[February-21-2026] Daily Cybersecurity Threat Report

Executive Summary

This report provides an exhaustive analysis of 133 distinct cybersecurity incidents detected and documented on February 21, 2026. The threat landscape observed during this period is characterized by a high volume of website defacements, massive data breaches involving millions of sensitive records, critical initial access sales, and the distribution of advanced malware and zero-day vulnerabilities. The incidents span multiple geographic regions—with India, France, Bangladesh, and the USA experiencing notable activity—and impact a wide array of industries, including E-commerce, Government Administration, Information Technology, and Healthcare.

This document systematically categorizes these incidents, profiles the predominant threat actors, and analyzes the methods of compromise strictly based on the provided intelligence drafts.

1. High-Impact Data Breaches and Credential Leaks

A significant portion of the recorded events involves the unauthorized exfiltration and subsequent sale or leak of sensitive corporate and personal data on open web forums and Telegram channels.

1.1 Corporate and Franchise Data Breaches

Several major food and beverage franchises suffered data exposures during this reporting period:

Burger King France: Threat actor Eliasxy leaked a franchise database. The exposed data allegedly contains restaurant branch details, internal identifiers, API-related information, franchise enterprise records, employee data, and job application information. The breach was published on the open web.
McDonalds France: In a seemingly related campaign, Eliasxy also claimed to have breached data from McDonalds France. This was published on an open web forum, targeting the Food & Beverages industry.
Innovorder: Threat actor Tenere700 claimed to have breached the database of Innovorder, a French Food & Beverages organization, exposing approximately 41,000 records.

1.2 Financial and Cryptocurrency Breaches

Financial institutions and cryptocurrency platforms were highly targeted:

Ledger Hardware Wallet: Threat actor livingstone claimed to possess a 2026 customer leak containing approximately 3,000 records linked to Australian users. The data reportedly includes customer names, phone numbers, email addresses, product names, product codes, currency, and purchase prices.
Polymarket: Threat actor GrandTheftCrypto claimed to have breached 93,000 records from USA-based Polymarket. The compromised data reportedly includes wallet IDs, usernames, X (Twitter) usernames, and trading volume (USD).
Credit Card Data: Threat actor Yarikmsk77 claimed to be selling 100 USA credit card records, reportedly including credit card numbers, expiry dates, CVVs, names, addresses, phones, and emails.
Bank Accounts: Threat actor palexxz advertised leaked bank account details from multiple countries, exposing email credentials, passwords, personal documents, and two-factor authentication (2FA) details.
IDPay: Threat actor A K U L A v 2 . 2 claimed to have leaked login credentials to the Iranian financial services organization IDPay via Telegram.

1.3 Government and Public Sector Data Leaks

Public sector entities faced severe data exposures:

Lok Sabha Members (India): Threat actor EMIRPASHA leaked a database containing information on 543 Lok Sabha members. The dataset includes member names, political party affiliations, constituencies, permanent addresses, permanent telephone numbers, Delhi addresses, email addresses, and additional contact numbers.
Bangladesh ECS: Threat actor Angrboda claimed to be selling a Bangladesh ECS voter database containing 34,105 verified voter records.
Korps Brigade Mobil (Indonesia): Threat actor maulnism1337 claimed to have leaked data from this law enforcement organization via Telegram.
Pass sport (France): Threat actor tsirijas claimed to have breached the database of Pass sport, a government administration entity in France.
Spanish DNI (Identity Cards): Threat actor boto claimed to be selling 1,500 Spanish DNI cards, including front and back images, priced at $300.
Government and Police Emails: Threat actor quasarium claimed to be selling government and police email databases from multiple countries, including Hungary, Italy, Greece, Argentina, Brazil, Vietnam, Bangladesh, East Timor, Thailand, Angola, Eswatini, and Nigeria.

1.4 Healthcare and Non-Profit Breaches

Fitzgibbon Hospital (USA): Threat actor wwxxcc leaked approximately 14.8 GB of data (3,342 files) belonging to Fitzgibbon Hospital. The data reportedly includes 12.3 GB of PDF emails, 1.66 GB of scanned documents, and 853 MB of CSV files containing internal records.
Citizen (UK): Threat actor zestix leaked 203.95 GB of data comprising over 151,000 files from Citizen Housing. The exposed data includes management documents, financial reports, operational databases, backup archives, technical reports, and installation certificates.
GPEMAN (Nepal): Threat actor suicid claimed to have breached the database of the General Practice and Emergency Medicine Association of Nepal, exposing the personal information of its members.

2. Massive Email Lead Distribution Campaigns

A highly active threat actor operating under the moniker “injectioninferno” conducted a massive campaign selling bulk email databases across open web forums. These datasets represent an enormous volume of potentially compromised communications:

Target Geography	Volume of Records	Threat Actor	Date/Time Detected	Source
Australia	38,187,386 records	injectioninferno	2026-02-21T11:43:24Z
Bangladesh	8,087,202 records	injectioninferno	2026-02-21T18:12:44Z
Saudi Arabia	5,922,146 records	injectioninferno	2026-02-21T11:21:03Z
Azerbaijan	1,465,516 records	injectioninferno	2026-02-21T18:00:15Z
Austria	1,316,201 records	injectioninferno	2026-02-21T17:26:20Z
Bahrain	195,420 records	injectioninferno	2026-02-21T18:09:25Z
Bahamas	36,425 records	injectioninferno	2026-02-21T17:46:00Z
Aruba	15,129 records	injectioninferno	2026-02-21T07:01:07Z

3. Targeted Credential Harvesting by “A K U L A v 2 . 2”

The threat actor “A K U L A v 2 . 2” focused exclusively on exfiltrating and leaking login credentials via Telegram. Their targeting heavily favored Iranian and Iraqi organizations across diverse industries:

Telecommunication Company of Iran (Network & Telecommunications)
IDPay (Financial Services, Iran)
CyberSec CO (Security & Investigations, Iran)
ATA Airlines (Airlines & Aviation, Iran)
Keramat Razavi Foundations Servants System (Non-profit, Iran)
Etihad food group (Food Production, Iraq)
Ministry of Water Resources (Government Administration, Iraq)
Al Brouj Group LTD (Information Services, Iraq)

4. Initial Access Broker (IAB) Activity

Initial Access Brokers compromise networks and sell backdoor access to other cybercriminals. Several critical infrastructure and corporate environments were compromised:

Sommitecnicas HVAC Control System (Portugal): Z-PENTEST ALLIANCE gained unauthorized access to this system, enabling them to view sensor readings, adjust operating parameters, modify PLC time settings, and change equipment schedules.
MiniFarm OT System (South Korea): RipperSec claimed unauthorized access to this Operational Technology system.
EU Luxury Hotel Booking Platform: Asian_Baddie offered unauthorized access to an unidentified platform, including IT helpdesk tools with admin privileges, root-level server access, and connectivity to POS, IT, and HR systems affecting 100 devices.
Unidentified Business Organization (Spain): Threat actor boto sold webshell/PHP access to a Spanish business association’s website, providing full web app control, PHP file modification, MySQL access, and admin email credentials.
Spanish Gambling Centre CCTV: NoName057(16) claimed unauthorized access to unidentified CCTV cameras in a gambling centre in Spain.
Polícia Militar do Estado de São Paulo (Brazil): 404 CREW CYBER TEAM claimed to have gained unauthorized access to this law enforcement organization.

5. Mass Defacement Operations

A vast majority of the individual incidents documented on February 21, 2026, were website defacements. These attacks are typically designed for hacktivism, notoriety, or ideological messaging.

5.1 The HellR00ters Team Campaign

The “HellR00ters Team” executed a highly prolific defacement campaign almost exclusively targeting Indian small-to-medium enterprises (SMEs) via Telegram. Their targets included:

E-commerce & Online Stores: MS Madan Enterprises, Hiresquare Digitech Private Limited, Hyper Marshal Private Limited, HIRESQUARE DIGITECH, HM Solutions, Midnest World Voyages, KALINGA STUDIO, HH ROCK SALT SUPPLIER, Estavel AI Technologies Private Limited, JFH Enterprises, Chameli Udyog Private Limited, Gaurika Strips Private Limited, Guru Ji Enterprises, Galaxy Shoes, Gelaxy Manufacturing And Services, Globtrx Solutions Private Limited, Beshade enterprises, Dravnexo Global Private Limited, ANARIX SOLUTIONS PRIVATE LIMITED, Classywear Garments Private Limited, GURI FASHION, ANIQUID TECH PAY PRIVATE LIMITED, ANANTSHREE LIFESTYLE PRIVATE LIMITED, DELIGHT WINGS DIGITECH PRIVATE LIMITED, Dalei Enterprises, FELCON EXPO, Cotofied Traders Private Limited, Cornetto Traders Private Limited.
Information Technology & Software: LNB Solution, Adviz Digital, Archnet InfoTech, Bue Sparkskills Private Limited, DKB Solution Private Limited, dhamaconsultancyservices.com, Croft IT Service Private Limited, Cloudvista Infotech Private Limited, Joolmart Soft.
Fashion, Textiles & Automotive: Mahi Traders, AGT Fashion, Fashion Photography Services, Fashion Frontier Enterprises, Frankwave Textiles, Akash Traders.
Other Sectors: Easy schengen visas (UAE, Legal Services), Mqick Resources India Private Limited, Logiwave Logistics, M/S Majhi Traders, Axe Industries, MS Deb Traders, Lapino Marketing, Kalinga Enterprises, Agrobounique Environmental Services, Jetsy Logistics, Eric Fred Fisheries Private Limited.

