[February-19-2026] Daily Cybersecurity Threat Report

1. Executive Summary & Threat Landscape

The incidents analyzed in this report span multiple threat vectors, with Data Breaches constituting the vast majority of the recorded events. Key trends include the bulk sale of personally identifiable information (PII), the targeting of government and educational institutions, and the heavy reliance on Telegram and open web forums for the dissemination of compromised data.

1.1 Prolific Threat Actors

Several threat actors and groups demonstrated significant activity during this period:

• TelephoneHooliganism: This actor specializes in the mass exfiltration and sale of large-scale databases. Their targets are highly diverse, spanning government bodies (e.g., Bangkok Metropolitan Administration, Saudi Arabia’s Taqat, Mexico’s CONACYT, Osaka Prefectural Government), higher education (Walter Sisulu University, University of Madras), and global e-commerce entities (AK Mall, Eldorado, PCDIGA).
• A K U L A v 2 . 2: Operating primarily via Telegram, this actor focuses on leaking login credentials. They exhibit a strong geographic focus on the Middle East and Eastern Europe, targeting critical sectors in Iran, Iraq, Latvia, and Bulgaria.
• BABAYO EROR SYSTEM: This group is heavily engaged in website defacements. Their targets are predominantly located in South Asia, including entities in India and Nepal.
• HighRisk: Focused on data leaks and sales, this actor targeted European and American retail and IT service organizations, including Brillen.de, Swansway Garages Limited, and All Day Shirts.

1.2 Geographic and Industry Impact

• Geographic Distribution: The data indicates a truly global threat footprint. High-frequency target nations include Iran, Iraq, the United States, India, Bangladesh, Spain, and Latvia.
• Targeted Industries: Threat actors show a pronounced interest in Government Administration, Higher Education, E-commerce & Online Stores, and Financial Services.

---

2. Categorical Incident Log

The following sections provide a detailed breakdown of all 132 detected incidents, organized by threat category.

2.1 Data Breaches

Data breaches represent the most frequent type of incident in the dataset.

• Bangkok Metropolitan Administration: On February 19, 2026, TelephoneHooliganism claimed to sell leaked data from Thailand’s Bangkok Metropolitan Administration. The database reportedly contains sensitive citizen PII, including full names, national ID numbers, and medical record details.
• Shaparak: Threat actor A K U L A v 2 . 2 claimed to have leaked login credentials from Shaparak, an Iranian financial services organization, via Telegram.
• Tehran Server: A K U L A v 2 . 2 claimed to have leaked login credentials from Tehran Server, an Iranian IT services company.
• Consejo General del Trabajo Social: TelephoneHooliganism claimed to sell around 642,000 records from this Spanish civic organization, including customer contacts and transaction records.
• Jorjin Technologies Inc: TelephoneHooliganism claimed to sell 547,000 records from this Taiwanese consumer electronics company, exposing customer information and order history.
• Taqat: TelephoneHooliganism claimed to sell 723,000 records from Saudi Arabia’s National Labor Gateway, including candidate contact details and job applications.
• Walter Sisulu University (WSU): TelephoneHooliganism claimed to have leaked South African student records from WSU, exposing sensitive data such as dates of birth and academic records.
• AK Mall: TelephoneHooliganism claimed to sell 713,000 records from this South Korean e-commerce store, including purchase histories and IP addresses.
• Institute of Chartered Accountants of Bangladesh: Threat actor CrowStealer claimed to have leaked a database containing national ID numbers, firm names, and principal IDs.
• Eldorado: TelephoneHooliganism claimed to sell 742,000 records from this Russian e-commerce store, including login activity and store location data.
• Numberland: A K U L A v 2 . 2 claimed to have leaked login credentials from Numberland, an Iranian telecommunications organization.
• Square Yards UAE: Threat actor Buscador claimed to have leaked login credentials to Square Yards UAE, a real estate firm.
• University of the Argentine Social Museum: Threat actor BlackVortex1 claimed to be selling 15 GB of leaked data, including IDs and personal information.
• Zarrin Webite Builder: A K U L A v 2 . 2 claimed to have leaked login credentials from this Iranian software engineering organization.
• Ciamis Regency Government: Threat actor 1LH4MZXSEC claimed to have leaked the database of this Indonesian government entity, noting it was previously breached in July 2024.
• PCDIGA: TelephoneHooliganism claimed to have leaked a customer contacts database from this Portuguese e-commerce store, including tax IDs and billing addresses.
• Institute of Cell Biology NAS of Ukraine: Anonymous Algeria claimed to have breached the website of this Ukrainian educational institute.
• Syrian Ministry of Health: Anonymous Algeria claimed to have leaked employee details, including resumes and job details.
• ING Spain Accounts: Threat actor framull1 claimed to be selling a dataset of ING Spain Accounts, alongside accounts from Germany, Poland, and the Czech Republic.
• Property Finder: A K U L A v 2 . 2 claimed to have leaked login credentials from Property Finder, a UAE real estate organization.
• 2.8 Billion Fresh Private Log Records: Threat actor Mandana claimed to be selling a 97 GB dataset of stealer logs collected between February 16–19.
• Israel’s Sapir Crisis Management System: Threat actor Handala claimed to have exposed sensitive information regarding this alleged secret security system, releasing 1,500 contacts.
• French Civil Status Records: Threat actor kirosh claimed to have leaked a database containing 51.7 million records, including IBANs and BIC details.
• Strange Science Library: A K U L A v 2 . 2 claimed to have leaked login credentials from this Iranian library.
• Palisbook: A K U L A v 2 . 2 claimed to have leaked login credentials from this Iranian online publisher.
• Syiah Kuala University: Threat actor kekasihgelap claimed to have leaked 9,925 student records covering the 2024–2025 academic period from this Indonesian university.
• National Border Guard (Latvia): A K U L A v 2 . 2 claimed to have leaked login credentials to this Latvian government sector entity.
• [email protected]: A K U L A v 2 . 2 claimed to have leaked login credentials to this specific Latvian email address.
• mail.sansalvador.gob.sv: A K U L A v 2 . 2 claimed to have leaked login credentials to this El Salvadorian domain.
• Good online shopping (Israel): Both A K U L A v 2 . 2 and Buscador independently claimed to have leaked login credentials to this Israeli e-commerce site (ktl.co.il).
• mil.ae: A K U L A v 2 . 2 claimed to have leaked login credentials from this UAE domain.
• naracity-license-phe.com: Threat actor EXADOS claimed to have breached data including databases and email accounts, and also claimed to have defaced the website.
• Pakistani Records: Threat actor frog claimed to have leaked 129 million Pakistani records, including CNIC details and phone numbers.
• Sapir College: Handala claimed responsibility for an alleged breach involving contact details purportedly linked to a commander or senior individual connected to the Israeli school.
• Yangon City Development Committee: A K U L A v 2 . 2 claimed to have leaked login credentials to this Myanmar government entity.
• Straumann: Threat actor ByteToBreach claimed to have breached 25 GB of sensitive corporate documentation from this Swiss medical equipment manufacturer.
• Saipa Automotive Group products: A K U L A v 2 . 2 claimed to have leaked login credentials from this Iranian automotive organization.
• State Border Guard College: A K U L A v 2 . 2 claimed to have leaked login credentials from this Latvian government entity.
• Unity Bank: Buscador claimed to have leaked login credentials to Unity Bank in the USA.
• Meshulam: A K U L A v 2 . 2 claimed to have leaked login credentials from this Israeli organization.
• Interior Ministry Information Center: A K U L A v 2 . 2 claimed to have leaked login credentials from this Latvian government entity.
• Heyat Omana Arzi: A K U L A v 2 . 2 claimed to have leaked login credentials from this Iranian healthcare organization.
• Latvia State Police: A K U L A v 2 . 2 claimed to have leaked login credentials from this Latvian law enforcement agency.
• BBVA Mexico Bank: Threat actor frog claimed to have breached 3.3 million data records, including client IDs and card types, from this Mexican financial institution.
• UAE Business Leads Data: Threat actor asfmnyr5g claimed to have leaked data on 222,000 UAE business leads, including email addresses and P.O. Box numbers.
• Ministry of Energy of Bulgaria: A K U L A v 2 . 2 claimed to have leaked login credentials from this Bulgarian government entity.
• Rossiya Airlines: A K U L A v 2 . 2 claimed to have leaked login credentials from this Russian aviation organization.
• Arston Cladding Ltd.: Threat actor “the hand of justice” claimed to have breached blueprints and financial documents from this Israeli construction company.
• Ministry of Transport and Communications of Bulgaria: A K U L A v 2 . 2 claimed to have leaked login credentials from this government entity.
• Swansway Garages Limited: Threat actor HighRisk claimed to have leaked data from this UK automotive organization.
• AddWeb Solution Pvt. Ltd.: HighRisk claimed to have leaked data from this Indian IT services company.
• Grand Candy: Threat actor c0mmandor claimed to have breached 256 entries from this Armenian food production company, exposing partial credit card numbers and associated bank names.
• Brillen.de: HighRisk claimed to have leaked 1.5 million customer records from this German retail organization.
• phd.iq: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi domain.
• All Day Shirts: HighRisk claimed to have leaked 300,000 customer records from this US e-commerce store.
• pension.gov.iq: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi domain.
• Iraqi Electronic Passport Portal: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi government portal.
• Zeew.eu: Threat actor xpsh3ll claimed to have breached a database from this Latvian e-commerce store, including website configuration files.
• Hilan: A K U L A v 2 . 2 claimed to have leaked login credentials to this Israeli IT services company.
• Social Protection Authority: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi government administration.
• Industrias San Miguel: Threat actor NopName claimed to have leaked logistics records and personal identification details of 17,000 employees from this Peruvian food and beverages group.
• Al-Nisour University: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi higher education institution.
• Philippine Care, Inc.: TelephoneHooliganism claimed to be selling 742,000 records from this Philippine healthcare organization, including Customer Support Cases.
• THE National Bank of Ukraine (NBU): Threat actor cyandiboo claimed to be selling approximately 1,500,000 records from the NBU’s souvenir coin sales service, including MD5 password hashes.
• Al-Alamein Institute for Postgraduate Studies: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi educational institution.
• TRA-Project Database: Threat actor lulzintel claimed to be selling 400,000 credit card records and 35,000 account records linked to shel-bz.shop.
• Binance.US: Threat actor STOMP2 claimed to have breached 1,495,000 records from Binance.US, including KYC status and verification flags.
• Pakistan Telecom and Identity Data: Threat actor Tanaka claimed to have leaked 129 million records from Pakistan, including mobile phone and CNIC data.
• Consumer Rights Commission of Pakistan: TelephoneHooliganism claimed to be selling 537,000 records from this organization, including geolocation data and authentication metadata.
• Arab Bank Iraq: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi financial services organization.
• Real Estate General Authority (REGA): A K U L A v 2 . 2 claimed to have leaked login credentials to this Saudi Arabian real estate authority.
• Xero: TelephoneHooliganism claimed to be selling 184,000 records from Xero in New Zealand, including subscription histories and business accounts.
• BBizz Shop: TelephoneHooliganism claimed to be selling 187,000 records from this Netherlands e-commerce store, including marketing campaign interactions.
• Phomolong: TelephoneHooliganism claimed to have leaked 427,000 records from this Lesotho hospitality organization, including encrypted authentication data.
• Osaka Prefectural Government: TelephoneHooliganism claimed to be selling 685,000 records from this Japanese government entity, including payroll records and service requests.
• Chinese Identity Documents: Threat actor DocLite claimed to have leaked Chinese national identity card images and selfie verification videos.
• US Credit Card Records (350 count): Threat actor Yarikmsk77 claimed to be selling 350 US credit card records, including CVV and IP addresses.
• US Credit Card Records (120 count): Yarikmsk77 claimed to be selling 120 fresh US credit card records with a 75% validity rate, with bidding starting at $700.
• US Identity Document Images: DocLite claimed to have leaked US identity documents, including passports and SSN photos.
• CONACYT: TelephoneHooliganism claimed to have leaked 712,000 records from this Mexican government administration, including researcher contact information and compliance documentation.
• Iranian Data: A K U L A v 2 . 2 claimed to have leaked government, ministry, military, and health reports containing Iranian data.
• cracked.io: Threat actor ultrainstinto claimed to have leaked data from cracked.io, including bcrypt hashed passwords and login metadata.
• Jelgavas Poliklīnika: TelephoneHooliganism claimed to be selling 685,000 records from this Latvian hospital, including patient educational records.
• University of Madras: TelephoneHooliganism claimed to be selling 742,000 records from this Indian educational institution, including student enrollments and support tickets.
• Biblioteche di Roma: TelephoneHooliganism claimed to be selling 280,000 records from this Italian library organization, including device registrations.
• Jófogás: TelephoneHooliganism claimed to have leaked 334,000 records from this Hungarian e-commerce store, including encrypted passwords.
• Cars.iq: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi automotive domain.
• Monedas: Threat actor Wadjet claimed to be selling Spanish cryptocurrency user data from Monedas.com, encompassing 62,394 records. Similarly, threat actor anugod claimed to sell 62,394 records linked to monedas.com, beetcoins.com, münzen.com, and moedas.io, including avatar links and cryptocurrency fields.
• Communications and Media Commission: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi broadcast media organization.
• Web Design Hong Kong: TelephoneHooliganism claimed to have leaked 287,000 records from this Chinese graphic design firm, including invoice related information.
• Central Organization for Standardization and Quality Control: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iraqi government administration.
• MTN Irancell: A K U L A v 2 . 2 claimed to have leaked login credentials to this Iranian telecommunications organization.
• Praktiker Hellas: TelephoneHooliganism claimed to have leaked 184,000 records from this Greek e-commerce store, including survey response data.

