birth, addresses, postal codes, cities, emails, phone numbers, and judo rank/competition history.
    Date: 2026-02-09T22:17:08Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-FR-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-de-Judo
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6f37e490-bff6-4168-82de-519559abd2cc.png
    Threat Actors: kzh1337me
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: fédération française de judo
    Victim Site: ffjudo.com
  6. Krypr Team targets the website of Inim Electronics
    Category: Defacement
    Content: The group claims to have defaced the website of Inim Electronics
    Date: 2026-02-09T22:16:54Z
    Network: telegram
    Published URL: https://t.me/KryprTeam/38
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dd6b5ff9-889d-47fe-82f3-5fbba809e9c1.jpg
    Threat Actors: Krypr Team
    Victim Country: Iran
    Victim Industry: Electrical & Electronic Manufacturing
    Victim Organization: inim electronics
    Victim Site: inim.ir
  7. Alleged data breach of IFIP (Institut du Porc)
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly containing personal and professional contact information associated with IFIP (Institut du Porc), including names, email addresses, and organizational affiliations. The leaked data also includes entries linked to multiple French agricultural and livestock-sector organizations, such as ITAVI, Institut de l’Élevage, INRAE, ACTA, regional agricultural chambers, and related institutions.
    Date: 2026-02-09T22:08:47Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-French-Ralouf-institut-Leak
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f3ce7df5-f754-49da-a4e2-f0696dc7eee3.png
    Threat Actors: thomasvalmorin2828
    Victim Country: France
    Victim Industry: Farming
    Victim Organization: ifip (institut du porc)
    Victim Site: ifip.asso.fr
  8. Alleged leak of admin credentials to Channel 14
    Category: Data Breach
    Content: The group claims to have leaked admin credentials to Channel 14
    Date: 2026-02-09T21:19:20Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064688
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/698dd8ac-59cb-4664-9210-525cdd861c16.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Newspapers & Journalism
    Victim Organization: channel 14
    Victim Site: c14.co.il
  9. Alleged data leak of login credentials to Mobile Communications Company of Iran (MCI)
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Mobile Communications Company of Iran (MCI)
    Date: 2026-02-09T21:13:38Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064712
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ea1abb42-64de-4414-8ff9-b0b9b41f1a6a.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Network & Telecommunications
    Victim Organization: mobile communications company of iran (mci)
    Victim Site: mci.ir
  10. Alleged data leak of login credentials to Max Gaming
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Max Gaming
    Date: 2026-02-09T20:41:42Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064773
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e3b541f7-0a70-49f6-aa87-1a200f028884.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Gaming
    Victim Organization: max gaming
    Victim Site: maxgaming.ir
  11. Alleged leak of login credentials to Mako.
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Mako.
    Date: 2026-02-09T20:37:43Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064698
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7aa2186e-1c15-48d2-bb34-96514c4038e1.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Newspapers & Journalism
    Victim Organization: mako
    Victim Site: mako.co.il
  12. Alleged sale of unauthorized admin access to an unidentified shop in Argentina
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized WordPress administrator access to an unidentified shop in Argentina.
    Date: 2026-02-09T20:19:10Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275628/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d57a40f4-f1a9-4e67-91b2-427c2f195e2a.png
    Threat Actors: Reve
    Victim Country: Argentina
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  13. Alleged sale of unauthorized admin access to an unidentified shop in South Africa
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized WordPress administrator access to an unidentified shop in South Africa.
    Date: 2026-02-09T19:52:11Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275627/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/804e556b-b728-46aa-ab21-903f8df20d51.png
    Threat Actors: Reve
    Victim Country: South Africa
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  14. Alleged data breach of Ministry of Public Security
    Category: Data Breach
    Content: The Threat actor claims to be leaking a database allegedly linked to China’s Ministry of Public Security containing over 1.5 million records, including vehicle plate data and related capture logs with timestamps, identifiers, and system entries.
    Date: 2026-02-09T19:36:18Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-China-Minister-of-Public-Security-1573045-Rows-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c7fafe6a-1a9b-4e40-a596-b9754eb0d230.png
    Threat Actors: 303
    Victim Country: China
    Victim Industry: Government & Public Sector
    Victim Organization: ministry of public security
    Victim Site: mps.gov.cn
  15. Alleged sale of Malware Development Services and Seeking Team for MaaS Projects
    Category: Malware
    Content: The threat actor claims to offer development of malware and various technical solutions including bots, parsers, automation tools, reverse engineering, executable crypters (excluding .NET), traffic-flooding solutions, and stealers. The post states disinterest in cryptocurrency-related work, brute-force tools, web development, or C2 servers, and mentions a preference for native and lightweight malware development, including shellcode.
    Date: 2026-02-09T19:13:31Z
    Network: openweb
    Published URL: https://xss.pro/threads/145835/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/86a2856d-0837-465c-8c98-034762656a7a.png
    Threat Actors: xChimera
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  16. Alleged data breach of Ashur University
    Category: Data Breach
    Content: The group claims to have leaked the database of Ashur University. The compromised data reportedly includes ID, department ID (dept_id), main department ID (main_dept_id), admin assignment ID (id_admin_add_him), active status, password, username, department type (dept_type), last name, admin type, first name, and creation date.
