1. Executive Summary
This report details a series of recent cyber incidents, providing key information for each event, strictly based on the provided data. The provided intelligence encompasses 109 distinct cyber incidents, ranging from high-impact data breaches and critical infrastructure alerts to widespread website defacements and the illicit sale of initial access.
The data indicates a highly active global cyber threat landscape, heavily shaped by hacktivism, financial motivation, and potential state-aligned interests. Geopolitical tensions are evident, particularly with a heavy concentration of attacks targeting organizations in the Middle East. Furthermore, critical infrastructure, government administration, and the education sector appear to be prime targets for a variety of threat actors.
2. Threat Landscape Analysis by Attack Category
The incidents analyzed in this report fall into several distinct operational categories, highlighting the diverse tactics, techniques, and procedures (TTPs) employed by modern threat actors.
2.1. Data Breaches and Exfiltration
Data breaches represent the most significant portion of the severe incidents reported, affecting a wide array of industries globally.
- Government and Political: * A threat actor named “lulzintel” claims to have leaked a database from Taiwan’s New Power Party.
- The exposed data impacted over 33,000 users.
- The compromised information included customer records, contact details, and registration data.
- The threat actor “korea” claims to have leaked a database from the U.S. Government Publishing Office (GPO).
- This leak exposed over 1,500 rows of data.
- The data affected approximately 1,500 users and included 518 unique email addresses.
- The compromised data included email addresses, full names, and BCC/CC addresses.
- A threat actor claims to have breached the database of NASA.
- The threat actor involved in the NASA breach is identified as “Jax7”.
- The threat actor “xNov” claims to have leaked a database from Morocco’s ONOUSC.
- The ONOUSC leak includes 4,550 files containing student names, IDs, DOBs, and registration statuses.
- The group “The GODFATHER of all” claims to have taken down and breached data from the Ministry of Justice in Qatar.
- Financial Services: * The threat actor “max987” claims to be selling approximately 300,000 Coinbase login records.
- The allegedly stolen credential data is compiled in a CSV file totaling around 20MB.
- The dataset includes login URLs, email addresses, and account access information.
- The threat actor “Spirigatito” claims to have breached data from Bebunk in France.
- The Bebunk compromise reportedly contains approximately 75 million records.
- The Bebunk records include IDs, account types, full names, IBAN details, and balance information.
- The threat actor “btCC” claims to have leaked a database from Unistream in Russia.
- The Unistream data contains approximately 107 million rows of transactional activity spanning from 2005 to August 2023.
- The threat actor “arpanetmdr” claims to have breached a database from Crédit Mutuel in France.
- The Crédit Mutuel leak contains over 130,930 records.
- The data includes full names, addresses, dates of birth, IBANs, and other banking information.
- Healthcare: * The threat actor “NetRunnerPR” claims to have leaked network data and exfiltrated patient data from Shiraume Hospital in Japan.
- The stolen dataset includes patient personally identifiable information (PII) and medical records.
- The threat actor “XP95” claims to have breached the Eholo Health database in Spain.
- The Eholo Health dataset includes over one million medical notes and more than 600,000 user records.
- The threat actor “delitospenales” claims to have breached the database of Hospital General de Medellín in Colombia.
- The hospital dataset contains PII and highly sensitive medical laboratory results.
- Corporate and IT Services:
- The threat actor “FulcrumSec” claims to have directly breached LexisNexis cloud infrastructure in the USA.
- The threat actor “ShinyHunters” claims that WoFlow, Inc. in the USA has been compromised.
- The WoFlow dataset contains hundreds of millions of records that have been exfiltrated.
- The threat actor “Chucky” claims to be selling a leaked database linked to Futurize Sistemas in Brazil.
- The Futurize Sistemas dataset contains approximately 6.7 million records in .SQL format.
- The file size is roughly 1.3GB and includes CPF/CNPJ numbers, names, and address details.
2.2. Initial Access Brokerage
The sale or claim of unauthorized initial access indicates a thriving underground economy where actors compromise networks to sell entry points to secondary threat actors (like ransomware affiliates).
- E-Commerce Platforms: * The threat actor “cosmodrome” claims to be selling unauthorized Magento 2 admin access to a shop in the UK.
- This UK access allegedly enables code placement on the payment page for payment redirection.