2.2 Initial Access Sales

Threat actors frequently monetize unauthorized access to corporate environments.

• Canadian IT Support Panel: A threat actor known as Asian_Baddie claimed to be selling unauthorized admin access to an IT support panel with root server access in Canada. This access allegedly controls 1,000 PCs across 100 companies.
• Gazeta do Povo: Threat actor Sanguine claimed to be selling unauthorized admin access to this Brazilian newspaper publisher.
• US ISP Providers: Threat actor SOUND2 claimed to be selling unauthorized access to multiple US-based internet service providers, including Xfinity and Verizon.
• Chile Hotel Reservation System: Threat actor s4sori claimed to be selling unauthorized access to a system containing approximately 3,000 booking records.
• PrestaShop CMS in Spain: Threat actor “apps” claimed to be selling unauthorized access to a PrestaShop environment integrated with the Redsys payment gateway, including webshell capabilities.
• Ministry of Health of Buenos Aires Province: Threat actor Liberty claimed to have obtained unauthorized access to a government email ID.
• Apex Print Pac: BABAYO EROR SYSTEM claimed to have leaked login credentials to this Indian packaging organization.
• South Korea Billboard TV Admin: Threat actor RipperSec claimed to have gained unauthorized access to a South Korean Billboard TV admin account.
• Swedish Water Supply System: Threat actor NoName057(16) claimed to have gained unauthorized access to a heating and hot water supply system of a residential building in Sweden.
• Right Solution: Threat actor NXBB.SEC claimed to have leaked login credentials to this Thai manufacturing organization.
• WordPress Store in USA: Threat actor ParanoiaDe claimed to be selling unauthorized admin access to a WordPress store.
• SAR Based Shop: Threat actor savel987 claimed to be selling unauthorized admin and database access to an unidentified online shop.
• Aviation Company: Threat actor privisnanet claimed to be selling VMware vSphere full access to over 40 machines belonging to an aviation company with $1.6 billion in revenue.
• Spanish Industrial Cold Rooms: Z-PENTEST ALLIANCE claimed to have gained access to a monitoring and control system for compressor equipment in Spain.
• Multiple PrestaShop Stores: Threat actor Matteo claimed to be selling access to multiple PrestaShop stores generating 2,000–4,000 credit card transactions per month.

2.3 Website Defacements

Website defacements are primarily utilized by hacktivist or low-tier disruption groups.

• BABAYO EROR SYSTEM: This group claimed defacements targeting Digital SAMI in Nepal, Stiff Security Services in India, Pushtimarg Shringar in India, SHREENATHTECHNOLOGIES in India, SAMI BK in Nepal, mrparatha.in, and Vrinda Dryfruits.
• Z-BL4CX-H4T: This group claimed to have defaced multiple websites, including tripperhub.in, triptoglory.com, and destinationlehladakh.com.
• HexaForce Alliance: This group claimed defacements targeting multiple educational institutions in Bangladesh, including Kararchar Mvi. Tofazzal Hossain High School, Nurjahan Begum High School, and Mokamia High School.

2.4 Malware & Vulnerabilities

The dataset indicates the active sale and distribution of sophisticated malware tools and exploits.

• Stealth Remote Access Malware (RAT): Threat actor mailsz claimed to be renting a stealth RAT that operates over HTTPS and provides remote command execution via CMD and PowerShell. The tool allegedly bypasses AV/EDR solutions to maintain long-term persistence.
• QaCrypter Sideloading Tool: Threat actor QatarRat claimed to be selling QaCrypter via a Telegram bot. It is designed to bypass Windows SmartScreen protections and includes encryption services for malicious binaries.
• Spyware Leak: Anonymous Algeria claimed to have leaked multiple spyware-related documents allegedly linked to Israeli, American, and Soviet intelligence agencies.
• BTMOB RAT Full Collection: Threat actor Spearr claimed to be selling a comprehensive collection of the BTMOB RAT toolkit, including multiple source-code versions and server components.
• CVE-2026-1994 Exploit: Threat actor MrProfessor claimed to be selling an exploit for the CVE-2026-1994 vulnerability on an open web forum.

2.5 Alerts & Cyber Attacks

• City of Huntington Cyber Attack: The City of Huntington, West Virginia, confirmed a cybersecurity incident on its network. The city isolated systems, activated incident response protocols, and is working with federal authorities.
• Targeting Israel: The 404 CREW CYBER TEAM published a recent post on Telegram indicating they are actively targeting Israel.
• Targeting South Korea: Both BD Anonymous and STUCX TEAM published alerts on Telegram indicating that they are targeting South Korea.

---

3. Conclusion

The data drafted for February 19, 2026, illustrates a highly volatile cybersecurity landscape. Threat actors like TelephoneHooliganism are executing high-volume data exfiltrations against critical global infrastructure. Simultaneously, groups like A K U L A v 2 . 2 are systematically leaking credentials on Telegram, heavily impacting Middle Eastern and Eastern European entities. The sale of sophisticated initial access points and stealth malware on open web forums suggests that ransomware affiliates and other advanced persistent threats have a rich ecosystem to procure entry vectors. Organizations must prioritize credential monitoring, robust endpoint detection (to counter tools like the advertised stealth RAT), and rigorous vendor risk management to mitigate these pervasive threats.