    Date: 2026-02-09T19:08:34Z
    Network: telegram
    Published URL: https://t.me/c/2705921599/186
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c56145a8-7a24-42ed-9a79-e9ac6265d960.png
    Threat Actors: Sy-Root
    Victim Country: Iraq
    Victim Industry: Higher Education/Acadamia
    Victim Organization: ashur university
    Victim Site: au.edu.iq
  17. Alleged sale of Android Antidetect DeviceChanger software
    Category: Malware
    Content: The threat actor claims to be selling an Android application marketed as an antidetect tool. The software is advertised as enabling device model and parameter changes, spoofing hardware and software identifiers, manipulating Wi‑Fi and GPS environments, and bypassing Play Integrity checks.
    Date: 2026-02-09T18:50:43Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275612/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6b8c5506-4795-4eec-8643-dc23e9c8c5cb.png
    https://d34iuop8pidsy8.cloudfront.net/a0b28b0b-6572-401e-af86-5d4c85fb1879.png
    Threat Actors: paladius
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  18. Alleged Leak of 527K Worldwide Cryptocurrency User Email Database
    Category: Data Breach
    Content: The threat actor claims to be selling a database containing approximately 527,000 cryptocurrency-related user records worldwide. The allegedly leaked data includes email addresses, first and last names, phone numbers, country details, and associated brand codes, suggesting a large aggregated crypto marketing or user database.
    Date: 2026-02-09T18:41:05Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-527K-Worldwide-Cypto-Email-Database
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/47d41757-ef13-490b-837d-ae8c4ae0fc37.png
    Threat Actors: Pijush510
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  19. Alleged data breach of Bitfinex
    Category: Data Breach
    Content: The threat actor claims to be selling a database containing approximately 291K crypto-related user records allegedly linked to Bitfinex. The leaked data reportedly includes email addresses, full names, physical addresses, city/state/ZIP information, IP addresses, and website source details.
    Date: 2026-02-09T18:13:33Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-291K-Crypto-Email-Database-II-Bitfinex-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3856eb13-0f86-4640-823e-3e4151981aa0.png
    Threat Actors: Pijush510
    Victim Country: British Virgin Islands
    Victim Industry: Financial Services
    Victim Organization: bitfinex
    Victim Site: bitfinex.com
  20. Alleged data leak of login credentials to iCRM SMS
    Category: Initial Access
    Content: The group claims to have leaked login credentials to iCRM SMS
    Date: 2026-02-09T17:01:43Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064226
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/51247820-f7f1-42b5-b911-26b6f4ad8abc.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Network & Telecommunications
    Victim Organization: icrm sms
    Victim Site: icrm.co.il
  21. Alleged data breach of Universitas Lambung Mangkurat
    Category: Data Breach
    Content: A threat actor claims to have leaked a database allegedly belonging to Universitas Lambung Mangkurat, specifically from the Faculty of Teacher Training and Education.
    Date: 2026-02-09T16:42:55Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-UNIVERSITAS-LAMBUNG-MANGKURAT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b7419c76-f200-475c-afb5-a02213a1e07f.png
    Threat Actors: MrLolzzz
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: universitas lambung mangkurat
    Victim Site: ulm.ac.id
  22. Alleged data leak of login credentials to WeSend.
    Category: Data Breach
    Content: The group claims to have leaked login credentials to WeSend.
    Date: 2026-02-09T16:37:52Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064238
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a227f4d9-d5f1-4790-996a-1ca232dcb4da.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: wesend
    Victim Site: wesend.co.il
  23. Alleged data breach of Pepe’s Piri Piri
    Category: Data Breach
    Content: The threat actor claims to have leaked data allegedly linked to Pepe’s Piri Piri, a UK-based fast-food restaurant brand. The exposed information reportedly includes customer and internal records.
    Date: 2026-02-09T16:32:34Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-Pepe-s-Piri-Piri-Major-UK-Fast-Food-Chain-%E2%80%94-2-142-234-Customers
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3c938672-f083-479a-97f1-118ed03266ce.png
    https://d34iuop8pidsy8.cloudfront.net/3e2ecaaa-990b-400a-afc2-e6a3f5c61071.png
    Threat Actors: outcaaaast
    Victim Country: UK
    Victim Industry: Restaurants
    Victim Organization: pepe’s piri piri
    Victim Site: pepes.co.uk
  24. Alleged data breach of Mint09
    Category: Data Breach
    Content: The group claims to have leaked the database of Mint09, The compromised data reportedly includes Account ID, user Id, provider Type, provider Id, provider Account Id, refresh token, access token, access token Expires, created At, updated At, User ID, name, first name, last name, nickname, mint05_id, email, email verified, password, image, user type, is archived, gender, student level, birthday, created At, updated At, class mode, is logged In, is connected, has viewed notice, has edited mint id, is Admin, and super password.
    Date: 2026-02-09T16:14:07Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/273
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6dcaf851-2149-4fc2-a3fb-01737decdd36.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: South Korea
    Victim Industry: Education
    Victim Organization: mint09
    Victim Site: mint09.com
  25. Alleged data breach of Avantages-Jeunes
    Category: Data Breach
    Content: The threat actor claims to be selling a 92.4 GB database allegedly linked to Avantages-Jeunes. The dataset reportedly contains around 480,000 records and approximately 56,000 documents, including national ID cards, photographs, signed documents, and birth certificates.
    Date: 2026-02-09T16:07:56Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-FR-92-4-Go-Avantages-Jeunes-CNI-PICTURE
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b0fab76b-1b32-4d14-a681-e7a06c4df72a.png
    Threat Actors: DumpSec
    Victim Country: France
    Victim Industry: Government & Public Sector
    Victim Organization: avantages-jeunes
    Victim Site: avantagesjeunes.com
  26. Alleged leak of 300 million database records from multiple countries
    Category: Data Breach
    Content: The threat actor advertises access to over 300 million leaked database records from multiple countries through a Telegram bot. The actor claims the bot can retrieve sensitive information such as passwords, phone numbers, addresses, and ID numbers by entering an email address.