5.2 The BABAYO EROR SYSTEM Campaign

The “BABAYO EROR SYSTEM” targeted a more geographically dispersed set of organizations:

Aha (USA, Marketing)
Digital Tech Desk (Nigeria, IT Services)
PRIMER TEC (Brazil, Telecommunications)
Mi Propio Web (Colombia, Software)
ZMC-Transport (Romania, Logistics)
Various unidentified international sites including devine.famitech.qpon, iopi.nessentielle.com, wfda-eg.org, musa.jobpickers.com, webchoiceindia.webdesignchoice.co.in, finance.short2link.com, shipstationapp.mintbig.com, digitalstudyz.com, and juwarabisnis.com.

5.3 Additional Defacements

The EXADOS group claimed to have defaced Thai government administration websites, specifically the Bang Sala Subdistrict Administrative Organization and the Ban Khuan Subdistrict Administrative Organization.

6. Malware, Exploits, and Alerts

Beyond data theft and access brokering, the threat landscape included the sale of sophisticated malware and zero-day vulnerabilities.

ETH Address Poisoning Bot: Threat actor x3000 advertised an Ethereum blockchain tracking system designed for automated execution. The tool continuously scans the blockchain at one-second intervals for deposits or withdrawals and automatically triggers predefined actions, such as sending 0 ETH transactions to targeted wallets.
Orange Livebox Routers 0-Day: Threat actor breach3d advertised two private 0-day vulnerabilities affecting Orange Livebox routers. These vulnerabilities reportedly allow for Remote Code Execution (RCE) and/or Local Privilege Escalation (LPE) via buffer overflow or write-what-where conditions.
Logins.zip Infostealer: The threat actor “logins.zip” claimed to sell access to an infostealer service after acquiring its source code. The malware includes an EV-signed userland backdoor, automated session hijacking, file-grabbing capabilities, and a web-based control panel.
Campaign Alert: Vector-Z announced a targeting campaign against Ukraine named “Shortcircuit”, allegedly in alliance with HackHax, Overflame, and BD Anonymous.

Conclusion

The data provided for February 21, 2026, illustrates a highly volatile cybersecurity environment. While mass defacements by groups like HellR00ters represent the highest volume of individual incidents, the most critical risks stem from the activities of Initial Access Brokers targeting Operational Technology and corporate infrastructure, as well as the massive exfiltration of PII and financial records by actors like injectioninferno and Eliasxy. Organizations must prioritize securing initial access vectors and monitoring for credential leaks to mitigate the prevailing threats outlined in this report.