Detected Incidents Draft Data

1. Alleged Sale of Unauthorized Admin access to unidentified company in Canada
   Category: Initial Access
   Content: Threat actor claims to be selling unauthorized admin access to an IT support panel with root server access, allegedly controlling 1,000 PCs across 100 companies, enabling full remote control and potential large-scale compromise.
   Date: 2026-02-19T23:55:52Z
   Network: openweb
   Published URL: https://forum.exploit.biz/topic/276479/
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/9faad586-2e7c-499f-a41d-d105f205f2e0.png
   https://d34iuop8pidsy8.cloudfront.net/416ca224-926c-4d6f-ab93-4e8745ce9d1b.png
   Threat Actors: Asian_Baddie
   Victim Country: Canada
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
2. Alleged data breach of Bangkok Metropolitan Administration
   Category: Data Breach
   Content: The threat actor claims to be selling leaked data from the Bangkok Metropolitan Administration, Thailand. The compromised database reportedly contains sensitive citizen information, including full names, email addresses, phone numbers, national ID numbers, home addresses, medical record details, service booking information, and other related personal and public health data, etc.
   Date: 2026-02-19T23:00:41Z
   Network: openweb
   Published URL: https://breachforums.as/Thread-SELLING-137k-Thailand-www-bangkok-go-th-User-contact-records-including-emails-phone-numb
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/e466d27f-5499-4133-8514-b84476f97de7.png
   Threat Actors: TelephoneHooliganism
   Victim Country: Thailand
   Victim Industry: Government Administration
   Victim Organization: bangkok metropolitan administration
   Victim Site: bangkok.go.th
3. Alleged sale of stealth remote access malware tool
   Category: Malware
   Content: Threat actor claims to be putting a stealth remote access malware tool for rental. The malware operates over HTTPS and provides remote command execution via CMD and PowerShell, along with a user-level file manager. The tool allegedly maintains long-term persistence within compromised systems and uses low-noise command-and-control (C2) communication channels designed to evade detection. The actor further claims that the malware bypasses antivirus and endpoint detection and response (AV/EDR) solutions, ensuring maximum survivability on infected hosts.
   Date: 2026-02-19T22:54:47Z
   Network: openweb
   Published URL: https://xss.pro/threads/146020/
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/6a0e2992-75df-47e1-9629-19e58bc407d1.png
   Threat Actors: mailsz
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
4. Alleged leak of login credentials from Shaparak
   Category: Data Breach
   Content: Group claims to have leaked login credentials from Shaparak
   Date: 2026-02-19T22:51:03Z
   Network: telegram
   Published URL: https://t.me/c/1943303299/1071247
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/0a2c078e-4e8f-4d5d-8e63-f1b27434134f.jpg
   Threat Actors: A K U L A v 2 . 2
   Victim Country: Iran
   Victim Industry: Financial Services
   Victim Organization: shaparak
   Victim Site: shaparak.ir
5. Alleged Sale of QaCrypter Sideloading Tool
   Category: Malware
   Content: Threat Actor claims to be selling QaCrypter, a crypter and sideloading tool distributed through a Telegram bot, designed to bypass Windows SmartScreen protections and facilitate stealthy payload delivery. It reportedly includes encryption services for malicious binaries, API access, and subscription-based usage with multiple pricing tiers, indicating potential use in malware obfuscation, defense evasion, and covert distribution campaigns.
   Date: 2026-02-19T22:46:37Z
   Network: openweb
   Published URL: https://forum.exploit.biz/topic/276478/
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/b5b9182f-9f8a-43e7-9f9a-0a6dcc4a2b3c.png
   Threat Actors: QatarRat
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
6. Alleged leak of login credentials from Tehran Server
   Category: Data Breach
   Content: Group claims to have leaked login credentials from Tehran Server
   Date: 2026-02-19T22:33:46Z
   Network: telegram
   Published URL: https://t.me/c/1943303299/1071176
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/9b224c67-ee93-4c49-ab6f-18e6324810da.jpg
   Threat Actors: A K U L A v 2 . 2
   Victim Country: Iran
   Victim Industry: Information Technology (IT) Services
   Victim Organization: tehran server
   Victim Site: tehranserver.ir
7. Alleged data sale of Consejo General del Trabajo Social
   Category: Data Breach
   Content: Threat actor claims to be selling leaked data from Consejo General del Trabajo Social, Spain. The compromised data reportedly contains around 642,000 records including customer contacts, transaction records, activity log, etc.
   Date: 2026-02-19T22:30:48Z
   Network: openweb
   Published URL: https://breachforums.as/Thread-SELLING-642k-Spain-https-www-cgtrabajosocial-es-Social-work-course-records-with-person
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/9d6545fa-dfc9-42d9-abea-352656caf2e6.png
   Threat Actors: TelephoneHooliganism
   Victim Country: Spain
   Victim Industry: Civic & Social Organization
   Victim Organization: consejo general del trabajo social
   Victim Site: cgtrabajosocial.es
8. Alleged data sale of Jorjin Technologies Inc
   Category: Data Breach
   Content: Threat actor claims to be selling leaked data from Jorjin Technologies Inc, Taiwan. The compromised data reportedly contains 547,000 records including customer information like id, address, name, email, phone number, etc, order history, support ticket data, etc.
   Date: 2026-02-19T22:20:24Z
   Network: openweb
   Published URL: https://breachforums.as/Thread-SELLING-547k-Taiwan-https-www-jorjin-com-Business-client-contacts-with-IPs-timestamps
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/47c85099-4698-439d-bae0-5d5007f949c3.png
   Threat Actors: TelephoneHooliganism
   Victim Country: Taiwan
   Victim Industry: Consumer Electronics
   Victim Organization: jorjin technologies inc
   Victim Site: jorjin.com
9. Alleged data sale of Taqat
   Category: Data Breach
   Content: Threat actor claims to be selling leaked data from Taqat, Saudi Arabia’s National Labor Gateway. The compromised data reportedly contains 723,000 records including customer and candidate contact details, exposing names, email, phone number etc., job applications, support ticket data etc.
   Date: 2026-02-19T22:16:34Z
   Network: openweb
   Published URL: https://breachforums.as/Thread-SELLING-723k-Saudi-Arabia-https-www-taqat-sa-Employment-records-with-candidate-details
   Screenshots:
   https://d34iuop8pidsy8.cloudfront.net/73828da8-c774-41b4-926e-1b4ec9024daa.png
   Threat Actors: TelephoneHooliganism
   Victim Country: Saudi Arabia
   Victim Industry: Government Administration
   Victim Organization: taqat
   Victim Site: taqat.sa
10. Alleged data breach of Walter Sisulu University (WSU)
    Category: Data Breach
    Content: The threat actor claims to have leaked Walter Sisulu University student records. The leaked data reportedly includes sensitive student information such as full names, email addresses, phone numbers, dates of birth, student IDs, enrollment details, academic records, contact information, and support ticket data, etc.
    Date: 2026-02-19T22:08:10Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-537k-South-Africa-https-www-wsu-ac-za-Student-records-including-contact-info-e
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/211b24eb-ff5f-48c4-9821-2c5cee7f3835.png
    Threat Actors: TelephoneHooliganism
    Victim Country: South Africa
    Victim Industry: Higher Education/Acadamia
    Victim Organization: walter sisulu university (wsu)
    Victim Site: wsu.ac.za
11. Alleged data breach of AK Mall
    Category: Data Breach
    Content: The Threat actor claims to be selling leaked data from Ak mall. The compromised data reportedly contains 713,000 records including full names, email addresses, phone numbers, mobile numbers, addresses, dates of birth, purchase history, login activity, IP addresses, and account-related details, etc.
    Date: 2026-02-19T21:58:45Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-713k-South-Korea-https-www-akmall-com-Personal-details-including-emails-phone
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2ac1ecf6-05b4-47fc-836e-0cd64ca39ced.png
    Threat Actors: TelephoneHooliganism
    Victim Country: South Korea
    Victim Industry: E-commerce & Online Stores
    Victim Organization: ak mall
    Victim Site: akmall.com
12. Alleged data breach of Institute of Chartered Accountants of Bangladesh
    Category: Data Breach
    Content: The group claims to have leaked The Institute of Chartered Accountants of Bangladesh database. The leaked data reportedly includes contains full name, national ID number, email address, phone and mobile numbers, date of birth, gender, present and permanent addresses, firm name, principal name, principal ID, and other related registration and identity details, etc.
    Date: 2026-02-19T21:49:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-icab-org-bd-42k-record-full-database
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/14835d10-6f28-4456-8f26-fdc09bef3975.png
    https://d34iuop8pidsy8.cloudfront.net/abc8023c-7e04-4ecc-81c8-236f6b14cfc9.png
    Threat Actors: CrowStealer
    Victim Country: Bangladesh
    Victim Industry: Higher Education/Acadamia
    Victim Organization: institute of chartered accountants of bangladesh
    Victim Site: icab.org.bd
13. Alleged data sale of Eldorado
    Category: Data Breach
    Content: Threat actor claims to be selling leaked data from Eldorado, Russia. The compromised data reportedly contains 742,000 records including user contacts, email, phone, login activity data etc., order history, and store location data.
    Date: 2026-02-19T21:40:15Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-742k-Russia-https-www-eldorado-ru-User-contacts-email-phone-login-activity-data
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cf1507af-cf95-4066-b3b2-6e06511bdec1.png
    Threat Actors: TelephoneHooliganism
    Victim Country: Russia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: eldorado
    Victim Site: eldorado.ru
14. Alleged sale of unauthorized access to Gazeta do Povo
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to Gazeta do Povo, a Brazilian newspaper publisher.
    Date: 2026-02-19T21:34:01Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Selling-Access-Brazil-News
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eda2c35c-605a-4a2f-a7c9-36b9627c9156.png
    Threat Actors: Sanguine
    Victim Country: Brazil
    Victim Industry: Newspapers & Journalism
    Victim Organization: gazeta do povo
    Victim Site: gazetadopovo.com.br
15. 404 CREW CYBER TEAM claims to target Israel
    Category: Alert
    Content: A recent post by the group indicates that they are targeting Israel
    Date: 2026-02-19T21:29:16Z
    Network: telegram
    Published URL: https://t.me/crewcyber/731
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/52cec9a3-53cd-4f10-9b9d-0fd452dc24a0.jpg
    Threat Actors: 404 CREW CYBER TEAM
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
16. Alleged leak of login credentials from Numberland
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Numberland
    Date: 2026-02-19T21:22:46Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1071161
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/32a71a8a-6ce4-4307-92ab-3bffe1e17824.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Network & Telecommunications
    Victim Organization: numberland
    Victim Site: numberland.ir
17. Alleged leak of login credentials to Square Yards UAE
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Square Yards UAE
    Date: 2026-02-19T21:20:56Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/575316
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8174d3fe-1a49-4f11-93ca-258d6de47c5c.jpg
    Threat Actors: Buscador
    Victim Country: UAE
    Victim Industry: Real Estate
    Victim Organization: square yards uae
    Victim Site: squareyards.ae
18. Alleged data breach of University of the Argentine Social Museum
    Category: Data Breach
    Content: Threat actor claims to be selling leaked data from University of the Argentine Social Museum. The compromised data reportedly contains 15 GB of data including IDs personal information and emails.
    Date: 2026-02-19T21:03:40Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-15gb-of-ids-pii-email-UMSA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/85c66a2e-d4a0-45f4-95e2-f5c03e5b161d.png
    Threat Actors: BlackVortex1
    Victim Country: Argentina
    Victim Industry: Higher Education/Acadamia
    Victim Organization: university of the argentine social museum
    Victim Site: umsa.edu.ar
19. Alleged sale of unauthorized access to multiple US based ISP providers
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to multiple USA based Internet service providers including Xfinity, Verizon, etc.
    Date: 2026-02-19T20:35:35Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Access-US-ISP-Providers
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8a839a84-0b3c-428d-8967-a2bdfb1ea4e4.png
    Threat Actors: SOUND2
    Victim Country: USA
    Victim Industry: Network & Telecommunications
    Victim Organization: Unknown
    Victim Site: Unknown
20. Alleged Sale of Unauthorized Access to a Hotel Reservation System in Chile
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized access to a Chile-based hotel reservation system containing approximately 3,000 booking records.