    Date: 2026-02-09T16:06:59Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-300M-DATABASES-LEAKS-ALL-COUNTRYS
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d1662439-b8de-47bc-aa83-a2f9db81f721.png
    Threat Actors: Epaaaa2021
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. Alleged data breach of Duolingo
    Category: Data Breach
    Content: A threat actor claims to be sharing a dataset allegedly associated with Duolingo. The exposed data reportedly contains user information such as email addresses, usernames, language preferences, profile country, and account creation dates.
    Date: 2026-02-09T16:01:26Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-FR-Duolingo
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dfd5a951-8197-4d6c-a2c2-778ae8a20eb9.png
    Threat Actors: Kirigaya
    Victim Country: USA
    Victim Industry: E-Learning
    Victim Organization: duolingo
    Victim Site: duolingo.com
  28. Alleged data breach of Spanish National Identity Database (DNI)
    Category: Data Breach
    Content: The threat actor claims to be offering a 4.52 GB dataset allegedly containing front and back images of Spanish National Identity Documents (DNI). the data includes scanned identity card informations.
    Date: 2026-02-09T15:55:23Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Documento-Nacional-de-Identidad-DNI-Spain-Espa%C3%B1a
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5dbaa0cc-1e83-4622-908f-15afcb2557c9.png
    Threat Actors: 0xKirigaya
    Victim Country: Spain
    Victim Industry: Government & Public Sector
    Victim Organization: spanish national identity database (dni)
    Victim Site: dnielectronico.es
  29. Alleged data breach of Tegal City Government
    Category: Data Breach
    Content: The threat actor claims to possess and share a database allegedly belonging to Tegal City, Indonesia.
    Date: 2026-02-09T15:39:05Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-KOTA-TEGAL
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/717f33b4-b594-4313-ab27-266209015d6e.png
    Threat Actors: 1LH4MZXSEC
    Victim Country: Indonesia
    Victim Industry: Government & Public Sector
    Victim Organization: tegal city government
    Victim Site: tegalkota.go.id
  30. Alleged sale of unauthorized access to Citrix Project Development Consultant LLC
    Category: Initial Access
    Content: The threat actor claims to be selling access belonging to Citrix Project Development Consultant LLC.NB: The authenticity of the claim is yet to be verified.
    Date: 2026-02-09T15:37:37Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e09a100e-e649-41e6-97f6-0b7b67f45fd4.png
    Threat Actors: Pharaohs Team market
    Victim Country: UAE
    Victim Industry: Information Technology (IT) Services
    Victim Organization: citrix project development consultant llc
    Victim Site: citrix.ae
  31. Alleged data leak of South Korean government institutions
    Category: Data Breach
    Content: The group claims to have leaked South Korean government institutions. The exposed data allegedly includes official identity documents (driver’s licenses, hazardous materials permits, personal seal certificates), police investigation and traffic violation records, residence and address registrations, real estate contracts, complete bank account and transaction records, internal government and police communications, Ministry of Justice prison visitation records, e-commerce sales data, logistics and transportation records, and accounts linked to digital trading platforms.
    Date: 2026-02-09T15:36:40Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3635
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e9df0851-7001-4d05-915a-3db375fa03b0.jpg
    https://d34iuop8pidsy8.cloudfront.net/48dcd90f-9194-4bfc-8fb0-d71f99adf6cd.jpg
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: South Korea
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  32. Alleged data breach of Niokobok
    Category: Data Breach
    Content: The threat actor claims to be selling or sharing a database allegedly belonging to Niokobok. The database is said to be in SQL format, approximately 261 MB in size, and reportedly contains around 34,685,929 records. The exposed data may include customer and platform informations
    Date: 2026-02-09T15:36:20Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-niokobok-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d67a0daf-6e22-4c36-a9a3-a86cca86d39d.png
    Threat Actors: 0xKirigaya
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: niokobok
    Victim Site: niokobok.com
  33. Alleged data breach of Jamendo
    Category: Data Breach
    Content: The threat actor claims to have leaked a dataset containing approximately 6.5 million Jamendo user records. The leaked data allegedly includes user IDs, display names, email addresses, gender, biography details, and account-related metadata.
    Date: 2026-02-09T15:34:05Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-2026-6-5M-jamendo-com-user-emails-scrape
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a985cda8-2312-4324-b61e-b46d18180019.png
    Threat Actors: pine
    Victim Country: Luxembourg
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: jamendo
    Victim Site: jamendo.com
  34. Alleged data breach of Sujal Technologies
    Category: Data Breach
    Content: The threat actor claims to be leaking a database allegedly associated with Sujal Technologies. The database is described as being in SQL format, approximately 363 MB in size, and containing around 16,092,806 records. The leaked data reportedly includes extensive applicant and project-related information such as names, Aadhaar numbers, contact details, addresses, banking information, employment data, project funding details, and official documentation fields.
    Date: 2026-02-09T15:27:54Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-sujaltechnologies-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/862bff21-80a0-46bb-a380-caa4485d75c5.png
    Threat Actors: 0xKirigaya
    Victim Country: India
    Victim Industry: Information Technology (IT) Services
    Victim Organization: sujal technologies
    Victim Site: sujaltechnologies.com
  35. Alleged leak of login credentials to Hever Human Capital
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Hever Human Capital.