Detected Incidents Draft Data

Alleged sale of 100 credit card records
Category: Data Breach
Content: Threat actor claims to be selling 100 credit card records from USA. The compromised data reportedly includes credit card number, expiry, cvv, name, address, city, state, zip, country, phone, and email.
Date: 2026-02-21T23:35:12Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276605/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3fb1804d-89ac-4902-be8b-dc94e238bcdb.png
Threat Actors: Yarikmsk77
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of ETH Address Poisoning Bot
Category: Malware
Content: Threat actor claims to be selling a ETH blockchain tracking system designed for blockchain monitoring and automated execution. The actor claims the tool continuously scans the blockchain at one-second intervals, monitoring targeted wallets for deposits or withdrawals. When activity is detected, it automatically triggers predefined actions, including sending 0 ETH transactions to the monitored wallet, with claims of fast and reliable execution.
Date: 2026-02-21T23:16:30Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/276599/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/433629aa-17a4-4806-9cc4-f2724571cec6.png
https://d34iuop8pidsy8.cloudfront.net/4a2ffc1c-9ff8-4ec3-bfe7-ddd8aece4dc2.png
Threat Actors: x3000
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of Aha
Category: Defacement
Content: The group claims to have defaced the website of Aha.
Date: 2026-02-21T22:20:14Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/227
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c54839b-8054-4568-a9e4-21dc85f474a4.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: USA
Victim Industry: Marketing, Advertising & Sales
Victim Organization: aha
Victim Site: aha.inc
Alleged data leak of Ledger hardware wallet customer database
Category: Data Breach
Content: The threat actor claims to possess a 2026 Ledger hardware wallet customer leak containing approximately 3,000 records allegedly linked to Australian users. The dataset reportedly includes personal and purchase-related information such as customer names, phone numbers, email addresses, product names, product codes, currency, and purchase prices
Date: 2026-02-21T22:18:21Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-2026-Ledger-Hardware-Wallet-Coustomer-Leak
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/957e0c38-b0fe-44bf-b66f-472284d03cb4.png
Threat Actors: livingstone
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of 8K Canada Depositor Leads
Category: Data Breach
Content: The threat actor claims to be selling 8,000 fresh Canada HQ depositor leads, the dataset that allegedly includes personal and financial marketing data such as names, emails, phone numbers, deposit amounts, broker details, and offer metadata.
Date: 2026-02-21T21:06:38Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-8K-Canada-Hot-Depositor-Leads
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b7036be1-e8f0-4f17-9f67-341608c9da76.png
Threat Actors: livingstone
Victim Country: Canada
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Burger King France
Category: Data Breach
Content: A threat actor claims to have leaked the franchise database of Burger King France. the exposed data allegedly contains restaurant branch details, internal identifiers, API-related information, franchise enterprise records, employee data, and job application information.
Date: 2026-02-21T20:40:18Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Database-Burger-King-France-Franchise-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/335e53da-357b-4ad5-a115-6af5b438160e.png
https://d34iuop8pidsy8.cloudfront.net/c9e4d924-f50a-4448-a7d7-9c6657ea76a8.png
https://d34iuop8pidsy8.cloudfront.net/589ecbe4-bc1e-45a1-ad4e-a573575cd6a2.png
Threat Actors: Eliasxy
Victim Country: France
Victim Industry: Food & Beverages
Victim Organization: burger king france
Victim Site: burgerking.fr
Alleged Unauthorized Access to Sommitecnicas HVAC Control System
Category: Initial Access
Content: The group claims to have gained unauthorized access to Sommitecnicas (Portugal)’s HVAC control system, enabling them to monitor and configure equipment. This access allows them to view current sensor readings, adjust operating parameters, modify PLC time settings, and change equipment schedules, providing a high degree of control over the automation system and representing a clear instance of initial access to the target environment.
Date: 2026-02-21T20:21:26Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1089
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7030606d-b2ef-4100-a25e-0cdead16d53f.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Portugal
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Lok Sabha Members Database
Category: Data Breach
Content: A threat actor claims to have leaked a database containing information on 543 Lok Sabha members. the dataset as including details of Members of Parliament (MPs) elected to the Lower House of India’s Parliament ,the exposed data allegedly contains member names, political party affiliations, constituencies (state), permanent addresses, permanent telephone numbers, Delhi addresses, email addresses, and additional contact numbers.
Date: 2026-02-21T20:18:00Z
Network: openweb
Published URL: https://breachforums.as/Thread-DOCUMENTS-543-lok-Sabha-members-database-leaked-free-sample
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fa350b57-1242-4a3d-9a33-4dd50080f972.png
Threat Actors: EMIRPASHA
Victim Country: Unknown
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Universitas Diponegoro
Category: Data Breach
Content: A threat actor claims to have leaked the database of Universitas Diponegoro (Diponegoro University) in Semarang.
Date: 2026-02-21T19:55:25Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-DATABASE-UNIVERSITAS-DIPONEGORO-SEMARANG
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e5a4268-3eec-4d09-8262-70548b2357d8.png
Threat Actors: 1LH4MZXSEC
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: universitas diponegoro
Victim Site: undip.ac.id
Alleged data breach of Kirkify
Category: Data Breach
Content: A threat actor claims to have leaked the database of Kirkify.the exposed data includes subscription information, face swap images and videos, billing events, credit transactions, credit balances, blog posts, email addresses, usernames, and user IDs.
Date: 2026-02-21T19:33:10Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Kirkify-net-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7628d75f-02cd-4d36-81ba-11595cb5546c.png
https://d34iuop8pidsy8.cloudfront.net/c2952bf2-1223-4bb7-8937-610d1f27ed5b.png
Threat Actors: Sythe
Victim Country: Unknown
Victim Industry: Software
Victim Organization: kirkify
Victim Site: kirkify.net
EXADOS targets the website of Bang Sala Subdistrict Administrative Organization
Category: Defacement
Content: The group claims to have defaced the website of Bang Sala Subdistrict Administrative Organization.
Date: 2026-02-21T19:18:53Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/161
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/79817219-8677-438c-a471-43d03ce036d8.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: bang sala subdistrict administrative organization
Victim Site: bangsala.go.th
EXADOS targets the website of Ban Khuan Subdistrict Administrative Organization
Category: Defacement
Content: The group claims to have defaced the website of Ban Khuan Subdistrict Administrative Organization.
Date: 2026-02-21T18:58:48Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/162
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a53b06b9-02ea-4a7c-82e8-e4f958a6ee4e.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: ban khuan subdistrict administrative organization
Victim Site: bankhuan.go.th
Alleged Unauthorized Access to the MiniFarm OT System in South Korea
Category: Initial Access
Content: The group claims to have gained unauthorized access to the MiniFarm OT (Operational Technology) system in South Korea.
Date: 2026-02-21T18:43:17Z
Network: telegram
Published URL: https://t.me/c/2875163062/689
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eb0a6250-18bc-44c2-ad6f-a76127816978.png
Threat Actors: RipperSec
Victim Country: South Korea
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Japan-based eBay and VPS accounts
Category: Data Breach
Content: The threat actor claims to have leaked a dataset containing 1,500 records associated with Japan-based eBay and VPS accounts. The exposed data reportedly includes sensitive information such as eBay user IDs, Gmail addresses and passwords, eBay login credentials, VPS provider details, control panel access credentials, IP addresses, etc.
Date: 2026-02-21T18:15:57Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/276582/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1995d51d-10d7-4358-9a14-37b4a2db9c7f.png
Threat Actors: palexxz
Victim Country: Japan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of bank accounts
Category: Data Breach
Content: The threat actor claims to be selling leaked bank account details from multiple countries. The exposed data reportedly includes associated email credentials, passwords, personal documents, and two-factor authentication (2FA) details etc.
Date: 2026-02-21T18:15:13Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/276583/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bce06a72-ecfa-4a99-bcd3-a0d8059bfd9b.png
Threat Actors: palexxz
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of Bangladesh Email Leads
Category: Data Breach
Content: A threat actor is leaked a large email leads database allegedly containing 8,087,202 email records associated with Bangladesh.
Date: 2026-02-21T18:12:44Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Leads-Emails-Bangladesh-8-087-202
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d24d6622-0ce4-44e7-b4d2-2b16f459afb2.png
Threat Actors: injectioninferno
Victim Country: Bangladesh
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data Breach of Citizen
Category: Data Breach
Content: The threat actor claims to be obtained and leaked a database from Citizen. The exposed dataset reportedly contains 203.95 GB of data comprising over 151,000 files, including management documents, financial reports, operational databases, backup archives, energy retrofit project records, technical reports, installation certificates, insurance documents, address-based reports, project progress tracking files, and related internal documentation.
Date: 2026-02-21T18:10:46Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/276584/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/66c40924-df8b-41c0-8135-3be837664fc9.png
https://d34iuop8pidsy8.cloudfront.net/ac51c7db-6663-4ce4-9962-06c846566802.png
https://d34iuop8pidsy8.cloudfront.net/88e2bb28-9fb7-46d0-b7ba-f21d210b3eba.png
https://d34iuop8pidsy8.cloudfront.net/bbde5ed9-043e-45cf-bc67-4cfe98e331af.png
https://d34iuop8pidsy8.cloudfront.net/b4777e31-e1e7-481e-bdb1-b5758ff163b7.png
Threat Actors: zestix
Victim Country: UK
Victim Industry: Non-profit & Social Organizations
Victim Organization: citizen
Victim Site: citizenhousing.org.uk
Alleged sale of Bahrain Email Leads
Category: Data Breach
Content: A threat actor is advertising a database allegedly containing 195,420 email addresses associated with Bahrain. which includes sample email entries and promotes Telegram channels for distribution.
Date: 2026-02-21T18:09:25Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Leads-Emails-Bahrain-195-420