    Date: 2026-02-19T20:28:40Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276473/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/294f9c12-2221-4476-9bb7-7c764e186905.png
    Threat Actors: s4sori
    Victim Country: Chile
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
21. BABAYO EROR SYSTEM targets the website of Digital SAMI
    Category: Defacement
    Content: The group claims to have defaced the website of Digital SAMI
    Date: 2026-02-19T20:17:44Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/169
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e8af2d01-2552-4691-a575-17a162be5b77.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Nepal
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: digital sami
    Victim Site: samikshyabk.com.np
22. BABAYO EROR SYSTEM targets the website of Stiff Security Services
    Category: Defacement
    Content: The group claims to have defaced the website of Stiff Security Services
    Date: 2026-02-19T20:03:41Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/169
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0618bf0f-ba1c-4d32-b02d-7c312a5e55cb.jpg
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Computer & Network Security
    Victim Organization: stiff security services
    Victim Site: gravio.stiffsecurity.in
23. Alleged leak of login credentials from Zarrin Webite Builder
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Zarrin Webite Builder
    Date: 2026-02-19T19:48:12Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070961
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1ff380da-f6cf-4d1a-8b53-3955f2ef3d35.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Computer Software/Engineering
    Victim Organization: zarrin webite builder
    Victim Site: sitesazz.ir
24. Cyber Attack hits CITY OF HUNTINGTON
    Category: Cyber Attack
    Content: CITY OF HUNTINGTON, West Virginia, has confirmed a cybersecurity incident after detecting suspicious activity within its network. The city promptly isolated affected systems and activated its incident response protocols to contain the situation. Officials are working with federal cybersecurity authorities and an external cybersecurity provider to investigate the scope of the intrusion and determine any potential impact on public services. The investigation remains ongoing, with further updates expected as systems are reviewed and restored.
    Date: 2026-02-19T19:37:40Z
    Network: openweb
    Published URL: https://dysruptionhub.com/huntington-wv-cyber-incident/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: USA
    Victim Industry: Government Administration
    Victim Organization: city of huntington
    Victim Site: cityofhuntington.com
25. Alleged data breach of Ciamis Regency Government
    Category: Data Breach
    Content: The threat actor claims to have leaked the Ciamis Regency government database. NB: Ciamis Regency Government was previously breached on Wed Jul 31 2024
    Date: 2026-02-19T19:13:17Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-LEAK-by-1LH4MZXSEC-CIAMIS-CYBER-TEAM
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9932948d-b748-4bd6-b885-04a9b4598c4d.jpg
    https://d34iuop8pidsy8.cloudfront.net/2a3e773e-01b2-409d-8fde-363bd428fb8c.jpg
    Threat Actors: 1LH4MZXSEC
    Victim Country: Indonesia
    Victim Industry: Government Relations
    Victim Organization: ciamis regency government
    Victim Site: ciamiskab.go.id
26. Z-BL4CX-H4T targets Multiple Websites
    Category: Defacement
    Content: Group claims to have defaced multiple websites.
    Date: 2026-02-19T19:00:26Z
    Network: telegram
    Published URL: https://t.me/c/3027611821/405
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/76caff59-786e-4f48-a98d-883ca018931d.png
    Threat Actors: Z-BL4CX-H4T
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: tripperhub.in
27. Z-BL4CX-H4T targets Multiple Websites
    Category: Defacement
    Content: The Group claims to have defaced multiple websites.
    Date: 2026-02-19T18:58:47Z
    Network: telegram
    Published URL: https://t.me/c/3027611821/405
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ed4139d0-cc5d-483a-b30f-13cf6daeb3da.png
    Threat Actors: Z-BL4CX-H4T
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: triptoglory.com
28. Alleged data breach of PCDIGA
    Category: Data Breach
    Content: The group claims to have leaked PCDIGA customer contacts database. The leaked data reportedly includes customer contact details such as full names, email addresses, phone numbers, tax IDs, shipping and billing addresses, order information, and related transactional data.
    Date: 2026-02-19T18:55:00Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-435k-Portugal-https-www-pcdiga-com-Customer-contacts-with-emails-phones-tax-I
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0926fce2-36d8-47c9-8b8e-c00f4e0c140f.png
    Threat Actors: TelephoneHooliganism
    Victim Country: Portugal
    Victim Industry: E-commerce & Online Stores
    Victim Organization: pcdiga
    Victim Site: pcdiga.com
29. Z-BL4CX-H4T targets multiple websites
    Category: Defacement
    Content: Group claims to have defaced multiple websites.
    Date: 2026-02-19T18:09:59Z
    Network: telegram
    Published URL: https://t.me/c/3312954243/1538
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/72270b4e-562d-4899-a3b1-af4b9ed6b6d0.jpg
    Threat Actors: Z-BL4CX-H4T
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: destinationlehladakh.com
30. Alleged Data Breach of Institute of Cell Biology NAS of Ukraine
    Category: Data Breach
    Content: The group claims to have breached the website of Institute of Cell Biology NAS of Ukraine.
    Date: 2026-02-19T18:08:57Z
    Network: telegram
    Published URL: https://t.me/anonymous_algeria_Original/3196
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/20e05608-2bf3-4fe7-a02f-a0978d0898be.png
    Threat Actors: Anonymous Algeria
    Victim Country: Ukraine
    Victim Industry: Education
    Victim Organization: institute of cell biology nas of ukraine
    Victim Site: cellbiol.lviv.ua
31. Alleged leak of login credentials to Apex Print Pac
    Category: Initial Access
    Content: The group caims to have leaked login credentials to Apex Print Pac
    Date: 2026-02-19T18:01:39Z
    Network: telegram
    Published URL: https://t.me/c/2932498194/319
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/84f58ac8-79f6-4b34-94fb-6bb3692d23e5.jpg
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Packaging & Containers
    Victim Organization: apex print pac
    Victim Site: apexprintpac.com
32. Alleged unauthorized access to South Koreas Billboard TV Admin account
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to a South Korean Billboard TV admin account.
    Date: 2026-02-19T17:37:24Z
    Network: telegram
    Published URL: https://t.me/c/2875163062/667
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/07cd4b45-21ed-4fb8-8b1b-b66645b7efd7.png
    Threat Actors: RipperSec
    Victim Country: South Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
33. Alleged data leak of Syrian Ministry of Health
    Category: Data Breach
    Content: The group claims to have leaked employee details of Syrian Ministry of Health which include Personal information like date of birth, place of birth, Job details, and resumes of the employees
    Date: 2026-02-19T17:16:43Z
    Network: telegram
    Published URL: https://t.me/anonymous_algeria_Original/3198
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/348ebe50-4a34-49ee-8685-97915f222aef.jpg
    Threat Actors: Anonymous Algeria
    Victim Country: Syria
    Victim Industry: Government Administration
    Victim Organization: syrian ministry of health
    Victim Site: moh.gov.sy
34. Alleged Sale of ING Spain Accounts
    Category: Data Breach
    Content: Threat Actor claims to be selling a dataset of ING Spain Accounts. They also provide additional accounts from countries such as Germany, Poland, and the Czech Republic.
    Date: 2026-02-19T17:04:35Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276461/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/877f3d99-ea0f-4bb5-848f-2b608d24d7e1.png
    Threat Actors: framull1
    Victim Country: Spain
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
35. Alleged leak of login credentials fromProperty Finder
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Property Finder
    Date: 2026-02-19T17:03:27Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070564
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/56ecfce8-13b4-40b1-ad25-f30a35738c27.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: UAE
    Victim Industry: Real Estate
    Victim Organization: property finder
    Victim Site: propertyfinder.ae
36. Alleged Sale of Unauthorized Access to PrestaShop CMS in Spain
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized access to a Spain-based PrestaShop CMS environment integrated with the Redsys payment gateway. The access includes full administrative privileges with access methods including MySQL, admin panel, and webshell capabilities, with installed modules and operational statistics reportedly available.
    Date: 2026-02-19T16:24:16Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276456/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0fb7967b-8f6c-4135-85c5-518a49496408.png
    Threat Actors: apps
    Victim Country: Spain
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
37. Alleged Sale of Government Email Access to the Ministry of Health of Buenos Aires Province.
    Category: Initial Access
    Content: The threat actor claims to have obtained unauthorized access to government email id from Ministry of Health of Buenos Aires Province.
    Date: 2026-02-19T16:15:58Z
    Network: openweb
    Published URL: https://breachforums.cz/index.php?threads/argentinian-gov-mail-ministry-of-health-of-buenos-aires-province.619/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/127e00b2-255a-49b4-b9f0-1a2a8e1bc48b.png
    Threat Actors: Liberty
    Victim Country: Argentina
    Victim Industry: Government Administration
    Victim Organization: ministry of health of buenos aires province
    Victim Site: webmail.ms.gba.gov.ar
38. Alleged Sale of 2.8 Billion Fresh Private Log Records
    Category: Data Breach
    Content: Threat Actor claims to be selling a large dataset containing more than 2.8 billion allegedly fresh private log records, totaling approximately 97 GB, collected between February 16–19. The data includes stealer logs and log-backup material in log:pass format.
    Date: 2026-02-19T16:06:20Z
    Network: openweb
    Published URL: https://leakbase.la/threads/2-8-billion-full-private-fresh-logs-ulp-16-19-feb-97-gb.48947/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9464a584-1d42-4585-b154-7f50e3a1b0ad.png
    Threat Actors: Mandana
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
39. BD Anonymous claims to South Korea
    Category: Alert
    Content: A recent post by the group indicates that they are targeting South Korea
    Date: 2026-02-19T15:50:21Z
    Network: telegram
    Published URL: https://t.me/httpstmeVI8Cr1np5kxhYjd0/1978
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ad321f19-9797-43e9-ae5b-2e773e4814b6.png
    Threat Actors: BD Anonymous
    Victim Country: South Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
40. Alleged Data Leak of Israel’s Sapir Crisis Management System and Related Contacts
    Category: Data Breach
    Content: The group claims to have exposed sensitive information related to Israel’s alleged secret “Sapir” security system. They say senior officials linked to the project have been identified and that vulnerabilities exist within the system. The group also claims to have released a list of 1,500 contacts connected to the project, describing it as a major security exposure.
    Date: 2026-02-19T15:38:27Z
    Network: openweb
    Published URL: https://handala-hack.to/693-2/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d8681009-9c36-40f6-af03-1bdaad0bec82.jpg
    https://d34iuop8pidsy8.cloudfront.net/86c4e3a7-beb8-411a-966d-73caae7cc904.jpg
    Threat Actors: Handala
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
41. Alleged data leak of French civil status records
    Category: Data Breach
    Content: The threat actor claims to have obtained and leaked a database of French civil status records. The leaked data reportedly includes sensitive personal information such as first names, last names, dates of birth, addresses, postal codes, cities, mobile numbers, email addresses, IBAN, BIC, and other identity-related details.
    Date: 2026-02-19T15:11:17Z
    Network: openweb
    Published URL: https://breachforums.cz/index.php?threads/51-7-millions-french-civil-status-records.618/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8a2ef9b3-3bc5-4e8e-a7c0-913c877e8096.png
    Threat Actors: kirosh
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
42. Alleged leak of login credentials from Strange Science Library
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Strange Science Library.
    Date: 2026-02-19T14:58:14Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070456
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/266e60d1-d361-4b2a-a123-d0e6a2959dc1.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Library
    Victim Organization: strange science library
    Victim Site: 786ketabs.ir
43. Alleged leak of login credentials from Palisbook
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Palisbook
    Date: 2026-02-19T14:54:53Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070473