    Date: 2026-02-09T15:27:32Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064141
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/328a7721-829c-4244-95f4-6cd319ba5c79.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Staffing/Recruiting
    Victim Organization: hever human capital
    Victim Site: hever.co.il
  36. Alleged data breach of Maxance
    Category: Data Breach
    Content: The threat actor claims to have leaked approximately 348,346 records allegedly linked to French insurance company Maxance. The exposed data reportedly includes customer personal and contract information such as names, addresses, email addresses, phone numbers, policy details, vehicle information, and payment/insurance status.
    Date: 2026-02-09T15:22:03Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-maxance-com-348k
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/525f6948-f1cb-4674-8534-d16e540569c0.png
    Threat Actors: Angel_Batista
    Victim Country: France
    Victim Industry: Insurance
    Victim Organization: maxance
    Victim Site: maxance.com
  37. Alleged leak of login credentials to Global SMS
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Global SMS
    Date: 2026-02-09T15:21:26Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1064222
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ffb48414-3110-4839-bdf3-2d7b6bcfa49c.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Network & Telecommunications
    Victim Organization: global sms
    Victim Site: globalsms.co.il
  38. Alleged leak of login credentials to Government of UAE
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Government of UAE.
    Date: 2026-02-09T15:18:41Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063354
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9a58f434-b92e-418c-a9c6-d0f3258cf534.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: UAE
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: gov.ae
  39. Alleged data breach of JuzApps
    Category: Data Breach
    Content: The group claims to have leaked the database of JuzApps. The compromised data reportedly includes customer and location records with business identifiers, contact details, addresses, tax and GST information, credit limits and discount rates; authentication data containing user emails and password hashes; order and delivery records with device/session metadata, pricing and tax details; and user account tables with names, avatars, API tokens, and authentication fields
    Date: 2026-02-09T15:09:20Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/275
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4743218a-1c09-4f6f-a840-c1815a3b3a92.jpg
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Singapore
    Victim Industry: Information Technology (IT) Services
    Victim Organization: juzapps
    Victim Site: juzapps.com
  40. Alleged sale of unauthorized access to Monolith IMC
    Category: Initial Access
    Content: The threat actor claims to be selling access belonging to Monolith IMC.NB: The authenticity of the claim is yet to be verified.
    Date: 2026-02-09T14:52:28Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1f93460f-13de-43da-b0cf-2091d8e1d1a4.png
    Threat Actors: Pharaohs Team market
    Victim Country: Canada
    Victim Industry: Graphic & Web Design
    Victim Organization: monolith imc
    Victim Site: monolithweb.demo.subhostingdev.com
  41. Alleged unauthorised access to txAdmin
    Category: Initial Access
    Content: The threat actor claims to have gained unauthorised access to Tpadmin server.
    Date: 2026-02-09T14:51:40Z
    Network: openweb
    Published URL: https://breachforums.cz/index.php?threads/full-access-tpadmin-full-server-access-w-wso-webshell.358/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/12af8ced-ddc8-4348-8188-1b2f41e3ab6c.JPG
    Threat Actors: k0rb3nd4ll4s
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: txadmin
    Victim Site: txadmin.gg
  42. Alleged data breach of Radware
    Category: Data Breach
    Content: The group claims to have breached data from Radware.
    Date: 2026-02-09T14:38:02Z
    Network: telegram
    Published URL: https://t.me/c/2875163062/581
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3dd8233b-c77c-4cef-aaf1-1df996c697ee.png
    Threat Actors: RipperSec
    Victim Country: Israel
    Victim Industry: Computer & Network Security
    Victim Organization: radware
    Victim Site: radware.com
  43. Alleged sale of unauthorized access to Biger Impex
    Category: Initial Access
    Content: The threat actor claims to be selling access belonging to Biger Impex.NB: The authenticity of the claim is yet to be verified.
    Date: 2026-02-09T14:26:35Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1247dc59-105f-49d7-a58c-d7fdbe6338b8.png
    Threat Actors: Pharaohs Team market
    Victim Country: UK
    Victim Industry: Sports
    Victim Organization: biger impex
    Victim Site: biggerimpex.com
  44. Alleged unauthorized access to Bank of Israel​
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Bank of Israel​
    Date: 2026-02-09T14:18:10Z
    Network: telegram
    Published URL: https://t.me/hex_anonymous/227
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2577a8da-74fd-458b-8561-d16411ab68ad.JPG
    Threat Actors: Mrhackbuddy
    Victim Country: Israel
    Victim Industry: Banking & Mortgage
    Victim Organization: bank of israel​
    Victim Site: boi.org.il
  45. Mrhackbuddy claims to target Isareali banks
    Category: Alert
    Content: A recent post by the group indicates that they are targeting Isareali banks. They claims that they stole 100+ WORKING BANK API KEYS, TOKEN PATTERN SECRET, REAL-TIME MONEY DATA ACCESS
    Date: 2026-02-09T14:05:24Z
    Network: telegram
    Published URL: https://t.me/hex_anonymous/242
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/281e2a13-4cde-49f9-8760-cd7593dd3adc.JPG
    Threat Actors: Mrhackbuddy
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  46. Alleged leak of PII data from the United States of America
    Category: Data Breach
    Content: The threat actor claims to have leaked personally identifiable information (PII) from the United States of America (USA). The leaked data reportedly includes details such as names, email addresses, phone numbers, job titles, addresses, ZIP codes, and more.