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ae850b84-2126-4137-a6a5-8a954513291a.png
Threat Actors: injectioninferno
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of Azerbaijan Email Leads
Category: Data Breach
Content: A threat actor is leaked a large email leads database allegedly containing 1,465,516 Azerbaijani email addresses. which includes sample email entries and promotes Telegram channels for distribution.
Date: 2026-02-21T18:00:15Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Leads-Emails-Azerbaiy%C3%A1n-1-465-516
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/728b4ccb-4964-407c-8e3c-ce3b771f3349.png
Threat Actors: injectioninferno
Victim Country: Azerbaijan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Lebanese WhatsApp User Database
Category: Data Breach
Content: A threat actor is advertising the sale of a Lebanese WhatsApp user database allegedly containing approximately 3,685,000 records. the dataset includes phone numbers, gender information, and profile photos of active WhatsApp users
Date: 2026-02-21T17:48:23Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Lebanese-WhatsApp-database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f3ff4486-ff4c-4b9e-976e-e797fa532fa4.png
Threat Actors: IMAN
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Bahamas Email Database
Category: Data Breach
Content: A threat actor is advertising a database titled “Emails Complete Bahamas 36,425.” The post suggests a collection of 36,425 email records allegedly related to individuals or entities in the Bahamas.
Date: 2026-02-21T17:46:00Z
Network: openweb
Published URL: https://breachforums.as/Thread-Emails-Bahamas-36-425
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1455d041-927a-436f-a7ee-d9261dd83463.png
Threat Actors: injectioninferno
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to a Food Establishment in Germany
Category: Initial Access
Content: The group claims to have gained unauthorized access to a food establishment in Germany.
Date: 2026-02-21T17:38:30Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1088
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cab45597-0376-4674-87fd-655559522f3c.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to unidentified luxury hotel booking platform
Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to an unidentified EU based luxury hotel booking platform, including access to an IT helpdesk tool with admin privileges and root-level server access. This access reportedly enables connectivity to POS, IT, HR, and other internal systems, affecting 100 devices.
Date: 2026-02-21T17:38:13Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/276580/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e4c25843-6e29-4960-8163-53fd0024c42e.png
Threat Actors: Asian_Baddie
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of Austria Email Leads
Category: Data Breach
Content: A threat actor is leaked a large email leads database allegedly containing 1,316,201 Austrian email addresses.
Date: 2026-02-21T17:26:20Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-LEADS-EMAILS-AUSTRIA-1-316-201
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a420a94-8fa6-4316-9152-d25bee3841bf.png
Threat Actors: injectioninferno
Victim Country: Austria
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Emploi en Tunisie
Category: Data Breach
Content: A threat actor is advertising the sale of a dataset allegedly originating from Emploi en Tunisie. The post claims approximately 137,000 user records containing contact details, job applications, and support ticket data. Exposed fields reportedly include full names, emails, phone numbers, dates of birth, addresses, job application details, recruiter information, and internal support communications.
Date: 2026-02-21T17:00:47Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-137k-Tunisia-user-data-leak-https-www-emploi-en-tunisie-com-contact-and-employm
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/079d61ce-5b57-4015-ad54-0ed9c6a43d39.png
Threat Actors: TelephoneHooliganism
Victim Country: Tunisia
Victim Industry: Human Resources
Victim Organization: emploi en tunisie
Victim Site: emploi-en-tunisie.com
Alleged data breach of AXA Mutuelle Avocats
Category: Data Breach
Content: A threat actor claims to have breached AXA Mutuelle Avocats and is releasing a fresh database dump. the database is 35MB compressed (214MB uncompressed) in ZIP format. Allegedly exposed data includes emails, password hashes, and personally identifiable information (names, civil details), along with additional sensitive records.
Date: 2026-02-21T16:24:40Z
Network: openweb
Published URL: https://breachforums.in/index.php?threads/french-axa-mutuelle-avocats.637/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/986b63a2-be7a-4ef9-9d76-a2d63d647a1f.png
Threat Actors: breach3d
Victim Country: France
Victim Industry: Insurance
Victim Organization: axa mutuelle avocats
Victim Site: axa.fr
Alleged sale of Private 0-Day Vulnerabilities for Orange Livebox Routers
Category: Vulnerability
Content: A threat actor is advertising two private 0-day vulnerabilities affecting Orange Livebox routers (multiple firmware versions). The vulnerabilities are described as potential RCE and/or LPE via buffer overflow or write-what-where conditions.
Date: 2026-02-21T15:52:19Z
Network: openweb
Published URL: https://breachforums.in/index.php?threads/exclusive-orange-livebox-0-day-private.638/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/06ed6454-38da-4f9a-ab36-09503e685b34.png
Threat Actors: breach3d
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Korps Brigade Mobil
Category: Data Breach
Content: Group claims to have leaked data from Korps Brigade Mobil.
Date: 2026-02-21T14:39:59Z
Network: telegram
Published URL: https://t.me/maul1337anon/997?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e477ac97-8bc0-42fc-95df-3d08f9447aed.png
Threat Actors: maulnism1337
Victim Country: Indonesia
Victim Industry: Law Enforcement
Victim Organization: korps brigade mobil
Victim Site: korbrimob.polri.go.id
Alleged leak of login credentials to Telecommunication Company of Iran
Category: Data Breach
Content: The group claims to have leaked login credentials to sub domain of Telecommunication Company of Iran.
Date: 2026-02-21T14:36:33Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074809
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f53b740d-0d32-4319-b704-7fcfd035bc27.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Network & Telecommunications
Victim Organization: telecommunication company of iran
Victim Site: internet.tci.ir
Alleged unauthorized Access to an unidentified CCTV cameras in gambling centre in Spain
Category: Initial Access
Content: The group claims to have gained alleged unauthorized access to an unidentified CCTV cameras in gambling centre in Spain.
Date: 2026-02-21T14:22:07Z
Network: telegram
Published URL: https://t.me/c/2787466017/2437
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3476eb94-4d51-4602-a0e7-9579e34542c8.jpg
Threat Actors: NoName057(16)
Victim Country: Spain
Victim Industry: Gambling & Casinos
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of bangladesh ECS
Category: Data Breach
Content: The threat actor claims to be selling a Bangladesh ECS voter database containing 34,105 verified voter records.
Date: 2026-02-21T14:16:58Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Bangladesh-ECS-Voter-Database-34-105-Records-Political-Preference-Tracking
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef69b3fb-aeee-4da0-9f2b-87a4adf65f8a.png
https://d34iuop8pidsy8.cloudfront.net/054a4d79-89de-4adf-a960-f8ebee8fb309.png
Threat Actors: Angrboda
Victim Country: Bangladesh
Victim Industry: Government Administration
Victim Organization: bangladesh ecs
Victim Site: ecs.gov.bd
Alleged data breach of Polymarket
Category: Data Breach
Content: A threat actor claims to have breached 93,000 records from Polymarket. The compromised data reportedly includes wallet IDs, usernames, X (Twitter) usernames, trading volume (USD), and additional information.
Date: 2026-02-21T14:04:50Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276569/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/27ca6730-1df4-4dfc-b48e-bafc5292bc82.png
Threat Actors: GrandTheftCrypto
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: polymarket
Victim Site: polymarket.com
HellR00ters Team targets the website of Easy schengen visas
Category: Defacement
Content: The threat actor claims to have defaced the website of Easy schengen visas
Date: 2026-02-21T13:53:52Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/930ddd38-74fe-4db0-95b3-4ade455abf4e.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Legal Services
Victim Organization: easy schengen visas
Victim Site: easyschengenvisas.com
Alleged sale of wp admin access to an unidentified shop in India
Category: Initial Access
Content: A threat actor claims to be selling wp-admin access to an unidentified shop in india
Date: 2026-02-21T13:41:45Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276562/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/46630fee-6903-432f-a35c-61c817bac318.png
Threat Actors: Baiden
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HELLROOTERS TEAM targets the website of MS Madan Enterprises
Category: Defacement
Content: The Group claims to have defaced the website of MS Madan Enterprises.
Date: 2026-02-21T13:33:25Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bb15e934-f722-4e1e-9c09-d51e1743d022.png
https://d34iuop8pidsy8.cloudfront.net/f40c9114-50a2-42f2-a566-f447bfb5c064.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: ms madan enterprises
Victim Site: ms-madanenterprises.com
HellR00ters Team targets the website of Hiresquare Digitech Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Hiresquare Digitech Private Limited.
Date: 2026-02-21T13:28:33Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f1cbbe74-313e-485c-bd14-610135eac780.png
https://d34iuop8pidsy8.cloudfront.net/6401bfaa-c5b8-4587-89ee-ae016b1e1807.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: hiresquare digitech private limited
Victim Site: hiresquaredigitech.com
HELLROOTERS TEAM targets the website of Mahi Traders.
Category: Defacement
Content: The Group claims to have defaced the website of Mahi Traders.
Date: 2026-02-21T13:28:27Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eae59e3f-8d06-4cc8-bc6e-00ace5ad3ba2.png
https://d34iuop8pidsy8.cloudfront.net/caa4e52a-8fe4-48e0-8d55-9d68ced80444.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Fashion & Apparel
Victim Organization: mahi traders
Victim Site: mahi-traders.com
HellR00ters Team targets the website of Hyper Marshal Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Hyper Marshal Private Limited.
Date: 2026-02-21T13:27:36Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/608c05b0-a315-4a01-8e56-21345349faa2.png
https://d34iuop8pidsy8.cloudfront.net/3d06f224-f9b5-44a3-abcc-294db9658178.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: hyper marshal private limited
Victim Site: hyper-marshal.com
HELLROOTERS TEAM targets the website of Mqick Resources India Private Limited
Category: Defacement
Content: The Group claims to have defaced the website of Mqick Resources India Private Limited.
Date: 2026-02-21T13:15:54Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ed374fef-494d-470f-ae33-794c3261e064.png