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b1c526a3-406e-41ae-bd2e-9d7cfdfe7f87.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Online Publishing
    Victim Organization: palisbook
    Victim Site: palizbook.ir
44. Alleged data leak of Syiah Kuala University
    Category: Data Breach
    Content: The threat actor claims to have leaked student data from Syiah Kuala University (USK). The dataset allegedly contains 9,925 student records covering the 2024–2025 academic period. The compromised details reportedly include student identification numbers (NPM), full names, class levels and more.
    Date: 2026-02-19T14:44:05Z
    Network: openweb
    Published URL: http://breachforums.as/Thread-DOCUMENTS-9925-Syiah-Kuala-University-USK-student-data-leaked
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/23662a92-f51b-4359-a4d9-c16a23a065af.png
    Threat Actors: kekasihgelap
    Victim Country: Indonesia
    Victim Industry: Higher Education/Acadamia
    Victim Organization: syiah kuala university
    Victim Site: usk.ac.id
45. Alleged leak of login credentials to National Border Guard
    Category: Data Breach
    Content: The group claims to have leaked login credentials to National Border Guard.
    Date: 2026-02-19T14:39:50Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070367
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a9db3d35-cc57-4236-8297-e2c86f2f6d1b.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Government & Public Sector
    Victim Organization: national border guard
    Victim Site: rs.gov.lv
46. Alleged leak of Spyware
    Category: Malware
    Content: The group claims to have leaked multiple spyware-related documents, including files allegedly linked to Israeli, American, and Soviet intelligence agencies, labeled as “Israeli Spyware,” “American Spyware,” and “Soviet Spyware.”
    Date: 2026-02-19T14:37:39Z
    Network: telegram
    Published URL: https://t.me/anonymous_algeria_Original/3195?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/267531e5-ce24-422d-aeec-cf3ad5b7cc1e.png
    Threat Actors: Anonymous Algeria
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
47. Alleged leak of login credentials to [email protected]
    Category: Data Breach
    Content: The group claims to have leaked login credentials to [email protected].
    Date: 2026-02-19T14:26:35Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070320
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/681a9a6c-8ec0-46de-9de2-61a7ff9ab257.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: [email protected]
48. Alleged leak of login credentials to mail.sansalvador.gob.sv
    Category: Data Breach
    Content: The group claims to have leaked login credentials to mail.sansalvador.gob.sv.
    Date: 2026-02-19T14:24:44Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070308
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0de5cd95-3213-472a-88c5-25c118da5dae.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: El Salvador
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: mail.sansalvador.gob.sv
49. Alleged leak of login credentials to Good online shopping
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Good online shopping.
    Date: 2026-02-19T13:57:05Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070245
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eade17c5-eb0c-4885-970d-a20eb6594ac4.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: good online shopping
    Victim Site: ktl.co.il
50. Alleged leak of login credentials from mil.ae
    Category: Data Breach
    Content: Group claims to have leaked login credentials from mil.ae.
    Date: 2026-02-19T13:55:10Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069962
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b19b990f-97bf-4117-af08-a0bfecd1022e.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: UAE
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: mil.ae
51. Alleged leak of login credentials to Good online shopping
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Good online shopping.
    Date: 2026-02-19T13:53:58Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/573754
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c3f749d5-8ba2-4ef2-b458-764849cf74da.png
    Threat Actors: Buscador
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: good online shopping
    Victim Site: ktl.co.il
52. Alleged data breach of naracity-license-phe.com
    Category: Data Breach
    Content: The threat actor has claimed to have breached data from the organization. The compromised data reportedly includes the database, email accounts, and all administrative panels. The actor also claims to have defaced the website.
    Date: 2026-02-19T13:53:15Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/152
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0fdab2ae-f695-44ba-b833-c35bdaef05a6.png
    Threat Actors: EXADOS
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: naracity-license-phe.com
53. Alleged Data Leak of Pakistani Records
    Category: Data Breach
    Content: The threat actor claims to have leaked 129 million Pakistani records,The compromised data includes including phone numbers, CNIC details, addresses, and full names.
    Date: 2026-02-19T13:21:34Z
    Network: openweb
    Published URL: https://leakbase.la/threads/pakistan-mixed-data-2014-2018-129-million.48942/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/18c89a53-96a0-462a-a95b-24027210e908.png
    Threat Actors: frog
    Victim Country: Pakistan
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
54. Alleged data breach of Sapir College
    Category: Data Breach
    Content: A threat actor has claimed responsibility for an alleged data breach involving contacts associated with Sapir School. The group published a post online asserting that it gained unauthorized access to sensitive information and released a contact list as evidence of the compromise. The leaked material includes contact details purportedly linked to a commander or senior individual connected to Sapir.
    Date: 2026-02-19T13:16:24Z
    Network: openweb
    Published URL: https://handala-hack.to/693-2/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d8681009-9c36-40f6-af03-1bdaad0bec82.jpg
    https://d34iuop8pidsy8.cloudfront.net/86c4e3a7-beb8-411a-966d-73caae7cc904.jpg
    Threat Actors: Handala
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: sapir college
    Victim Site: sapir.ac.il
55. Alleged leak of login credentials to Yangon City Development Committee
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Yangon City Development Committee.
    Date: 2026-02-19T12:49:29Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070146
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/80539d11-0228-4025-a985-2c25f8bc6860.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Myanmar
    Victim Industry: Government Administration
    Victim Organization: yangon city development committee
    Victim Site: ybps.ycdc.gov
56. Alleged data breach of Straumann
    Category: Data Breach
    Content: The threat actor claims to have breached 25 GB of internal data from Straumann. The compromised data reportedly contains sensitive corporate documentation
    Date: 2026-02-19T12:48:41Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Document-CH-Straumann-Internal-Docs
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/01108b45-774c-4aa7-91f4-102f3ea826d4.png
    Threat Actors: ByteToBreach
    Victim Country: Switzerland
    Victim Industry: Medical Equipment Manufacturing
    Victim Organization: straumann
    Victim Site: straumann.com
57. Alleged leak of login credentials from Saipa Automotive Group products
    Category: Data Breach
    Content: Group claims to have leaked login credentials from the Saipa Automotive Group products.
    Date: 2026-02-19T12:44:24Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1070029
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/49f73381-b39b-420f-9762-ac35d6ad344a.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Automotive
    Victim Organization: saipa automotive group products
    Victim Site: saipacustomer.iranecar.com
58. Alleged leak of login credentials from State Border Guard College
    Category: Data Breach
    Content: Group claims to have leaked login credentials from State Border Guard College.
    Date: 2026-02-19T12:43:58Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069821
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/49493138-7659-4629-b3a3-b837f73cb071.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Government Administration
    Victim Organization: state border guard college
    Victim Site: vrk.rs.gov.lv
59. Alleged leak of login credentials to Unity Bank
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Unity Bank.
    Date: 2026-02-19T12:39:43Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/573382
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2e066045-bec6-453a-a808-06d1a9054efd.png
    Threat Actors: Buscador
    Victim Country: USA
    Victim Industry: Banking & Mortgage
    Victim Organization: unity bank
    Victim Site: unitybank.com
60. Alleged leak of login credentials from Meshulam
    Category: Data Breach
    Content: Group claims to have leaked login credentials from
    Date: 2026-02-19T12:31:59Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069863
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e4f549e4-433c-484b-83e6-0657faf3b349.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: meshulam
    Victim Site: meshulam.co.il
61. Alleged leak of login credentials from Interior Ministry Information Center
    Category: Data Breach
    Content: Group claims to have leaked login credentials from the Interior Ministry Information Center.
    Date: 2026-02-19T12:22:21Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069789
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f3e422b7-f9dd-4932-829e-33524efde247.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Government Administration
    Victim Organization: interior ministry information center
    Victim Site: ic.iem.gov.lv
62. Alleged leak of login credentials from Heyat Omana Arzi
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Heyat Omana Arzi.
    Date: 2026-02-19T12:21:09Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069757
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aae3e5c0-95fb-4aca-9bfb-dd7cb9752bef.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Hospital & Health Care
    Victim Organization: heyat omana arzi
    Victim Site: hoa-ir.com
63. Alleged leak of login credentials from the Latvia State Police
    Category: Data Breach
    Content: Group claims to have leaked login credentials from the Latvia State Police.
    Date: 2026-02-19T12:16:27Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069771
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eff08836-a0c8-4c51-93c5-d842d5773c6f.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Law Enforcement
    Victim Organization: latvia state police
    Victim Site: vp.gov.lv
64. Alleged unauthorized Access to an unidentified water supply system of a residential building in Sweden
    Category: Initial Access
    Content: The group claims to have gained alleged unauthorized access to an unidentified heating and hot water supply system of a residential building in Sweden. The compromised system reportedly controls heating temperatures, operating modes, settings for circulation and pump operation time and controller protection functions.
    Date: 2026-02-19T11:53:21Z
    Network: telegram
    Published URL: https://t.me/c/2787466017/2372
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8c1eeb6e-0423-40ad-8a15-a93cd944d583.jpg
    Threat Actors: NoName057(16)
    Victim Country: Sweden
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
65. HexaForce Alliance targets the website of Kararchar Mvi. Tofazzal Hossain High School
    Category: Defacement
    Content: The group claims to have defaced the website of Kararchar Mvi. Tofazzal Hossain High School.
    Date: 2026-02-19T11:49:46Z
    Network: telegram
    Published URL: https://t.me/c/2275695458/65
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/57849b43-d7dd-448d-ae96-f10441c573e2.png
    https://d34iuop8pidsy8.cloudfront.net/2e396d9b-024b-4b8f-acc6-667383fc124e.png
    Threat Actors: HexaForce Alliance
    Victim Country: Bangladesh
    Victim Industry: Education
    Victim Organization: kararchar mvi. tofazzal hossain high school
    Victim Site: kmthhs.edu.bd
66. HexaForce Alliance targets the website of Nurjahan Begum High School
    Category: Defacement
    Content: The group claims to have defaced the website of Nurjahan Begum High School.
    Date: 2026-02-19T11:42:32Z
    Network: telegram
    Published URL: https://t.me/c/2275695458/65
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4c2550c0-6f13-4fbb-9e2e-d5d43f2f4ae1.png
    Threat Actors: HexaForce Alliance
    Victim Country: Bangladesh
    Victim Industry: Education
    Victim Organization: nurjahan begum high school
    Victim Site: nurjahanbegumhs.edu.bd
67. Alleged data breach of BBVA Mexico Bank
    Category: Data Breach
    Content: The threat actor claims to have breach 3.3M data from BBVA Mexico Bank.The dataset reportedly includes client IDs, card types, full names, addresses, phone numbers, city, state, and gender, and is shared via a forum post.
    Date: 2026-02-19T11:25:04Z
    Network: openweb
    Published URL: https://leakbase.la/threads/bbva-mexico-ba-nk-2022-new-link.48943/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8f65472e-6b2b-47de-8ca5-96f36decc98e.png
    Threat Actors: frog
    Victim Country: Mexico