    Date: 2026-02-09T13:56:57Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-AMERIKA-PEOPLE-DATA-hacked-by-Rizkynoreste
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aeaddd4d-04e8-48bb-83c7-65f60006d66a.png
    https://d34iuop8pidsy8.cloudfront.net/b1ec6319-e65e-43ae-b3ae-b4657b3f751a.png
    https://d34iuop8pidsy8.cloudfront.net/0581aec3-e0d5-4f6a-8b34-b1134d344276.png
    https://d34iuop8pidsy8.cloudfront.net/f281057b-c8d8-452c-ab43-006faef98f13.png
    https://d34iuop8pidsy8.cloudfront.net/0088e7da-1b76-4009-a542-083863eb0dc6.png
    Threat Actors: Rizex Nazi
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  47. Alleged Unauthorized Access to Adass Yisroel Mikvah Management System in UK
    Category: Initial Access
    Content: The group claims to have accessed the management system of the Adass Yisroel Mikvah in the United Kingdom, reportedly gaining visibility into and control over facility operations, including access control, door management, surveillance systems, and internal process settings.
    Date: 2026-02-09T13:22:42Z
    Network: telegram
    Published URL: https://t.me/zpentestalliance/1057
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/374a247f-3b0d-4632-9c5a-8556b55dce4b.png
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: UK
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  48. Alleged sale of secret documents of fbi
    Category: Data Breach
    Content: The group claims to be selling of secret documents of FBI
    Date: 2026-02-09T13:04:01Z
    Network: telegram
    Published URL: https://t.me/rubiconhack/155
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c4ab1cae-d36c-4ce0-83fd-afd04031bf82.png
    Threat Actors: Rubiconhack
    Victim Country: USA
    Victim Industry: Law Enforcement
    Victim Organization: fbi
    Victim Site: fbi.gov
  49. Infrastructure Destruction Squad claims to target South Korea
    Category: Alert
    Content: A recent post by the group indicates that they are targeting South Korea. They claims that they stole over 5TB of sensitive documents, compromised email accounts, and encrypted the victim’s systems.
    Date: 2026-02-09T13:01:14Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3622
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2bb8c624-be73-4e77-a5ce-0c7180d2f4b5.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: South Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  50. Alleged leak of login credentials to Agricultural Cooperative Bank of Iraq
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Agricultural Cooperative Bank of Iraq.
    Date: 2026-02-09T12:01:48Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063745
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/194d4848-384c-428e-970e-635e12cfaa0b.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Banking & Mortgage
    Victim Organization: agricultural cooperative bank
    Victim Site: agbank.gov.iq
  51. Alleged data breach of Secretariat General of the DPR RI
    Category: Data Breach
    Content: The threat actor claims to have breached a database allegedly containing sensitive NON-ASN personnel data from the Secretariat General of the DPR RI, including clean files with important information such as NIK, name, place, date of birth and more.
    Date: 2026-02-09T11:52:19Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-NON-ASN-DATA-OF-REGIONAL-SECRETARIAT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c6933bcb-497b-444f-94be-777b12640aa4.png
    Threat Actors: ShadowNex
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: secretariat general of the dpr ri
    Victim Site: dpr.go.id
  52. Alleged leak of login credentials to government Iraqi websites
    Category: Data Breach
    Content: The group claims to have leaked login credentials to government Iraqi websites
    Date: 2026-02-09T11:40:58Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063731
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9d9c5d34-900e-44f0-91f6-3fc70f0f356f.JPG
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  53. Alleged data leak of FACTURAN2
    Category: Data Breach
    Content: The Group claims to have breached data from FACTURAN2. The compromised data reportedly contains operational databases including rental records and multiple transaction, indicating exposure of internal business and financial records.
    Date: 2026-02-09T11:20:56Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/266
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d42ff0a4-398f-465c-8002-40b7d89593a9.png
    https://d34iuop8pidsy8.cloudfront.net/f3db0d18-5b77-49f7-bf40-b96bbdc60074.png
    https://d34iuop8pidsy8.cloudfront.net/9c34f301-4856-410f-bce3-8abd608fa515.png
    https://d34iuop8pidsy8.cloudfront.net/aa048543-53c5-41be-831f-44f138db3fb0.png
    https://d34iuop8pidsy8.cloudfront.net/0b39740d-e778-492f-add7-6442edf77596.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Dominican Republic
    Victim Industry: Software Development
    Victim Organization: facturan2
    Victim Site: facturan2.com
  54. Alleged leak of webshell access to vintool.vn
    Category: Initial Access
    Content: The threat actor claims to have leaked webshell access to vintool.vn.
    Date: 2026-02-09T11:19:42Z
    Network: telegram
    Published URL: https://t.me/Cy8er_N4ti0n_IND/107
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8007c898-d167-43f2-b80d-ed7b704446e2.png
    Threat Actors: CY8ER_N4TI0N
    Victim Country: Vietnam
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: vintool.vn
  55. Alleged data breach of University of Strasbourg
    Category: Data Breach
    Content: The group claims to have breached data from University of Strasbourg, compromised data includes tables such as OfqYtZP_users and wp_users, containing fields like ID, username, login credentials, passwords, email addresses, registration dates, and display names.