https://d34iuop8pidsy8.cloudfront.net/c8d01ff5-1cfd-4532-94f2-1620ba00478d.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Business Supplies & Equipment
Victim Organization: mqick resources india private limited
Victim Site: mqickresourcesindia.com
HellR00ters Team targets the website of Logiwave Logistics
Category: Defacement
Content: The group claims to have defaced the website of Logiwave Logistics.
Date: 2026-02-21T13:14:15Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2074e8ea-3ae5-481e-9a6e-2226b3cca82c.jpg
https://d34iuop8pidsy8.cloudfront.net/f3fbe9c2-0dcb-47c2-ad2a-9eb217412721.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Transportation & Logistics
Victim Organization: logiwave logistics
Victim Site: logiwave-logistics.com
HellR00ters Team targets the website of AGT Fashion
Category: Defacement
Content: The group claims to have defaced the website of AGT Fashion.
Date: 2026-02-21T13:13:57Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dbd3298d-74ec-41ee-8d8f-956fb9524f35.png
https://d34iuop8pidsy8.cloudfront.net/4ecdac82-0b46-459f-a62d-a2f41070ccf1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Fashion & Apparel
Victim Organization: agt fashion
Victim Site: agt-fashion.com
HellR00ters Team targets the website of M/S Majhi Traders
Category: Defacement
Content: The Group claims to have defaced the website of M/S Majhi Traders
Date: 2026-02-21T13:13:52Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c74f8f24-54d1-40c3-a9cf-f328c7c6d56d.png
https://d34iuop8pidsy8.cloudfront.net/b1a53416-68d1-47bb-a9ef-96607c5daab3.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Food Production
Victim Organization: m/s majhi traders
Victim Site: msmajhitraders.com
HellR00ters Team targets the website of HIRESQUARE DIGITECH
Category: Defacement
Content: The group claims to have defaced the website of HIRESQUARE DIGITECH.
Date: 2026-02-21T13:13:14Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f071a691-c87e-4151-9320-6f2706d5a1e1.png
https://d34iuop8pidsy8.cloudfront.net/094f5ba4-9b27-47fa-889e-b64e462e4183.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: hiresquare digitech
Victim Site: hedigitech.org
HellR00ters Team targets the website of HM Solutions
Category: Defacement
Content: The group claims to have defaced the website of HM Solutions.
Date: 2026-02-21T13:10:55Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c30b121-64e5-4f43-9a7f-c39752837b8c.png
https://d34iuop8pidsy8.cloudfront.net/3c797f05-f28a-46a3-9183-0fde26343dcc.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: hm solutions
Victim Site: hm-solutions.org
HellR00ters Team targets the website of Axe Industries
Category: Defacement
Content: The group claims to have defaced the website of Axe Industries.
Date: 2026-02-21T13:10:09Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/26e5013b-51e0-4d70-bc17-276a5fc64bb7.png
https://d34iuop8pidsy8.cloudfront.net/c77631d1-1ab7-483f-b729-22075b0b82c1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Manufacturing
Victim Organization: axe industries
Victim Site: axeindustries.com
HELLROOTERS TEAM targets the website of Midnest World Voyages
Category: Defacement
Content: The Group claims to have defaced the website of Midnest World Voyages.
Date: 2026-02-21T13:07:17Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9cdaa6c0-d4e6-4e4c-8f3b-cdbe6cb2dbbd.png
https://d34iuop8pidsy8.cloudfront.net/9c2c439e-0774-4077-9d14-4524276b5698.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: midnest world voyages
Victim Site: midnestworldvoyages.com
HELLROOTERS TEAM targets the website of MS Deb Traders
Category: Defacement
Content: The group claims to have defaced the website of MS Deb Traders.
Date: 2026-02-21T13:01:52Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/140b08ff-9ecf-4a59-8671-a7c5d8564a50.png
https://d34iuop8pidsy8.cloudfront.net/a885070b-abda-417e-973e-be351fcc9166.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Wholesale
Victim Organization: ms deb traders
Victim Site: msdebtraders.com
HellR00ters Team targets the website of LNB Solution
Category: Defacement
Content: The group claims to have defaced the website of LNB Solution.
Date: 2026-02-21T13:00:42Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a80044b1-a264-4e4b-a5b7-42cfc1bd7744.jpg
https://d34iuop8pidsy8.cloudfront.net/01fbca4d-512e-461b-8b39-836e6ea4be1c.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: lnb solution
Victim Site: lnb-solution.com
HellR00ters Team targets the website of Lapino Marketing
Category: Defacement
Content: The group claims to have defaced the website of Lapino Marketing.
Date: 2026-02-21T12:57:32Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4012d231-5850-4ee2-a979-87f198a36851.jpg
https://d34iuop8pidsy8.cloudfront.net/27ba7886-2d33-4362-a33f-87b98e6d6ea2.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Marketing, Advertising & Sales
Victim Organization: lapino marketing
Victim Site: lapinomarketing.com
HellR00ters Team targets the website of Adviz Digital
Category: Defacement
Content: The group claims to have defaced the website of Adviz Digital.
Date: 2026-02-21T12:55:03Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/babc335c-4dff-490d-8f79-a4ddc82fe429.png
https://d34iuop8pidsy8.cloudfront.net/e2e84732-7f44-4f0c-9227-ff9c9bdcb098.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: adviz digital
Victim Site: advizdigital.com
HellR00ters Team targets the website of KALINGA STUDIO
Category: Defacement
Content: The group claims to have defaced the website of KALINGA STUDIO.
Date: 2026-02-21T12:54:50Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1b516724-fa74-4328-bf6f-03133296bfc8.jpg
https://d34iuop8pidsy8.cloudfront.net/e7133da3-0e93-4c81-a5b8-cf3a83c2fe35.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: kalinga studio
Victim Site: ks-studios.com
Vector-Z claims to target Ukraine
Category: Alert
Content: A recent post by the group is targeting Ukraine under the campaign name Shortcircuit , allegedly in alliance with HackHax, Overflame, and BD Anonymous.
Date: 2026-02-21T12:53:58Z
Network: telegram
Published URL: https://t.me/c/3585517592/120
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fbcec971-ecc7-4166-8fb2-fd7da792606d.jpg
https://d34iuop8pidsy8.cloudfront.net/721aff58-e414-4cd4-91bb-a420f3a06558.jpg
https://d34iuop8pidsy8.cloudfront.net/65c0dfc3-c6b9-43d8-bd5f-5987a39b17c3.jpg
Threat Actors: Vector-Z
Victim Country: Ukraine
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of Kalinga Enterprises
Category: Defacement
Content: The group claims to have defaced the website of Kalinga Enterprises.
Date: 2026-02-21T12:49:40Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f59ca6cc-13eb-4d1a-a62e-b576362cbe88.jpg
https://d34iuop8pidsy8.cloudfront.net/9744d8f8-93c4-4164-a121-7e0c9fc7e14b.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Manufacturing
Victim Organization: kalinga enterprises
Victim Site: kalinga-enterprises.com
HellR00ters Team targets the website of Archnet InfoTech
Category: Defacement
Content: The group claims to have defaced the website of Archnet InfoTech.
Date: 2026-02-21T12:43:42Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a181c964-9ce7-4da4-8d40-227c9551c588.png
https://d34iuop8pidsy8.cloudfront.net/ce516e31-387b-43db-87a3-47303981061b.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: archnet infotech
Victim Site: archnetinfo.com
HellR00ters Team targets the website of Fashion Photography Services
Category: Defacement
Content: The threat actor claims to have defaced the website of Fashion Photography Services
Date: 2026-02-21T12:33:06Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ab604987-e8ef-4129-bbcc-9eb0b7a1c8e7.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Fashion & Apparel
Victim Organization: fashion photography services
Victim Site: fashionphotographyservices.com
HellR00ters Team targets the website of HH ROCK SALT SUPPLIER
Category: Defacement
Content: The group claims to have defaced the website of HH ROCK SALT SUPPLIER.
Date: 2026-02-21T12:32:58Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7984d964-c907-4913-9b01-832dbc89f491.png
https://d34iuop8pidsy8.cloudfront.net/17bc7aae-2268-4381-9f5d-6cc3cbcd9811.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: hh rock salt supplier
Victim Site: hhrocksaltsupplier.com
HellR00ters Team targets the website of Fashion Frontier Enterprises
Category: Defacement
Content: The threat actor claims to have defaced the website of Fashion Frontier Enterprises
Date: 2026-02-21T12:26:20Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f3ea275f-6b9f-4c25-abd4-6ba011e5be0a.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Fashion & Apparel
Victim Organization: fashion frontier enterprises
Victim Site: fashionfrontierenterprises.com
Alleged unauthorized admin access to promosera
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to promosera.
Date: 2026-02-21T12:24:55Z
Network: openweb
Published URL: https://breachforums.as/Thread-%E2%AD%90Coupon-Codes-promosera-com-website-admin-access%E2%AD%90
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/81b3df05-0d85-4392-a768-fed46850ec24.png
Threat Actors: blackwinter99
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: promosera
Victim Site: promosera.com
HellR00ters Team targets the website of Estavel AI Technologies Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Estavel AI Technologies Private Limited.
Date: 2026-02-21T12:23:53Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/96e2de10-8a57-459f-8f84-800d66c8b5e1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: estavel ai technologies private limited
Victim Site: estavelaitechnologies.com
HellR00ters Team targets the website of JFH Enterprises
Category: Defacement
Content: The group claims to have defaced the website of JFH Enterprises.
Date: 2026-02-21T12:23:26Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c4c5fd66-a76d-4ad9-8424-fdf0cd87b6f5.jpg
https://d34iuop8pidsy8.cloudfront.net/16c6670a-ac2f-4972-96c2-540c45ffd80d.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: jfh enterprises
Victim Site: jfh-enterprises.com
HellR00ters Team targets the website of Chameli Udyog Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Chameli Udyog Private Limited.
Date: 2026-02-21T12:23:06Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/80e613a3-69ff-45b5-bbc5-a79802bbcebb.png
https://d34iuop8pidsy8.cloudfront.net/3d57d50b-0a65-4cb3-a004-86ac3330e56a.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: chameli udyog private limited
Victim Site: chameliudyog.com
HellR00ters Team targets the website of Gaurika Strips Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Gaurika Strips Private Limited.
Date: 2026-02-21T12:21:08Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c8c2f323-d9e6-4a1f-bc68-8d6a7ac383fb.png
https://d34iuop8pidsy8.cloudfront.net/2e86eed0-dfd5-4d33-994b-5b281f07f909.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: gaurika strips private limited
Victim Site: gaurika-strips.com
HellR00ters Team targets the website of Joolmart Soft
Category: Defacement
Content: The group claims to have defaced the website of Joolmart Soft.
Date: 2026-02-21T12:20:52Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/449ba09f-8a1b-4155-b307-e7438b476e21.jpg
https://d34iuop8pidsy8.cloudfront.net/62be02a6-e925-4286-bea1-e452ab00e946.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: joolmart soft
Victim Site: joolmartsoft.com
HellR00ters Team targets the website of Agrobounique Environmental Services
Category: Defacement
Content: The group claims to have defaced the website of Agrobounique Environmental Services.