    Victim Industry: Financial Services
    Victim Organization: bbva mexico bank
    Victim Site: bbva.mx
68. Alleged leak of UAE business leads data
    Category: Data Breach
    Content: The threat actor claims to have leaked data on 222,000 UAE business leads. The dataset reportedly includes email addresses, company names, city/province information, phone numbers, sector or activity classifications, and P.O. Box numbers of companies based in the United Arab Emirates (UAE).
    Date: 2026-02-19T10:58:20Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-222k-UAE-Business-Leads-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5bcd9d59-e0f8-4dc4-a2d9-5ff1b9f1cf19.png
    Threat Actors: asfmnyr5g
    Victim Country: UAE
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
69. HexaForce Alliance targets the website of Mokamia High School
    Category: Defacement
    Content: The group claims to have defaced the website of Mokamia High School.
    Date: 2026-02-19T10:47:18Z
    Network: telegram
    Published URL: https://t.me/c/2275695458/65
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6644b621-b227-4b38-95d3-a124a9e4d067.png
    Threat Actors: HexaForce Alliance
    Victim Country: Bangladesh
    Victim Industry: Education
    Victim Organization: mokamia high school
    Victim Site: mkahighschool.edu.bd
70. STUCX TEAM claims to South Korea
    Category: Alert
    Content: A recent post by the group indicates that they are targeting South Korea.
    Date: 2026-02-19T10:28:14Z
    Network: telegram
    Published URL: https://t.me/xstucxteam/374
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ffdc6a14-f447-474f-af97-92168f5b5799.jpg
    Threat Actors: STUCX TEAM
    Victim Country: South Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
71. BABAYO EROR SYSTEM targets the website of Pushtimarg Shringar
    Category: Defacement
    Content: The group claims to have defaced the website of Pushtimarg Shringar.
    Date: 2026-02-19T10:18:24Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/161
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0c0640bf-6ff5-4c1b-9890-ec7103537927.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Hospitality & Tourism
    Victim Organization: pushtimarg shringar
    Victim Site: vallabhresort.pushtimargshringar.com
72. BABAYO EROR SYSTEM targets the website of SHREENATHTECHNOLOGIES
    Category: Defacement
    Content: The group claims to have defaced the website of SHREENATHTECHNOLOGIES.
    Date: 2026-02-19T10:08:31Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/161
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bd949510-051c-4064-a9d3-2aabe8229565.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Information Technology (IT) Services
    Victim Organization: shreenathtechnologies
    Victim Site: pushtimargvastra.shreenathtechnologies.in
73. Alleged leak of login credentials from Ministry of Energy of Bulgaria
    Category: Data Breach
    Content: Group claims to have leaked login credentials from the Ministry of Energy of Bulgaria.
    Date: 2026-02-19T10:03:46Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069719
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/96e8ef5b-0273-4dfc-b8b0-911c467368ba.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Bulgaria
    Victim Industry: Government Administration
    Victim Organization: ministry of energy of bulgaria
    Victim Site: me.government.bg
74. Alleged leak of login credentials from Rossiya Airlines
    Category: Data Breach
    Content: Group claims to have leaked login credentials from Rossiya Airlines.
    Date: 2026-02-19T09:54:47Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069683
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/69c2d579-3395-46dd-bd29-d4e4cb5b4a44.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Russia
    Victim Industry: Airlines & Aviation
    Victim Organization: rossiya airlines
    Victim Site: rossiya-airlines.ru
75. Alleged data breach of Arston Cladding Ltd.
    Category: Data Breach
    Content: The threat actor claims to have breached data from Arston Cladding Ltd., allegedly obtaining blueprints, financial documents, and personal information of the company’s employees and business partners worldwide.
    Date: 2026-02-19T09:39:48Z
    Network: telegram
    Published URL: https://t.me/the_hand_of_justice/63
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/802db439-9a78-487d-a3ab-b704ecf1f54e.png
    Threat Actors: the hand of justice
    Victim Country: Israel
    Victim Industry: Building and construction
    Victim Organization: arston cladding ltd.
    Victim Site: arstone.co.il
76. Alleged leak of login credential from Ministry of Transport and Communications of Bulgaria
    Category: Data Breach
    Content: Group claims to have leaked the login credentials from Ministry of Transport and Communications of Bulgaria.
    Date: 2026-02-19T09:11:25Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069663
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3fe9f66c-a27b-43b5-bec9-6a10201aa4e2.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Bulgaria
    Victim Industry: Government Administration
    Victim Organization: ministry of transport and communications of bulgaria
    Victim Site: mtc.government.bg
77. BABAYO EROR SYSTEM targets the website of SAMI BK
    Category: Defacement
    Content: The group claims to have defaced the website of SAMI BK.
    Date: 2026-02-19T09:04:54Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/162
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0fa0408c-5981-481d-9b20-b3785ae42a62.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Nepal
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: sami bk
    Victim Site: samikshyabk.com.np
78. Alleged Data Leak of Swansway Garages Limited
    Category: Data Breach
    Content: The threat actor claims to have leaked data from Swansway Garages Limited.
    Date: 2026-02-19T08:59:26Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276425/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6bf41f52-1385-44eb-af5f-2709f223846d.png
    Threat Actors: HighRisk
    Victim Country: UK
    Victim Industry: Automotive
    Victim Organization: swansway garages limited
    Victim Site: swanswaygarages.com
79. Alleged Data Leak of AddWeb Solution Pvt. Ltd.
    Category: Data Breach
    Content: The threat actor claims to have leaked a data from AddWeb Solution Pvt. Ltd.
    Date: 2026-02-19T08:54:57Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276422/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/15bad96a-7797-4748-b3e1-c781a884ce37.png
    Threat Actors: HighRisk
    Victim Country: India
    Victim Industry: Information Technology (IT) Services
    Victim Organization: addweb solution pvt. ltd.
    Victim Site: addwebsolution.com
80. Alleged data breach of Grand Candy
    Category: Data Breach
    Content: The threat actor claims to have breached 256 entries from Grand Candy, allegedly including user IDs, cardholder names, partial credit card numbers, card expiration dates, and associated bank names such as AEB, Ameria, and Inecobank.
    Date: 2026-02-19T08:53:24Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-grandcandy-am-database
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aea67575-a3a8-434d-a419-47f9a38328cb.png
    Threat Actors: c0mmandor
    Victim Country: Armenia
    Victim Industry: Food Production
    Victim Organization: grand candy
    Victim Site: grandcandy.am
81. Alleged Data Leak of Brillen.de
    Category: Data Breach
    Content: The threat actor claims to have leaked 1.5 million customers data from Brillen.de
    Date: 2026-02-19T08:40:36Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276418/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8f08588c-0e4a-489c-a8d2-515f6c2f1848.png
    Threat Actors: HighRisk
    Victim Country: Germany
    Victim Industry: Retail Industry
    Victim Organization: brillen.de
    Victim Site: brillen.de
82. Alleged leak of login credentials to phd.iq
    Category: Data Breach
    Content: The group claims to have leaked login credentials to phd.iq.
    Date: 2026-02-19T08:40:08Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069403
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dcc67503-002f-4bb5-8989-92d4621821b4.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: phd.iq
83. Alleged Data Leak of All Day Shirts
    Category: Data Breach
    Content: The threat actor claims to have leaked 300,000 customers data from All Day Shirts
    Date: 2026-02-19T08:36:10Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276423/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0ff6b7e6-5679-427c-b7e6-e952aad15c78.png
    Threat Actors: HighRisk
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: all day shirts
    Victim Site: alldayshirts.com
84. Alleged leak of login credentials to pension.gov.iq
    Category: Data Breach
    Content: The group claims to have leaked login credentials to pension.gov.iq.
    Date: 2026-02-19T08:21:16Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069393
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/223f48ba-fc6f-4c26-bd1e-5d0ffaefe1a5.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: pension.gov.iq
85. Alleged leak of login credentials to Iraqi Electronic Passport Portal
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Iraqi Electronic Passport Portal.
    Date: 2026-02-19T08:01:59Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069391
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/315e652c-4401-4433-8c2d-84255440584f.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: iraqi electronic passport portal
    Victim Site: epp.iq
86. Alleged Data Breach of Zeew.eu
    Category: Data Breach
    Content: The threat actor claims to have breached a database of Zeew. the compromised data reportedly includes customer and merchant-related PII along with website configuration files.
    Date: 2026-02-19T07:53:46Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Zeew-eu-database-PII-Website-Config
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/721c48ab-c7d5-48ac-9ec2-9175be5983b4.png
    https://d34iuop8pidsy8.cloudfront.net/bc63090d-bd05-4555-878e-2123f11a1d04.png
    Threat Actors: xpsh3ll
    Victim Country: Latvia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: zeew
    Victim Site: zeew.eu
87. BABAYO EROR SYSTEM targets the website of mrparatha.in
    Category: Defacement
    Content: The group claims to have defaced the website of mrparatha.in.
    Date: 2026-02-19T07:35:37Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/161
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0ad402e4-f92e-4372-b3b4-1da30366a3db.jpg
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: mrparatha.in
88. Alleged leak of login credentials to Hilan
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Hilan.
    Date: 2026-02-19T07:27:15Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069367
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7c6d6408-6091-46ff-a54d-a36a6e593a55.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Information Technology (IT) Services
    Victim Organization: hilan
    Victim Site: hilan.co.il
89. Alleged leak of login credentials to Social Protection Authority
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Social Protection Authority.
    Date: 2026-02-19T07:19:41Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069345
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e741540d-6ecd-4a81-b5b0-e652c34629bb.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: social protection authority
    Victim Site: spa.gov.iq
90. Alleged data leak of Industrias San Miguel
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Industrias San Miguel, The compromised information reportedly includes logistics records, vehicle data, signatures, and drivers licenses. Furthermore, the leak allegedly contains the personal identification details of 17,000 employees of the Dominican ISM group.
    Date: 2026-02-19T07:09:54Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-leak-of-Industries-San-Miguel
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6f289252-4d53-4e69-a2b1-f9ccc975fc39.png
    Threat Actors: NopName
    Victim Country: Peru
    Victim Industry: Food & Beverages
    Victim Organization: industries san miguel
    Victim Site: group-ism.com
91. Alleged Sale of Full BTMOB RAT Software Collection
    Category: Malware
    Content: The actor claims to be selling a comprehensive collection of the BTMOB Remote Access Trojan toolkit. The offering reportedly includes multiple source-code versions, compiled builds, server components, and supporting documentation from external analysis platforms. The post asserts that the package contains several generations of the malware and is being sold as a complete, ready-to-use collection.
    Date: 2026-02-19T07:07:59Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-BTMOB-RAT-Full-Collection
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/51dce2ba-2acc-4b37-bc35-ac9b48fc2179.png
    https://d34iuop8pidsy8.cloudfront.net/dd3cfb5e-6f86-42e8-84ad-5d2f1ff036f0.png
    https://d34iuop8pidsy8.cloudfront.net/219caf77-021b-4b12-8bde-94154d33d944.png
    Threat Actors: Spearr
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
92. BABAYO EROR SYSTEM targets the website of Vrinda Dryfruits
    Category: Defacement
    Content: The group claims to have defaced the website of Vrinda Dryfruits.
    Date: 2026-02-19T06:58:04Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/161
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bd23ceb0-c203-4b2f-a1a9-ba33ca9a42bd.jpg