    Date: 2026-02-09T11:14:03Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/271
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/deb20949-7b6c-4401-8273-f6c689e2c335.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: France
    Victim Industry: Higher Education/Acadamia
    Victim Organization: university of strasbourg
    Victim Site: unistra.fr
  56. Cyber Attack hits European Commission
    Category: Cyber Attack
    Content: The European Commission said it suffered a cyber attack that breached its mobile device management infrastructure, potentially exposing personal information such as names and phone numbers of some staff members; the incident was detected on January 30, 2026, prompting investigators to contain the intrusion, assess the scope of the exposure, and take steps to secure systems while ensuring that core operations and internal services continued as the investigation and remediation efforts proceed
    Date: 2026-02-09T10:58:54Z
    Network: openweb
    Published URL: https://www.bleepingcomputer.com/news/security/european-commission-discloses-breach-that-exposed-staff-data/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Belgium
    Victim Industry: Government Administration
    Victim Organization: european commission
    Victim Site: commission.europa.eu
  57. Alleged sale of access to an unidentified US-based construction management company
    Category: Initial Access
    Content: The threat actor claims to be selling access to a U.S.-based construction management company with an estimated annual revenue of approximately $20 million.
    Date: 2026-02-09T10:38:15Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275585/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/542aa7a3-3645-4ee3-b608-7d2bc7ad6a23.png
    Threat Actors: Big-Bro
    Victim Country: USA
    Victim Industry: Building and construction
    Victim Organization: Unknown
    Victim Site: Unknown
  58. Alleged sale of Prestan2 database
    Category: Data Breach
    Content: The group claims to be selling database of Prestan2.
    Date: 2026-02-09T10:14:42Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/270
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/30534fa1-331d-4e5a-b332-d5c2b6721d57.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Dominican Republic
    Victim Industry: Software Development
    Victim Organization: prestan2
    Victim Site: prestan2.com
  59. Alleged leak of login credentials to The Golan Telecom
    Category: Data Breach
    Content: The group claims to have leaked login The Golan Telecom.
    Date: 2026-02-09T09:58:22Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063503
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0e0b1e21-981f-4fc3-82cb-8b0d4ffaa91c.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Network & Telecommunications
    Victim Organization: the golan telecom
    Victim Site: golantelecom.co.il
  60. Alleged leak of login credentials to ZineIQ
    Category: Data Breach
    Content: The group claims to have leaked login credentials to ZineIQ.
    Date: 2026-02-09T09:57:29Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063468
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9f70a124-ace3-42ae-a01a-7c48af39eb82.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Information Technology (IT) Services
    Victim Organization: zineiq
    Victim Site: zineiq.com
  61. Alleged data leak of Asco Systems Srl
    Category: Data Breach
    Content: The group claims to have leaked data from Asco Systems Srl.
    Date: 2026-02-09T09:41:01Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/265
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e78a0b32-51b4-4c94-9f95-646ed09733ca.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Italy
    Victim Industry: Information Technology (IT) Services
    Victim Organization: asco systems srl
    Victim Site: ascogroup.it
  62. Alleged leak of login credentials to National Identity Card Affairs Directorate
    Category: Data Breach
    Content: The group claims to have leaked login credentials to National Identity Card Affairs Directorate.
    Date: 2026-02-09T09:18:51Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063479
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dcc9714f-7fa3-46b6-b18b-c0bd6aa06782.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: national identity card affairs directorate
    Victim Site: nid-moi.gov.iq
  63. Alleged data breach of ECG-RESEARCH CO., LTD
    Category: Data Breach
    Content: The threat actor claims to have breached the database of ECG-RESEARCH CO., LTD. The exposed data reportedly consists of usernames, passwords, full names, phone numbers, email addresses, identification details, authentication tokens, transaction logs, and bank account information.
    Date: 2026-02-09T09:13:44Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/256
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e7fb5f6e-63f1-416d-bd25-6637305f2349.png
    https://d34iuop8pidsy8.cloudfront.net/d2dfb17b-e708-40d2-aa4e-8e824f7bcc5c.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Thailand
    Victim Industry: Investment Management, Hedge Fund & Private Equity
    Victim Organization: ecg-research co., ltd.
    Victim Site: ecg-research.com
  64. Alleged data breach of mngm
    Category: Data Breach
    Content: The group claims to have breached data from mngm, compromised data includes password resets, emails, tokens, creation dates, and user information such as IDs, client IDs, usernames, names, phone numbers, birth dates, email verification status, two-factor authentication status, activity status, language preferences, and passwords.
    Date: 2026-02-09T08:48:08Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/221
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/57c9931d-418b-4d68-b5fb-b1d41abc358c.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Egypt
    Victim Industry: Financial Services
    Victim Organization: mngm
    Victim Site: ec-stg.mngm.com
  65. Alleged data breach of Dukcapil Ministry of Home Affairs
    Category: Data Breach
    Content: The threat actor claims to have breached data from Dukcapil, Ministry of Home Affairs, allegedly containing ID, NIK, name, province, and more.
    Date: 2026-02-09T08:41:14Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DUKCAPIL-COUNTRY-INDONESIA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bbdce04b-1191-444a-98dd-d6bf00f15e89.png
    https://d34iuop8pidsy8.cloudfront.net/c5ece1f2-087d-4604-84d4-b6e6644cffa6.png
    Threat Actors: Jax7
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: dukcapil ministry of home affairs
    Victim Site: dukcapil.kemendagri.go.id
  66. Alleged sale of OneIxchange database
    Category: Data Breach
    Content: The group claims to be selling database of OneIxchange.