Date: 2026-02-21T12:20:47Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fd57d929-f3ac-43c1-b7ad-2b1d283d84bc.png
https://d34iuop8pidsy8.cloudfront.net/03e63707-c12c-4273-ad36-de3005d85cd1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Environmental Services
Victim Organization: agrobounique environmental services
Victim Site: agrobouniqueenvindia.com
HellR00ters Team targets the website of Guru Ji Enterprises
Category: Defacement
Content: The group claims to have defaced the website of Guru Ji Enterprises.
Date: 2026-02-21T12:18:25Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0904c746-b095-4622-9fbf-6ad3b9e4fb77.png
https://d34iuop8pidsy8.cloudfront.net/3b35f990-8863-42d7-8431-bf8f7e9595a6.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: guru ji enterprises
Victim Site: guru-jienterprises.com
HellR00ters Team targets the website of Galaxy Shoes
Category: Defacement
Content: The group claims to have defaced the website of Galaxy Shoes.
Date: 2026-02-21T12:17:45Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/742679b9-8576-42d1-9da0-5277e174b801.png
https://d34iuop8pidsy8.cloudfront.net/3decd13b-1d26-4a1c-b4d6-8903df79ae5e.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: galaxy shoes
Victim Site: galaxy-shoes.com
HellR00ters Team targets the website of Jetsy Logistics
Category: Defacement
Content: The group claims to have defaced the website of Jetsy Logistics.
Date: 2026-02-21T12:15:48Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/37eddf7b-28ab-4e28-97f8-b79d4438ee27.jpg
https://d34iuop8pidsy8.cloudfront.net/0c8b0b13-ae52-4f10-b6f0-926c8d7ae3c0.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Transportation & Logistics
Victim Organization: jetsy logistics
Victim Site: jetsy-logistics.com
HellR00ters Team targets the website of Gelaxy Manufacturing And Services
Category: Defacement
Content: The group claims to have defaced the website of Gelaxy Manufacturing And Services
Date: 2026-02-21T12:15:29Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/27d90a58-ca71-49f6-9815-e444d5b37983.png
https://d34iuop8pidsy8.cloudfront.net/d7ed4082-3e59-4f2f-ba67-caf9d43654cb.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: gelaxy manufacturing and services
Victim Site: gelaxymanufacturing.com
HellR00ters Team targets the website of Globtrx Solutions Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Globtrx Solutions Private Limited
Date: 2026-02-21T12:13:38Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/48bb94b7-22f3-469a-ad7a-81fd3028a7e2.png
https://d34iuop8pidsy8.cloudfront.net/1e8c36d6-76a4-42ce-9756-d986d1c02b0c.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: globtrx solutions private limited
Victim Site: globtrx-solutions.com
HellR00ters Team targets the website of Beshade enterprises
Category: Defacement
Content: The group claims to have defaced the website of Beshade enterprises.
Date: 2026-02-21T12:11:59Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ccef261b-fecb-4e49-9a96-a7e32cfb23b1.png
https://d34iuop8pidsy8.cloudfront.net/f94f0778-f749-4ab1-bdea-b54b44ace6f7.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: beshade enterprises
Victim Site: beshadeenterprises.com
HellR00ters Team targets the website of Bue Sparkskills Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Bue Sparkskills Private Limited.
Date: 2026-02-21T12:08:18Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/25339144-fb3c-49a4-b3de-bb67563a5a1b.png
https://d34iuop8pidsy8.cloudfront.net/d2438f66-5be9-4fb7-a294-2606906c3dac.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: bue sparkskills private limited
Victim Site: buesparkskills.com
HellR00ters Team targets the website of Dravnexo Global Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Dravnexo Global Private Limited
Date: 2026-02-21T12:07:53Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/19aa8ac3-74e1-49f8-953f-a5962492d6a2.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: dravnexo global private limited
Victim Site: dravnexoglobal.com
HellR00ters Team targets the website of ANARIX SOLUTIONS PRIVATE LIMITED
Category: Defacement
Content: The group claims to have defaced the website of ANARIX SOLUTIONS PRIVATE LIMITED.
Date: 2026-02-21T12:01:22Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3feb3b65-6544-4f5c-8ad4-7e9e1a4ec2d2.png
https://d34iuop8pidsy8.cloudfront.net/df08c8db-fed6-4c34-948d-80ba5b4f70e8.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: anarix solutions private limited
Victim Site: anarixsolutions.com
HellR00ters Team targets the website of Classywear Garments Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Classywear Garments Private Limited.
Date: 2026-02-21T11:59:46Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b433c0dc-8abf-4dfa-b538-978783c02005.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: classywear garments private limited
Victim Site: classyweargarments.com
HellR00ters Team targets the website of GURI FASHION
Category: Defacement
Content: The group claims to have defaced the website of GURI FASHION.
Date: 2026-02-21T11:58:45Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/98256ef3-08e3-44b3-9807-64cd8469f1ff.png
https://d34iuop8pidsy8.cloudfront.net/4372daa3-7417-46e0-a21b-1214c454b726.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: guri fashion
Victim Site: gurifashion.com
HellR00ters Team targets the website of DKB Solution Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of DKB Solution Private Limited
Date: 2026-02-21T11:54:19Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d9c37df6-537b-41f8-a5a2-cb434370d1b1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Software Development
Victim Organization: dkb solution private limited
Victim Site: dkb-solution.com/8.txt
HellR00ters Team targets the website of ANIQUID TECH PAY PRIVATE LIMITED
Category: Defacement
Content: The group claims to have defaced the website of ANIQUID TECH PAY PRIVATE LIMITED.
Date: 2026-02-21T11:52:09Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1e228511-a0d7-4efe-8b0f-f9e2a5967885.png
https://d34iuop8pidsy8.cloudfront.net/9eeb9fb1-3d0b-4dd0-a935-92e31a629590.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: aniquid tech pay private limited
Victim Site: aniquidtechpay.com
HellR00ters Team targets the website of ANANTSHREE LIFESTYLE PRIVATE LIMITED
Category: Defacement
Content: The group claims to have defaced the website of ANANTSHREE LIFESTYLE PRIVATE LIMITED.
Date: 2026-02-21T11:51:10Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/50632832-630d-4937-b826-0dfeb222e644.png
https://d34iuop8pidsy8.cloudfront.net/c1d8beae-7a52-4176-985e-b47fa11644cc.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: anantshree lifestyle private limited
Victim Site: anantshreelifestyle.com
HellR00ters Team targets the website of Eric Fred Fisheries Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Eric Fred Fisheries Private Limited
Date: 2026-02-21T11:47:54Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/db49d16f-4ac0-4bc7-b37d-f1c0ec610a86.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Food Production
Victim Organization: eric fred fisheries private limited
Victim Site: ericfredfisheries.com
Alleged Data breach of Innovorder
Category: Data Breach
Content: The threat actor claims to have breached the database belonging to Innovorder. The compromised dataset reportedly contains approximately 41,000 records.
Date: 2026-02-21T11:45:23Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-FR-INNOVORDER-COM-41K-Extract-by-Portal-acces
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ab694a92-10d4-4f05-bb7c-3f110293bc71.png
Threat Actors: Tenere700
Victim Country: France
Victim Industry: Food & Beverages
Victim Organization: innovorder
Victim Site: innovorder.com
HellR00ters Team targets the website of dhamaconsultancyservices.com
Category: Defacement
Content: The threat actor claims to have defaced the website of dhamaconsultancyservices.com
Date: 2026-02-21T11:45:05Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/053ce1d6-f71f-436e-b524-bb80c2881fc1.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: dhamaconsultancyservices.com
Victim Site: dhamaconsultancyservices.com
Alleged leak of email records from Australia
Category: Data Breach
Content: The threat actor claims to have leaked the 38.1 million email records from Australia.
Date: 2026-02-21T11:43:24Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Leads-Emails-Australia-38-187-386
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9a90b60b-fa13-4156-b056-f43f6ff6730b.png
Threat Actors: injectioninferno
Victim Country: Australia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of Croft IT Service Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Croft IT Service Private Limited.
Date: 2026-02-21T11:37:25Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c853435e-b788-4436-b894-9c485d1e1954.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Software
Victim Organization: croft it service private limited
Victim Site: croftitservice.com
HellR00ters Team targets the website of Frankwave Textiles
Category: Defacement
Content: The group claims to have defaced the website of Frankwave Textiles.
Date: 2026-02-21T11:27:58Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f56fba99-d35f-4368-b894-f293fd9b02c7.png
https://d34iuop8pidsy8.cloudfront.net/e3b39a7d-ffa6-4924-8cc7-ff0fb16979d7.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Textiles
Victim Organization: frankwave textiles
Victim Site: frankwavetextiles.com
HellR00ters Team targets the website of DELIGHT WINGS DIGITECH PRIVATE LIMITED
Category: Defacement
Content: The threat actor claims to have defaced the website of DELIGHT WINGS DIGITECH PRIVATE LIMITED.
Date: 2026-02-21T11:24:23Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4ef669cb-d9ee-4391-8484-c9101fc3d995.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: delight wings digitech private limited
Victim Site: delightwingsdigitech.com
HellR00ters Team targets the website of Dalei Enterprises
Category: Defacement
Content: The threat actor claims to have defaced the website of Dalei Enterprises.
Date: 2026-02-21T11:22:27Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e7a26d13-1511-4933-a400-933687e4c5a7.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: dalei enterprises
Victim Site: daleienterprises.com
Alleged Sale of Leads Saudi Arabia
Category: Data Breach
Content: Threat actor claims to have leaked a massive dataset containing 5,922,146 email records belonging to individuals in Saudi Arabia.
Date: 2026-02-21T11:21:03Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Leads-Saudi-Arabia-EMAILS-5-922-146
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c8cbdcc-1b96-4c4e-9245-0fc409719138.png
Threat Actors: injectioninferno
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of FELCON EXPO
Category: Defacement
Content: The group claims to have defaced the organizations website.
Date: 2026-02-21T11:19:17Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/75546512-949a-4ea3-a153-d69707939cb7.png
https://d34iuop8pidsy8.cloudfront.net/25268c97-9676-4d83-a664-97ef4667bd30.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: felcon expo
Victim Site: felconexpo.com
HellR00ters Team targets the website of Cotofied Traders Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Cotofied Traders Private Limited.
Date: 2026-02-21T11:18:31Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8ae76df6-87d7-4ba8-ae68-1e318c1c6502.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: cotofied traders private limited