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: vrinda dryfruits
    Victim Site: vrindadryfruits.in
93. Alleged leak of login credentials to Al-Nisour University
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Al-Nisour University
    Date: 2026-02-19T06:48:47Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069200
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c4e2b3f2-07bc-484a-b33a-3a19b8cd791d.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Higher Education/Acadamia
    Victim Organization: al-nisour university
    Victim Site: uon.edu.iq
94. Alleged sale of Data from Philippine Care, Inc.
    Category: Data Breach
    Content: The threat actor claims to be selling data from Philippine Care, Inc. The compromised data reportedly contain 742,000 records includes Verified contacts, emails, phone, IPs, Contracts, Distribution List Subscription, Customer Support Case and much more.
    Date: 2026-02-19T06:46:50Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-742k-Philippines-https-www-philcare-com-ph-Verified-contacts-with-emails-phone
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/24522076-78fd-4b8a-9ead-c72f4c201efe.png
    Threat Actors: TelephoneHooliganism
    Victim Country: Philippines
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: philippine care, inc.
    Victim Site: philcare.com.ph
95. Alleged data sale of THE National Bank of Ukraine (NBU)
    Category: Data Breach
    Content: The threat actor claims to be selling data from the souvenir collectible coins sales service of the National Bank of Ukraine (coins.bank.gov.ua).The compromised data reportedly contains approximately 1,500,000 records, including customer email addresses, phone numbers, MD5 password hashes, full names, shipping addresses, order details, and other customer account related information.
    Date: 2026-02-19T06:36:41Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Selling-THE-NATIONAL-BANK-OF-UKRAINE-NBU-DATABASE-2026-LEAK-1-5M
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7075b586-1cb3-4260-b0d2-e9c23a7ed94a.png
    https://d34iuop8pidsy8.cloudfront.net/1c7257cd-37f7-46c6-b50a-37328f78528c.png
    Threat Actors: cyandiboo
    Victim Country: Ukraine
    Victim Industry: Government Administration
    Victim Organization: the national bank of ukraine
    Victim Site: coins.bank.gov.ua
96. Alleged leak of login credentials to Al-Alamein Institute for Postgraduate Studies
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Al-Alamein Institute for Postgraduate Studies
    Date: 2026-02-19T06:31:25Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1069181
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/20cd4883-d630-454a-8a52-5bb71844c491.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Higher Education/Acadamia
    Victim Organization: al-alamein institute for postgraduate studies
    Victim Site: alalamain.edu.iq
97. Alleged sale of TRA-Project database
    Category: Data Breach
    Content: The threat actor claims to be selling TRA-Project database. The compromised data reportedly contain 400,000 Credit Card Records and 35,000 accounts records including Seller name, Card type, Full name, CVV, Email, Bank name, Phone, 2FA information, Account balance, username
    Date: 2026-02-19T06:21:21Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-TRA-Project-shel-bz-shop-400K-CC
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/95df603c-b8da-46bb-a208-4814e14c952f.png
    Threat Actors: lulzintel
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: tra-project
    Victim Site: shel-bz.shop
98. Alleged Data Breach of Binance.US
    Category: Data Breach
    Content: The threat actor claims to be breached data from Binance.US. The compromised data reportedly contain 1,495,000 records includes User ID, Account ID numbers, Country, KYC status, Verification flags and Account status fields information.
    Date: 2026-02-19T06:16:03Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Binance-us-Authy
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ecd7e1f5-f32b-4927-aea3-e4005e12e3ba.png
    Threat Actors: STOMP2
    Victim Country: USA
    Victim Industry: Financial Services
    Victim Organization: binance.us
    Victim Site: binance.us
99. Alleged Data Leak of Telecom and Identity Data from Pakistan
    Category: Data Breach
    Content: The threat actor claims to be leaked Telecom and Identity Data from Pakistan. The compromised data reportedly contain 129 Million records including Mobile Phone, CNIC, Address, Full Name
    Date: 2026-02-19T06:14:31Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Pakistan-Mixed-Data-2014-2018-129-Million–67805
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0cdebac0-4bd5-4654-b141-f8bbf53196f6.png
    Threat Actors: Tanaka
    Victim Country: Pakistan
    Victim Industry: Network & Telecommunications
    Victim Organization: Unknown
    Victim Site: Unknown
100. Alleged sale of data from Consumer Rights Commission of Pakistan
     Category: Data Breach
     Content: The threat actor claims to selling data from Consumer Rights Commission of Pakistan. The compromised data reportedly contain 537,000 records including contact information, specialization records, organizational affiliations, geolocation data, and authentication related metadata
     Date: 2026-02-19T06:06:11Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-537k-Pakistan-https-www-crcp-org-pk-Consumer-Rights-Data-Including-Contact-and
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/57236cfb-fbac-46c6-8484-71aee87e9b16.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Pakistan
     Victim Industry: Other Industry
     Victim Organization: consumer rights commission of pakistan
     Victim Site: crcp.org.pk
101. Alleged leak of login credentials to Arab Bank Iraq
     Category: Data Breach
     Content: The group claims to have leaked login credentials to Arab Bank Iraq
     Date: 2026-02-19T05:57:02Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068980
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/704336fd-e5bb-451b-969e-abb872e3b67d.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iraq
     Victim Industry: Financial Services
     Victim Organization: arab bank iraq
     Victim Site: arabbankiraq.com.iq
102. Alleged leak of login credentials to Real Estate General Authority (REGA)
     Category: Data Breach
     Content: The group claims to have leaked login credentials to Real Estate General Authority (REGA).
     Date: 2026-02-19T05:52:11Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1069116
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/18b489bb-afe9-4fb0-b96f-dc471d9ef824.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Saudi Arabia
     Victim Industry: Real Estate
     Victim Organization: real estate general authority (rega)
     Victim Site: rega.gov.sa
103. Alleged Data Sale of Xero
     Category: Data Breach
     Content: The threat actor claims to be selling data from Xero. The compromised data reportedly contain 184,000 records includes User profiles with contact, account, Contracts, Business Accounts, Subscription Histories and much more.
     Date: 2026-02-19T05:41:51Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-184k-New-Zealand-https-www-xero-com-nz-User-profiles-with-contact-and-account
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/59d2495a-d0c7-449e-bbee-8f7a39408823.png
     Threat Actors: TelephoneHooliganism
     Victim Country: New Zealand
     Victim Industry: Accounting
     Victim Organization: xero
     Victim Site: xero.com/nz
104. Alleged leak of login credentials to Right Solution
     Category: Initial Access
     Content: The group claims to have leaked the login credentials to Right Solution.
     Date: 2026-02-19T05:15:16Z
     Network: telegram
     Published URL: https://t.me/nxbbsec/5023
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/68c11b76-0744-4368-8fca-a47be6bf51cb.png
     Threat Actors: NXBB.SEC
     Victim Country: Thailand
     Victim Industry: Manufacturing & Industrial Products
     Victim Organization: right solution public company limited
     Victim Site: rightsolution.co.th
105. Alleged sale of an CVE-2026-1994 Exploit
     Category: Vulnerability
     Content: Threat actor claims to be selling an exploit for CVE-2026-1994.
     Date: 2026-02-19T04:59:48Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276411/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/293e614f-f934-4be6-b63d-c730da2280ed.png
     Threat Actors: MrProfessor
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
106. Alleged Data Sale of BBizz Shop
     Category: Data Breach
     Content: The threat actor claims to be selling data from BBizz Shop. The compromised data reportedly contain 187,000 records includes Customer profiles with emails, IPs, Contracts, Salesorders, Marketing campaigninteractions and much more.
     Date: 2026-02-19T04:53:13Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-187k-Netherlands-https-www-bbizzshop-nl-Customer-profiles-with-emails-IPs-an
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/10a23819-0d57-4e18-aa43-7d5ee0d8bf0b.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Netherlands
     Victim Industry: E-commerce & Online Stores
     Victim Organization: bbizz shop
     Victim Site: bbizzshop.nl
107. Alleged Sale of Unauthorized Admin Access to a WordPress Store in USA
     Category: Initial Access
     Content: Threat Actor claims to be selling unauthorized admin access to a WordPress Store in USA.
     Date: 2026-02-19T04:48:04Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276393/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/a50dacde-ba62-4550-b0f1-197a805706e1.png
     Threat Actors: ParanoiaDe
     Victim Country: USA
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
108. Alleged data breach of Phomolong
     Category: Data Breach
     Content: The threat actor claims to be leaked dat from Phomolong. The compromised data reportedly contain 427,000 records includes contact details, booking records, encrypted authentication data, and login activity metadata
     Date: 2026-02-19T04:47:47Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-427k-Lesotho-https-www-phomolong-co-ls-CRM-contacts-with-emails-phones-locati
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/bd220021-deaf-453b-b521-bffde69de460.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Lesotho
     Victim Industry: Hospitality & Tourism
     Victim Organization: phomolong
     Victim Site: phomolong.co.ls
109. Alleged sale of admin and database access to unidentified SAR based shop
     Category: Initial Access
     Content: Threat actor claims to be selling unauthorized admin and database access to an unidentified SAR based online shop.
     Date: 2026-02-19T04:28:05Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276335/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/de8fe408-6b69-469e-9c0a-98ae3d720c4d.png
     Threat Actors: savel987
     Victim Country: Unknown
     Victim Industry: E-commerce & Online Stores
     Victim Organization: Unknown
     Victim Site: Unknown
110. Alleged Data Sale of Osaka Prefectural Government
     Category: Data Breach
     Content: The threat actor claims to be selling data from Osaka Prefectural Government. The compromised data reportedly contain 685,000 records includes Personal emails, names, address, Contracts, Payrollrecords, Servicerequests and much more.
     Date: 2026-02-19T04:17:59Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-685k-Japan-https-www-pref-osaka-lg-jp-Personal-and-contact-data-including-names
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/0e11d431-0720-4cc0-8d88-11779bb96048.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Japan
     Victim Industry: Government & Public Sector
     Victim Organization: osaka prefectural government
     Victim Site: pref.osaka.lg.jp
111. Alleged Leak of Chinese Identity Documents
     Category: Data Breach
     Content: The threat actor claims to be leaked Chinese Identity Documents. The compromised data reportedly includes Chinese national identity card images, official certificate documents, selfie verification images, video file
     Date: 2026-02-19T04:08:18Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-DOCUMENTS-china-front-back-selfie-video
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/32849b48-ac34-46ac-ac5b-fa25090281ee.png
     Threat Actors: DocLite
     Victim Country: China
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
112. Alleged sale of 350 credit card records
     Category: Data Breach
     Content: Threat actor claims to be selling 350 credit card records from USA. The compromised data reportedly includes credit card number, expiry, cvv, name, address, city, state, zip, country, phone number, email, and ip address.
     Date: 2026-02-19T04:07:49Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276370/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/55699fee-3672-4b7f-9b22-fbcdd3c474e0.png
     Threat Actors: Yarikmsk77
     Victim Country: USA
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
113. Alleged sale of 120 CC from USA
     Category: Data Breach
     Content: Threat actor claims to be selling 120 allegedly fresh US credit card records with a 75% validity rate. The data reportedly includes card number, expiration date, CVV, name, address, city, ZIP code, state, and email, with bidding starting at 700, a 100 increment, and a 1200 blitz price.
     Date: 2026-02-19T04:00:58Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276410/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/cbb5098f-94ac-44a2-8060-650eef5c6b1f.png