    Date: 2026-02-09T08:02:43Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/219
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bc89db48-707b-4585-a3f3-8da26b9d8a25.png
    https://d34iuop8pidsy8.cloudfront.net/c86551ce-2130-40bc-adf7-6b30b31fdfc6.png
    https://d34iuop8pidsy8.cloudfront.net/ae5c66ae-e5d3-424f-96b7-fe4f90293ff5.png
    https://d34iuop8pidsy8.cloudfront.net/f656a48e-1f2b-47d9-abdc-f7aee3178a89.png
    https://d34iuop8pidsy8.cloudfront.net/f51864d1-5e75-4dc9-971d-13d1824a65ce.png
    Threat Actors: Z-SH4DOWSPEECH
    Victim Country: Singapore
    Victim Industry: Information Technology (IT) Services
    Victim Organization: oneixchange
    Victim Site: oneixchange.com
  67. Alleged leak of login credentials to PureTrans
    Category: Data Breach
    Content: The group claims to have leaked login credentials to PureTrans
    Date: 2026-02-09T07:41:00Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063251
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4dc95bf1-851e-49be-9351-7b0d8f2bf507.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: UAE
    Victim Industry: Transportation & Logistics
    Victim Organization: puretrans
    Victim Site: puretrans.ae
  68. Alleged data leak of ClienDoeilOPT
    Category: Data Breach
    Content: A threat actor claims to have leaked 108 MB of data ,containing around 457,444 raw records which is reportedly shared in JSON format.
    Date: 2026-02-09T07:02:05Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-FR-ClienDoeilOPT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8ffce2f8-c2fe-4404-8ffb-1cfb0fffac85.png
    Threat Actors: Kirigaya
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  69. Alleged data sale of osintforum.com
    Category: Data Breach
    Content: Threat actor claims to be selling OSINTForum platform, including the osintforum.com domain and forum script.
    Date: 2026-02-09T06:51:29Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Selling-osintforum-com-for-sale
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/66357e66-7101-40ac-8c2c-9304dba02c98.png
    https://d34iuop8pidsy8.cloudfront.net/cb9c4f42-1dc5-4e17-a3c6-5cbdb65a5ab5.png
    Threat Actors: osintservicecom
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: osintforum
    Victim Site: osintforum.com
  70. Alleged leak of login credentials to Sadad Electronic Payment
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Sadad Electronic Payment
    Date: 2026-02-09T06:47:36Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1063371
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/28fc275a-fe0f-4ec0-98cd-3693249bb717.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Financial Services
    Victim Organization: sadad electronic payment
    Victim Site: sadadpsp.ir
  71. Alleged sale of unauthroized access to PrestaShop platform in Canada
    Category: Initial Access
    Content: Threat actor claims to be selling unauthroized access to PrestaShop platform in Canada
    Date: 2026-02-09T05:50:58Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275577/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0d942d85-cbe9-4c67-848c-90afd26ef522.png
    Threat Actors: Matthew
    Victim Country: Canada
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  72. Alleged Data Breach of Association of Indian Universities
    Category: Data Breach
    Content: The threat actor claims to have leaked data related to Association of Indian Universities. The compromised data reportedly contains 50K records, including ID, Paytm Customer Name, Customer Mobile, Customer Email, Gender, Bank, City and State information.
    Date: 2026-02-09T05:36:57Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-DATABASE-Association-of-Indian-Universities-Leaked
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0238c3f3-9160-40f3-ae0c-62743de028e3.png
    https://d34iuop8pidsy8.cloudfront.net/a35b226e-b141-48cb-8956-7ad0fa5be8a3.png
    Threat Actors: RuskiNet
    Victim Country: India
    Victim Industry: Education
    Victim Organization: association of indian universities (aiu)
    Victim Site: aiu.ac.in
  73. Alleged Data breach of TastyCloud
    Category: Data Breach
    Content: The threat actor claims to have leaked the database of TastyCloud. The compromised data includes 3,725,108 records including Invoice ID, Customer ID, Subscription ID, personal contact details, company information, billing and subscription information, payment related information, tax-related information, organizational contact details, and general notes etc.NB: The organization was previously breached on 24 December, 2024.
    Date: 2026-02-09T05:25:26Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-FR-TastyCloud
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/569250c4-6876-4a92-b651-27e7dfba2ba7.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Software Development
    Victim Organization: tastycloud
    Victim Site: tastycloud.fr
  74. Alleged Data Breach of EgyptAir
    Category: Data Breach
    Content: The threat actor claims to have breached the database of EgyptAir, the datasets contain unauthorized access to internal systems and the extraction of a full database containing over 104,000 records.
    Date: 2026-02-09T04:59:38Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-EGYPT-EgyptAir-Full-Database-Leak-104k-Records-Docs
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d42b246a-953a-4192-a382-d24427ba7a73.png
    https://d34iuop8pidsy8.cloudfront.net/92b45b11-8cab-41b6-9433-aff54e8eaa83.png
    Threat Actors: quellostanco
    Victim Country: Egypt
    Victim Industry: Airlines & Aviation
    Victim Organization: egyptair
    Victim Site: egyptair.com
  75. Alleged data breach of Bank of Israel
    Category: Data Breach
    Content: The group claims to have leaked the data of Bank of Israel. The compromised data includes Potential PII such as names, account numbers, balances, transaction history, KYC data and API key with access to customer data.
    Date: 2026-02-09T04:51:09Z
    Network: telegram
    Published URL: https://t.me/hex_anonymous/243
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/37df1395-a27b-4109-b3e7-6eb6b16ec757.png
    Threat Actors: Mrhackbuddy
    Victim Country: Israel
    Victim Industry: Banking & Mortgage
    Victim Organization: bank of israel
    Victim Site: boi.org.il
  76. Alleged Data Breach of Farcaster
    Category: Data Breach
    Content: The threat actor claims to have leaked data from Farcaster. The compromised data reportedly contains 1.3GB data including User account information such as platform user identifiers (FID), usernames, display names, profile biographies, profile images, location details, follower and following metrics, linked social media accounts, blockchain wallet addresses ,and associated metadata stored in JSON format.