Victim Site: cotofiedtraders.com
HellR00ters Team targets the website of Cornetto Traders Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Cornetto Traders Private Limited.
Date: 2026-02-21T11:15:35Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b7d50986-8986-4632-9ac9-4e3b00ded4f0.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: cornetto traders private limited
Victim Site: cornettotraders.com
HellR00ters Team targets the website of Cloudvista Infotech Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Cloudvista Infotech Private Limited.
Date: 2026-02-21T11:12:16Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9470329b-9198-43b2-aca0-3f6cd4d1f1f3.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Software
Victim Organization: cloudvista infotech private limited
Victim Site: cloudvista-infotech.com
HellR00ters Team targets the website of Akash Traders
Category: Defacement
Content: The group claims to have defaced the website of Akash Traders.
Date: 2026-02-21T11:09:02Z
Network: telegram
Published URL: https://t.me/c/2758066065/1050
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/40bbe740-bb6c-47c4-9430-89ba0520678d.png
https://d34iuop8pidsy8.cloudfront.net/7b17eeb7-74d0-4ed8-9230-78ac810e55fd.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Automotive
Victim Organization: akash traders
Victim Site: akashtraders.com
BABAYO EROR SYSTEM targets the website of Digital Tech Desk
Category: Defacement
Content: The group claims to have defaced the website of Digital Tech Desk.
Date: 2026-02-21T11:04:36Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/210
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3aaf489a-6bff-4807-8bd5-30da3eea177f.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Nigeria
Victim Industry: Information Technology (IT) Services
Victim Organization: digital tech desk
Victim Site: digitaltechdesk.com.ng
BABAYO EROR SYSTEM targets the website of PRIMER TEC
Category: Defacement
Content: The group claims to have defaced the website of PRIMER TEC.
Date: 2026-02-21T10:49:10Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/210
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/08b102f2-afe4-4f80-aa30-d201017f68fb.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Brazil
Victim Industry: Network & Telecommunications
Victim Organization: primer tec
Victim Site: maisumchinelo.primer.tec.br
BABAYO EROR SYSTEM targets the website of Mi Propio Web
Category: Defacement
Content: The group claims to have defaced the website of Mi Propio Web
Date: 2026-02-21T10:40:54Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/210
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dc797813-29e7-4534-a349-dc1769010b11.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Colombia
Victim Industry: Software
Victim Organization: mi propio web
Victim Site: mipropioweb.com
BABAYO EROR SYSTEM targets the website of devine.famitech.qpon
Category: Defacement
Content: The group claims to have defaced the website of devine.famitech.qpon
Date: 2026-02-21T10:34:50Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/210
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e19669eb-f622-45f3-8b37-b475c451bd92.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: devine.famitech.qpon
Alleged leak of unauthorized admin access to 24onbd
Category: Data Breach
Content: The threat actor claims to have leaked unauthorised admin access to 24onbd.
Date: 2026-02-21T10:12:45Z
Network: openweb
Published URL: https://breachforums.as/Thread-Bangladesh-Admin-access-to-the-largest-news-website-%E2%AD%9024onbd-com%E2%AD%90
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b2664d02-7ea8-44a4-bcad-a301aeb04e9a.png
Threat Actors: blackwinter99
Victim Country: Bangladesh
Victim Industry: Newspapers & Journalism
Victim Organization: 24onbd
Victim Site: 24onbd.com
Alleged unauthorized access to shilpindia
Category: Initial Access
Content: The threat actor claims to have gained unauthorised access to shilpindia
Date: 2026-02-21T09:53:47Z
Network: openweb
Published URL: https://breachforums.as/Thread-Indian-shilpindia-in-admin-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/14768095-bd57-4211-8d28-2180f047f2cd.png
Threat Actors: blackwinter99
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: shilp india
Victim Site: shilpindia.in
BABAYO EROR SYSTEM targets the website of iopi.nessentielle.com
Category: Defacement
Content: The group claims to have defaced the website of iopi.nessentielle.com.
Date: 2026-02-21T09:51:28Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/210
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/47353804-e930-4cdd-abbd-3243db8a7345.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: iopi.nessentielle.com
BABAYO EROR SYSTEM targets the website of ZMC-Transport
Category: Defacement
Content: The group claims to have defaced the website of ZMC-Transport.
Date: 2026-02-21T09:45:08Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/205
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/51c7d8e4-177d-42d9-bc39-2af6ca3eb1ea.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Romania
Victim Industry: Transportation & Logistics
Victim Organization: zmc-transport
Victim Site: zmc-transport.ro
BABAYO EROR SYSTEM targets the website of wfda-eg.org
Category: Defacement
Content: The group claims to have defaced the website of wfda-eg.org.
Date: 2026-02-21T09:29:29Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/204
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eb6f3e60-c123-46b2-b69e-94b64fa82c1c.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: wfda-eg.org
BABAYO EROR SYSTEM targets the website of musa.jobpickers.com
Category: Defacement
Content: The group claims to have defaced the website of musa.jobpickers.com
Date: 2026-02-21T09:26:41Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/195
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cd18bb6d-bbeb-40a2-8154-65ed7cfc060f.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: musa.jobpickers.com
BABAYO EROR SYSTEM targets the website of webchoiceindia.webdesignchoice.co.in
Category: Defacement
Content: The group claims to have defaced the website of webchoiceindia.webdesignchoice.co.in
Date: 2026-02-21T09:26:28Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/195
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f7470e4c-fb60-44a4-81ed-768362685215.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: webchoiceindia.webdesignchoice.co.inl
Alleged leak of login credentials to IDPay
Category: Data Breach
Content: The group claims to have leaked login credentials to IDPay.
Date: 2026-02-21T09:21:56Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074693
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0e0145f8-0782-447d-91fe-aac17d3dd6d6.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Financial Services
Victim Organization: idpay
Victim Site: idpay.ir
Alleged data sale of moralis
Category: Data Breach
Content: The threat actor claims to be selling internal data from Moralis.
Date: 2026-02-21T09:14:07Z
Network: openweb
Published URL: https://breachforums.as/Thread-moralis-io-website-providing-powerful-APIs-for-accessing-blockchain-data
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/edd8a530-fa4a-46b0-8bf8-f13d51262155.png
Threat Actors: blackwinter99
Victim Country: Sweden
Victim Industry: Software Development
Victim Organization: moralis
Victim Site: moralis.com
Alleged data breach of McDonalds
Category: Data Breach
Content: The threat actor claims to have breached data from McDonalds.
Date: 2026-02-21T09:02:50Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-McDonalds-France-Franchise-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8bb1cd7e-3966-475e-b11d-f01a637da4d4.png
https://d34iuop8pidsy8.cloudfront.net/3604f13b-a7b7-4840-8b04-99ec3944c45b.png
Threat Actors: Eliasxy
Victim Country: France
Victim Industry: Food & Beverages
Victim Organization: mcdonalds
Victim Site: mcdonalds.fr
Alleged Unauthorized Access to online library
Category: Initial Access
Content: The threat actor claims to have unauthorised access to Online library.
Date: 2026-02-21T08:39:22Z
Network: openweb
Published URL: https://breachforums.as/Thread-thuvienonline-com-vn-Vietnamese-online-library-admin-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2bf1be03-4849-4897-bc57-08ddfddc360b.png
Threat Actors: blackwinter99
Victim Country: Vietnam
Victim Industry: Education
Victim Organization: online library
Victim Site: thuvienonline.com.
BABAYO EROR SYSTEM targets the website of finance.short2link.com
Category: Defacement
Content: The group claims to have defaced the website of finance.short2link.com.
Date: 2026-02-21T08:33:10Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/195
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c0e08d3-d121-40c1-8a3a-af189e394f99.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: finance.short2link.com
BABAYO EROR SYSTEM targets the website of shipstationapp.mintbig.com
Category: Defacement
Content: The group claims to have defaced the website of shipstationapp.mintbig.com
Date: 2026-02-21T08:17:27Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/195
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f304adcd-e9ad-467f-a04d-381ad2a5911e.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: shipstationapp.mintbig.com
BABAYO EROR SYSTEM targets the website of digitalstudyz.com
Category: Defacement
Content: The group claims to have defaced the website of digitalstudyz.com.
Date: 2026-02-21T08:12:38Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/195
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c5449447-146d-4b04-8275-58704ddecdc1.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: coach.digitalstudyz.com
BABAYO EROR SYSTEM targets the website of juwarabisnis.com
Category: Defacement
Content: The group claims to have defaced the website of juwarabisnis.com
Date: 2026-02-21T08:10:30Z
Network: telegram
Published URL: https://t.me/BabayoErorSysteam2/197
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3cc5fc43-d4d4-46b3-8e2f-374284d6b57f.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: juwarabisnis.com
Alleged leak of Chinese data
Category: Data Breach
Content: The threat actor claims to have leaked the Chinese data.
Date: 2026-02-21T08:03:31Z
Network: openweb
Published URL: https://breachforums.as/Thread-Chinese-data-Free-download-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1247
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ecb9c3b5-e1a6-481b-9a88-9c2b6e0c0d23.png
Threat Actors: SnowSoul
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to Polícia Militar do Estado de São Paulo
Category: Initial Access
Content: The group claims to have gained unauthorized access to Polícia Militar do Estado de São Paulo.
Date: 2026-02-21T08:00:25Z
Network: telegram
Published URL: https://t.me/crewcyber/739
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/38454418-b9f6-4178-af17-c9a9744e9de8.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Brazil
Victim Industry: Law Enforcement
Victim Organization: polícia militar do estado de são paulo
Victim Site: policiamilitar.sp.gov.br
Alleged Sale of Aruba-Based Email Lead List
Category: Data Breach
Content: The actor claims to be selling a dataset containing 15,129 email leads reportedly linked to individuals in Aruba.
Date: 2026-02-21T07:01:07Z
Network: openweb
Published URL: https://breachforums.as/Thread-Leads-Emails-Aruba-15-129
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/531de5a5-9acd-417c-875d-c554bb532c6f.png