     Threat Actors: Yarikmsk77
     Victim Country: USA
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
114. Alleged Leak of Identity Document Images from usa
     Category: Data Breach
     Content: The threat actor claims to be leaked dentity Document Images from usa. The compromised data reportedly includes passport , ssn photo, selfie holding
     Date: 2026-02-19T03:57:15Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-DOCUMENTS-usa-fullz-FREE
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/6a5ca9d2-eac5-44be-8054-c4722d391f40.png
     https://d34iuop8pidsy8.cloudfront.net/c13a6fc1-819b-45f1-93fc-629ab78198fd.png
     https://d34iuop8pidsy8.cloudfront.net/8180e264-febc-4adc-ba32-65ac4f34e212.png
     Threat Actors: DocLite
     Victim Country: USA
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
115. Alleged dat breach of Consejo Nacional de Humanidades, Ciencias y Tecnologías (CONACYT)
     Category: Data Breach
     Content: The threat actor claims to be leaked data from Consejo Nacional de Humanidades, Ciencias y Tecnologías (CONACYT). The compromised data reportedly contain 712,000 records includes researcher contact information, committee participation records, consent and compliance documentation, and authentication related metadata
     Date: 2026-02-19T03:50:12Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-712k-Mexico-https-www-conacyt-mx-Researcher-contacts-emails-phones-organizatio
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/0654f7c4-0788-4b75-a850-6e88051e8284.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Mexico
     Victim Industry: Government Administration
     Victim Organization: consejo nacional de humanidades, ciencias y tecnologías (conacyt)
     Victim Site: conacyt.mx
116. Alleged Leak of Iranian Data
     Category: Data Breach
     Content: The group claims to have leaked government, ministry, military, and health reports containing Iranian data.
     Date: 2026-02-19T03:48:56Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068641
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/44e2e7ad-3502-470b-a3aa-f296b252b6c9.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iran
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
117. Alleged data leak of cracked.io
     Category: Data Breach
     Content: The threat actor claims to be leaked data from cracked.io. The compromised data reportedly includes forum user account information, hashed passwords (bcrypt), IP addresses, login metadata, and profile related fields.
     Date: 2026-02-19T03:45:14Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-DATABASE-Database-Craked-to-Forums
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/5f95a139-3d40-4b97-becd-53ac39f79c57.png
     Threat Actors: ultrainstinto
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
118. Alleged Data Sale of Jelgavas Poliklīnika
     Category: Data Breach
     Content: The threat actor claims to be selling data from Jelgavas Poliklīnika. The compromised data reportedly contain 685,000 records includes Patient emails, names, address, Contracts, Appointments, Patient Educational Records and much more.
     Date: 2026-02-19T03:44:53Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-92k-Latvia-https-www-jelgavaspoliklinika-lv-Patient-records-including-contact-i
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/867aa35d-32c4-4c8f-b5d6-28ba4d2b8340.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Latvia
     Victim Industry: Hospital & Health Care
     Victim Organization: jelgavas poliklīnika
     Victim Site: jelgavaspoliklinika.lv
119. Alleged Data Sale of University of Madras
     Category: Data Breach
     Content: The threat actor claims to be selling data from University of Madras. The compromised data reportedly contain 742,000 records includes Students accounts with emails, names, registration742,000 records includes Students Contracts, Student Enrollments, Student Support Tickets and much more.
     Date: 2026-02-19T03:23:20Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-742k-India-https-www-unom-ac-in-Student-records-including-contacts-emails-de
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/680bc67d-4d9c-484a-8c9d-aa16cce8afcc.png
     Threat Actors: TelephoneHooliganism
     Victim Country: India
     Victim Industry: Education
     Victim Organization: university of madras
     Victim Site: unom.ac.in
120. Alleged Data Sale of Biblioteche di Roma
     Category: Data Breach
     Content: The threat actor claims to be selling data from Biblioteche di Roma. The compromised data reportedly contain 280,000 records includes Personal emails, names, address, Contracts, Library Membership, Device Registrations and much more.
     Date: 2026-02-19T03:14:21Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-284k-Italy-www-bibliotechediroma-it-Personal-records-incl-names-emails-addres
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/27ddb944-ac47-4ad2-9677-7278911a253f.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Italy
     Victim Industry: Library
     Victim Organization: biblioteche di roma
     Victim Site: bibliotechediroma.it
121. Alleged data breach of Jófogás
     Category: Data Breach
     Content: The threat actor claims to be leaked data from Jófogás. The compromised data reportedly contain 334,000 records includes user account details, contact information, encrypted passwords, security configuration data
     Date: 2026-02-19T03:07:20Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-SELLING-334k-Hungary-www-jofogas-hu-User-accounts-with-emails-names-registration-and-ac
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/5edeb97a-e33d-4f7a-996a-f90fa3d9d9c0.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Hungary
     Victim Industry: E-commerce & Online Stores
     Victim Organization: jófogás
     Victim Site: jofogas.hu
122. Alleged leak of login credentials to Cars.iq
     Category: Data Breach
     Content: The group claims to have leaked login credentials to Cars.iq.
     Date: 2026-02-19T02:56:33Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068535
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/9ae80e94-25f1-4d59-92ed-ea9ed0390fe7.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iraq
     Victim Industry: Automotive
     Victim Organization: cars.iq
     Victim Site: cars.iq
123. Alleged sale of crypto data from Monedas
     Category: Data Breach
     Content: The threat actor claims to be selling Spanish cryptocurrency user data allegedly obtained from Monedas.com and other associated domains. The compromised data reportedly contain 62,394 records including user account information, email addresses, password fields, profile metadata, and data linked to related crypto domains.
     Date: 2026-02-19T02:52:29Z
     Network: openweb
     Published URL: https://breachforums.as/Thread-DATABASE-monedas-com-crypto
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/f31aa307-48f9-463f-b579-7530f94042a0.png
     Threat Actors: Wadjet
     Victim Country: Spain
     Victim Industry: Other Industry
     Victim Organization: monedas
     Victim Site: monedas.com
124. Alleged leak of login credentials to Communications and Media Commission
     Category: Data Breach
     Content: The group claims to have leaked login credentials to Communications and Media Commission
     Date: 2026-02-19T02:43:57Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068555
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/011919a6-0dd2-4102-92b9-c513132a4ade.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iraq
     Victim Industry: Broadcast Media
     Victim Organization: communications and media commission
     Victim Site: cmc.iq
125. Alleged data breach of Web Design Hong Kong
     Category: Data Breach
     Content: The threat actor claims to be leaked data from Web Design Hong Kong. The compromised data reportedly contain 287,000 records includes personal contact details, encrypted password fields, project inquiries, and invoice related information
     Date: 2026-02-19T02:14:05Z
     Network: tor
     Published URL: https://breachedmw4otc2lhx7nqe4wyxfhpvy32ooz26opvqkmmrbg73c7ooad.onion//Thread-SELLING-287k-Hong-Kong-https-www-web-design-hk-User-contacts-including-emails-passwor
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/aab4a645-921e-43a3-8763-ebd408903ebe.png
     Threat Actors: TelephoneHooliganism
     Victim Country: China
     Victim Industry: Graphic & Web Design
     Victim Organization: web design hong kong
     Victim Site: web-design.hk
126. Alleged leak of login credentials to Central Organization for Standardization and Quality Control
     Category: Data Breach
     Content: The group claims to have leaked login credentials to Central Organization for Standardization and Quality Control
     Date: 2026-02-19T01:47:19Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068541
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/98dc8430-6603-46bc-9150-22725f5b8a94.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iraq
     Victim Industry: Government Administration
     Victim Organization: central organization for standardization and quality control
     Victim Site: cosqc.gov.iq
127. Alleged Data Leak of Monedas.com
     Category: Data Breach
     Content: Threat actor claims to be selling a cryptocurrency user database allegedly linked to monedas.com (Spain) and its associated domains (beetcoins.com, münzen.com, and moedas.io). The dataset reportedly contains 62,394 records, including user IDs, names, nicknames, email addresses, passwords, avatar links, and cryptocurrency-related fields such as monedas and exchanges.
     Date: 2026-02-19T01:18:22Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276402/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/8c70b31c-44ec-465e-b42b-5f7aa16ad5b2.png
     https://d34iuop8pidsy8.cloudfront.net/860d0811-6e15-4311-8301-7262622471c7.png
     Threat Actors: anugod
     Victim Country: Spain
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: monedas.com
128. Alleged leak of login credentials to MTN Irancell
     Category: Data Breach
     Content: The group claims to have leaked login credentials to MTN Irancell
     Date: 2026-02-19T01:02:34Z
     Network: telegram
     Published URL: https://t.me/c/1943303299/1068412
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/673a1bad-5f45-40c7-ada6-a1b46f60ab52.png
     Threat Actors: A K U L A v 2 . 2
     Victim Country: Iran
     Victim Industry: Network & Telecommunications
     Victim Organization: mtn irancell
     Victim Site: emp.irancell.ir
129. Alleged Sale of unauthorized access to unidentified Aviation Company
     Category: Initial Access
     Content: Threat actor claims to be selling access to an aviation company reportedly generating approximately $1.6 billion in revenue. The post advertises VMware vSphere full access to more than 40 machines and alleges the presence of over 2TB of internal data.
     Date: 2026-02-19T00:54:32Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276401/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/9589f627-0e3e-43fa-8ff2-95008ded383e.png
     Threat Actors: privisnanet
     Victim Country: Unknown
     Victim Industry: Airlines & Aviation
     Victim Organization: Unknown
     Victim Site: Unknown
130. Alleged access to monitoring and control system in spain
     Category: Initial Access
     Content: The group claims to have gained access to monitoring and control system for industrial cold rooms and compressor equipment in Spain.
     Date: 2026-02-19T00:44:37Z
     Network: telegram
     Published URL: https://t.me/zpentestalliance/1085
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/a9682193-48f3-4988-9fdf-6a6cd0b691c4.png
     https://d34iuop8pidsy8.cloudfront.net/2bf5f413-702f-43bd-bb70-c64fc90af991.png
     Threat Actors: Z-PENTEST ALLIANCE
     Victim Country: Spain
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
131. Alleged sale of unauthorized admin access to unidentified Presta shop in Multiple countries
     Category: Initial Access
     Content: Threat actor claims to be selling access to multiple PrestaShop-based online stores, generating approximately 2,000–4,000 credit card transactions per month.
     Date: 2026-02-19T00:34:09Z
     Network: openweb
     Published URL: https://forum.exploit.in/topic/276400/
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/04e741a0-5d62-434f-84bc-fb50305bccd0.png
     https://d34iuop8pidsy8.cloudfront.net/109edc5d-86be-413e-9172-2f5d99de8569.png
     https://d34iuop8pidsy8.cloudfront.net/aadac609-4ccb-4fa5-870c-7199ae8d1e0d.png
     https://d34iuop8pidsy8.cloudfront.net/8bfa0b8e-9a63-4fb3-bb17-d0c8b763c7eb.png
     Threat Actors: Matteo
     Victim Country: Unknown
     Victim Industry: E-commerce & Online Stores
     Victim Organization: Unknown
     Victim Site: Unknown
132. Alleged data breach of Praktiker Hellas
     Category: Data Breach
     Content: The threat actor claims to be leaked data from Praktiker Hellas. The compromised data reportedly contain 184,000 records includes customer contact details, product registration records, and survey response data
     Date: 2026-02-19T00:19:56Z
     Network: tor
     Published URL: https://breachedmw4otc2lhx7nqe4wyxfhpvy32ooz26opvqkmmrbg73c7ooad.onion//Thread-SELLING-184k-Greece-https-www-praktiker-gr-Customer-contacts-with-emails-phone-number
     Screenshots:
     https://d34iuop8pidsy8.cloudfront.net/5fa6f78f-0234-4469-9969-3b6a9bfb8797.png
     Threat Actors: TelephoneHooliganism
     Victim Country: Greece
     Victim Industry: E-commerce & Online Stores
     Victim Organization: praktiker hellas
     Victim Site: praktiker.gr