    Date: 2026-02-09T04:36:04Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Farcaster-Wallet
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/caa59ccd-1be2-4433-9e46-66202416f9ae.png
    Threat Actors: Kirigaya
    Victim Country: USA
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: farcaster
    Victim Site: farcaster.xyz
  77. UNDERGROUND-NET targets the website of Pemerintah Kota Palembang
    Category: Defacement
    Content: The group claims to have defaced the website of Pemerintah Kota Palembang
    Date: 2026-02-09T03:35:04Z
    Network: telegram
    Published URL: https://t.me/c/2195292966/1279
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/486fd837-d08e-4c5c-9399-c7ed73772743.png
    Threat Actors: UNDERGROUND-NET
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: pemerintah kota palembang
    Victim Site: palembang.go.id
  78. Alleged unauthorized access to Bigger Impex
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Bigger Impex
    Date: 2026-02-09T01:53:18Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0d2b63f9-46cf-4203-a463-963483154d56.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: UK
    Victim Industry: E-commerce & Online Stores
    Victim Organization: bigger impex
    Victim Site: biggerimpex.com
  79. Alleged leak of login credentials to Y. Super Electrical Systems LTD
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Y. Super Electrical Systems LTD
    Date: 2026-02-09T01:36:25Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1062842
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b6653524-8af6-4749-96c1-a9317ff3ab66.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Industrial Automation
    Victim Organization: y. super electrical systems ltd
    Victim Site: yoso.co.il
  80. Alleged unauthorized access to Citrix Project Development Consultant LLC
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Citrix Project Development Consultant LLC.
    Date: 2026-02-09T01:35:40Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e31b24b1-fd08-4c75-a640-97aaab7a7733.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: UAE
    Victim Industry: Outsourcing & Offshoring
    Victim Organization: citrix project development consultant llc
    Victim Site: citrix.ae
  81. Alleged unauthorized access to Cagsons Insurance
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Cagsons Insurance
    Date: 2026-02-09T01:34:04Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f8560f92-21c9-4998-96ad-e2b15d630b2b.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: Philippines
    Victim Industry: Financial Services
    Victim Organization: cagsons insurance
    Victim Site: cagsonsinsurance.com
  82. Alleged Data Breach of MineWay
    Category: Data Breach
    Content: The threat actor claims to have breached the database of MineWay, the database contains approximately 172,000 user records.
    Date: 2026-02-09T01:28:58Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-MineWay-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/71851ea2-e459-4e59-b1cb-a32b5d92d4e0.png
    Threat Actors: leftcheekofpg
    Victim Country: Germany
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: mineway
    Victim Site: mineway.one
  83. Alleged unauthorized access to monolithweb
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to monolithweb
    Date: 2026-02-09T01:28:43Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e6c9d9e5-35e8-4bea-86b4-7103560ca772.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: Canada
    Victim Industry: Software Development
    Victim Organization: monolithweb
    Victim Site: monolithweb.demo.subhostingdev.com
  84. Alleged Data Breach of Fédération Française de Hockey
    Category: Data Breach
    Content: The threat actor claims to have breached the database of the Fédération Française de Hockey (FFH), the dataset contains personal, administrative, and licensing information related to hockey players and federation members across France.
    Date: 2026-02-09T01:24:57Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-Hockey
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/79d2495c-d302-4cb7-9254-e622fe7c879e.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: fédération française de hockey (ffh)
    Victim Site: ffhockey.org
  85. Alleged unauthorized access to Ocean Stone Construction
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Ocean Stone Construction.
    Date: 2026-02-09T01:06:16Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/27f530f5-6505-4e22-bf99-e9d9a192939e.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: UAE
    Victim Industry: Building and construction
    Victim Organization: ocean stone construction
    Victim Site: oceanstone.ae
  86. Alleged unauthorized access to Thai On Rock
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to Thai On Rock
    Date: 2026-02-09T00:57:12Z
    Network: telegram
    Published URL: https://t.me/Pharaohs_n/760
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b6a66e06-7801-4f1c-abad-628cbe3563d8.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: Canada
    Victim Industry: Restaurants
    Victim Organization: thai on rock
    Victim Site: thaionrock.ca
  87. Alleged unauthorized access to REDIFF UK
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to REDIFF UK
    Date: 2026-02-09T00:41:37Z
    Network: telegram
    Published URL: https://t.me/Pharaohs_n/760
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2f8fe8b5-9526-4d57-ad50-7b5b9544c1e6.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: UK
    Victim Industry: Management Consulting
    Victim Organization: rediff uk
    Victim Site: rediff.uk.com
  88. Alleged Data Breach Fédération Française de Basket-Ball
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Fédération Française de Basket-Ball (FFBB), the dataset contains over 2.58 million records.
    Date: 2026-02-09T00:14:12Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-Basket
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/94cc3ad7-4f91-42fc-8928-df5bff1ac34d.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: fédération française de basket-ball (ffbb)
    Victim Site: ffbb.com
  89. Alleged unauthorized access to VIP Streaming
    Category: Initial Access
    Content: Group claims to have gained unauthorized access to VIP Streaming
    Date: 2026-02-09T00:03:50Z
    Network: telegram
    Published URL: https://t.me/phteammarket/224
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/78e33fbc-f103-45b0-9244-1e7738eec080.png
    Threat Actors: Pharaohs Team Channel
    Victim Country: India
    Victim Industry: Entertainment & Movie Production
    Victim Organization: vip streaming
    Victim Site: vipstreaming.org

Related Posts