Threat Actors: injectioninferno
Victim Country: Netherlands
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Access to an Unidentified Business organization in Spain
Category: Initial Access
Content: Threat actor claims to be selling unauthorized webshell/PHP access to a Spanish business association’s website, providing full web app control, PHP file modification, MySQL access, and admin email credentials, potentially enabling data theft and mass abuse of trusted mailing lists.
Date: 2026-02-21T06:34:08Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276556/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/555bbf22-fa0f-4591-90a2-49d7d2db4630.png
Threat Actors: boto
Victim Country: Spain
Victim Industry: Business and Economic Development
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Pass sport
Category: Data Breach
Content: The threat actor claims to have breached the database of Pass sport,france.
Date: 2026-02-21T06:31:20Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-PASS-SPORT-FR-CLEAN
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8968f6a5-7e36-4381-b354-47d1021c3fa3.png
Threat Actors: tsirijas
Victim Country: France
Victim Industry: Government Administration
Victim Organization: pass sport
Victim Site: pass.sports.gouv.fr
Alleged Sale of DNI (Identity Cards) data from Spain
Category: Data Breach
Content: Threat actor claims to be selling 1,500 Spanish DNI (national ID) cards, including front and back images, offered as a one-time bulk sale. The seller states the dataset originates from a different source than prior listings and is priced at $300.
Date: 2026-02-21T06:10:50Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276557/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/97f0e652-9609-48f9-a793-a3b839dd1899.png
Threat Actors: boto
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Logins.zip Infostealer With EV-Signed Backdoor
Category: Malware
Content: Threat actor claims to be selling access to the Logins.zip infostealer service after allegedly acquiring the original project and source code. The offering reportedly includes an EV-signed userland backdoor, automated session hijacking, file-grabbing capabilities, and a web-based control panel. Each buyer is said to receive a dedicated server and domain.
Date: 2026-02-21T05:28:50Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276547/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee25ee2e-4bcb-4c19-8651-21088c6a122b.png
https://d34iuop8pidsy8.cloudfront.net/ba319050-eb39-45ca-9581-a174b2207b85.png
https://d34iuop8pidsy8.cloudfront.net/2ecc1a51-d313-47db-aff6-a8365d14d0df.png
https://d34iuop8pidsy8.cloudfront.net/3ed9243a-9879-4adc-89f6-15bc75b6ecdf.png
Threat Actors: logins.zip
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to Etihad food group
Category: Data Breach
Content: The group claims to have leaked login credentials to Etihad food group
Date: 2026-02-21T04:37:19Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074351
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9a7b7580-6ad9-4764-bddf-252fe95110bc.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Food Production
Victim Organization: etihad food group
Victim Site: etihad.iq
Alleged Sale of eSIM Database
Category: Data Breach
Content: Threat actor claims to be selling the database of eSIM.
Date: 2026-02-21T04:16:36Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-eSIM-database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/71904e82-5a73-4243-9016-2f9cda8bfea1.png
Threat Actors: p0ppin
Victim Country: Unknown
Victim Industry: Network & Telecommunications
Victim Organization: esim
Victim Site: Unknown
Alleged leak of login credentials to CyberSec CO
Category: Data Breach
Content: The group claims to have leaked login credentials to CyberSec CO
Date: 2026-02-21T03:47:09Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074305
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e85266d1-9151-4fe9-a31f-a1337e1e1e0e.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Security & Investigations
Victim Organization: cybersec co
Victim Site: cybersec.ir
Alleged leak of login credentials to ATA Airlines
Category: Data Breach
Content: The group claims to have leaked login credentials to ATA Airlines
Date: 2026-02-21T03:46:37Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074323
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aa524c5a-b703-464c-adbc-13aba5dd5d6d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Airlines & Aviation
Victim Organization: ata airlines
Victim Site: ataair.ir
Alleged Sale of HappyEnding24 database
Category: Data Breach
Content: Threat actor claims to be selling the database of HappyEnding24, the database contains user records, administrative files, subscription data, city and center exports, and image/ID-related content.
Date: 2026-02-21T03:41:42Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-IT-happyending24-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9847127b-3ea9-41e5-97ee-897944ebbca5.png
https://d34iuop8pidsy8.cloudfront.net/c0a4a596-ea68-4949-baa7-37d7fd1e30c7.png
Threat Actors: suicid
Victim Country: Italy
Victim Industry: Other Industry
Victim Organization: happyending24
Victim Site: happyendings24.com
Alleged leak of login credentials to Ministry of Water Resources
Category: Data Breach
Content: The group claims to have leaked login credentials to Ministry of Water Resources
Date: 2026-02-21T03:40:43Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074347
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4bae3f9e-eda2-49ed-9414-0cbeb1773a3b.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Government Administration
Victim Organization: ministry of water resources
Victim Site: mowr.gov.iq
Alleged Data Breach of GPEMAN
Category: Data Breach
Content: Threat actor claims to have breached the database of GPEMAN; the dataset contains personal informations of members.
Date: 2026-02-21T03:15:14Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-NP-gpeman-org-np-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/41eec8e2-d547-4203-95fe-a4b618b0cd0d.png
Threat Actors: suicid
Victim Country: Nepal
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: general practice and emergency medicine association of nepal (gpeman)
Victim Site: gpeman.org.np
Alleged sale of Government and Police Emails for EDR/Subpoena from Multiple Countries
Category: Data Breach
Content: The threat actor claims to be selling government and police email databases from multiple countries, including the Government of Hungary, Polizia di Stato (Italy police), Greek Police, the Police of Argentina, Buenos Aires Province, the Military Police of Brazil, Vietnam, Bangladesh Police, East Timor, the Secretariat of Penitentiary Administration of Brazil, Royal Thai Police, Angola, Eswatini, and Nigeria.
Date: 2026-02-21T03:14:27Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Government-and-Police-Emails-for-EDR-Subpoena
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/898be3a2-9961-4205-ba5a-95e5b47122ab.png
Threat Actors: quasarium
Victim Country: Unknown
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Steer wings
Category: Data Breach
Content: The threat actor claims to have breached the database of Steer wings.
Date: 2026-02-21T01:11:12Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-steerwings-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/abe14392-c742-41ac-8dc0-44cd8b5d1b2a.png
Threat Actors: HXH_HAYXHACKER
Victim Country: India
Victim Industry: Education
Victim Organization: steer wings
Victim Site: steerwings.com
Alleged Sale of Unidentified Hotel Reservation in Saudi Arabia
Category: Data Breach
Content: Threat actor claims to be selling Saudi Arabia hotel reservation and flight data. The dataset reportedly contains around 2,500 hotel reservation PDF files with extracted text. The exposed information allegedly includes PII such as names, email addresses, phone numbers, stay details, and hotel information. Some records may also contain ID and payment-related data, along with flight information for multiple airports in Saudi Arabia.
Date: 2026-02-21T01:10:19Z
Network: openweb
Published URL: https://forum.exploit.in/topic/276543/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2e811e2c-1c1e-4d9a-beb9-64f62366221d.png
https://d34iuop8pidsy8.cloudfront.net/4091b030-2ea2-41b1-b4a5-c0bbcf1a15f9.png
https://d34iuop8pidsy8.cloudfront.net/e311ff42-adfa-4c00-88d2-804818a7943d.png
Threat Actors: rythem
Victim Country: Saudi Arabia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of E-accounting
Category: Data Breach
Content: Threat actor claims to have breached the database of E-accounting.
Date: 2026-02-21T01:06:38Z
Network: openweb
Published URL: https://breachforums.as/Thread-SOURCE-CODE-E-accounting-co-kr-Data-Breach-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aff6cf7f-c50a-412c-8631-f12175981811.png
Threat Actors: 888
Victim Country: South Korea
Victim Industry: Software
Victim Organization: e-accounting
Victim Site: e-accounting.co.kr
Alleged leak of login credentials to Keramat Razavi Foundations Servants System
Category: Data Breach
Content: The group claims to have leaked login credentials to Keramat Razavi Foundations Servants System
Date: 2026-02-21T01:02:47Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074082
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fd11c0f1-7f03-4bf7-aa27-01c5ef25d3f8.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Non-profit & Social Organizations
Victim Organization: keramat razavi foundations servants system
Victim Site: khademyar.razavi.ir
Alleged leak of login credentials to Al Brouj Group LTD
Category: Data Breach
Content: The group claims to have leaked login credentials to Al Brouj Group LTD
Date: 2026-02-21T00:43:52Z
Network: telegram
Published URL: https://t.me/c/1943303299/1074066
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b1736120-f4f9-4d3a-a840-bb460e957c35.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Information Services
Victim Organization: al brouj group ltd
Victim Site: btc-iq.com
Alleged data breach of Fitzgibbon Hospital (USA)
Category: Data Breach
Content: The threat actor claims to have leaked the database of Fitzgibbon Hospital (USA). The leaked data reportedly includes emails in PDF format, scanned documents, and CSV files containing internal records and structured data. The total size of the disclosed dataset is approximately 14.8 GB (3,342 files), primarily consisting of 12.3 GB of PDF emails, 1.66 GB of scanned documents, and 853 MB of CSV files.
Date: 2026-02-21T00:23:24Z
Network: openweb
Published URL: https://breachforums.as/Thread-Daixin-s-Leaks-Pack
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e0b14e1d-d733-4c06-b7ab-60a620f03b2d.png
https://d34iuop8pidsy8.cloudfront.net/398bf435-c217-4bb5-b3f1-f2f66626d731.png
https://d34iuop8pidsy8.cloudfront.net/0c1ba18e-792f-4db9-ad99-95a73927f07e.png
Threat Actors: wwxxcc
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: fitzgibbon hospital
Victim Site: fitzgibbon.org
Alleged access to NAVER
Category: Initial Access
Content: The group claims to have gained access to NAVER
Date: 2026-02-21T00:18:17Z
Network: telegram
Published URL: https://t.me/c/2875163062/676
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aae2bcdf-eb9e-49f8-b800-8f9f52ef84e3.png
https://d34iuop8pidsy8.cloudfront.net/14816fae-4ccb-48b8-a04a-dfa087db0133.png
Threat Actors: RipperSec
Victim Country: South Korea
Victim Industry: E-commerce & Online Stores
Victim Organization: naver
Victim Site: naver.com