- The threat actor “cosmodrome” also claims to sell unauthorized admin access to a Magento 2 shop in Germany, including full admin rights.
- The threat actor “charley88” claims to be selling unauthorized Admin and database access to a Magento 2 shop in Jamaica.
- The Jamaican shop processes payments via credit card redirect.
- Critical Infrastructure and Government: * The group “404 CREW CYBER TEAM” claims to have gained unauthorized access to an unidentified Military Intelligence Simulation System in China.
- The group “404 CREW CYBER TEAM” also claims unauthorized access to an unidentified CCTV of the Research Center in China.
- The threat actor “MORNING STAR” claims to have obtained unauthorized access to an Israeli water supply and pump control management system.
- The actor claims full visibility over operational parameters like frequency, water flow rates, and pressure.
- The actor states they can control equipment switching and modify system settings.
- The group “MORNING STAR” also claims to have accessed an industrial control system at a flour production facility in Israel.
- This flour facility access reportedly provides visibility into parameters like weight, temperature, and water flow.
- The group “Cyber Isnaad Front” claims to have gained unauthorized access to government and military communication infrastructure in Israel.
- This infrastructure contains more than 160 data centers managing internal networks.
2.3. Website Defacements
Defacements are primarily utilized for hacktivism, conveying political messages or demonstrating technical superiority.
- Prolific Actors: * The group “BABAYO EROR SYSTEM” claimed multiple defacements, including Edmonton Auto Loans in Canada , Jamnagar Ika Chori in India , Mirha Tour and Travels in India , hotelshreejivatikasurat.com , and Acronics Electric Private Limited.
- The group “EXADOS” targeted multiple government administration sites in Thailand, including the Public Relations Department of Khlong Hin Subdistrict Municipality , Koh Sukorn Subdistrict Administrative Organization , and Muang Ngam Subdistrict Administrative Organization.
- The group “L4663R666H05T” conducted a massive defacement campaign primarily targeting Saudi Arabia. Victims included Green Vision Co , Sharqiya Paints Factory , ZGames , Asseeb , Sasura , Roasting House , ETLALA , Nobles , ICTC , and Green up.
2.4. Alerts and Advanced Threats
Several incidents involved high-level alerts indicating imminent or ongoing attacks against critical national infrastructure.
- The group “Handala” posted an alert indicating they are targeting INSS in Israel.
- The group “Handala Hack” claims to have hacked the entire infrastructure of Saudi Aramco.
- They allege that oil extraction and refining have been completely ceased at Saudi Aramco.
- The group “313 Team” indicated they are targeting and disabling Rafael’s servers operating the Iron Dome in Israel.
- The group “Fatimion cyber team” indicated they are targeting the Kuwaiti government news agency.
2.5. Malware and Underground Sales
- The threat actor “jinkusu01” is allegedly selling an NFCRipper tool.
- The NFCRipper tool allegedly enables NFC relay, card capture, session cloning, and POS/ATM CVM bypass functionalities.
- The threat actor “not null” advertises notnullOSx, a MacOS RAT/stealer.
- The notnullOSx malware allegedly features browser data harvesting, Telegram data theft, and system information collection.
- The threat actor “CC Virus” claims to be selling stolen credit card (CVV) data and related financial databases covering multiple countries globally.
- The data from “CC Virus” allegedly includes CVV details, fresh logs, full databases, and all BIN types.
3. Geographic Impact Analysis
The geographic distribution of the reported incidents highlights specific regional vulnerabilities and targeted geopolitical campaigns.
3.1. Middle East
The Middle East is arguably the most targeted region in the provided data, primarily driven by ongoing geopolitical conflicts.
- Israel: Israel faced a massive volume of attacks spanning defacements, initial access, and critical alerts. Threats included unauthorized access to a water supply and pump control management system by MORNING STAR , access to a flour production facility , and claims by 313 Team regarding targeting servers operating the Iron Dome. Furthermore, Cyber Isnaad Front claimed to disrupt military and government communications, destroying data and documents.
- Saudi Arabia: Saudi Arabia experienced a targeted defacement campaign by L4663R666H05T affecting multiple commercial and manufacturing entities. The most critical claim was by Handala Hack, alleging the complete compromise of Saudi Aramco’s infrastructure. Additionally, the FAD Team claimed a data breach at Maad International.
- Iran: Anonymous claims to have leaked over 30,000 Iranian police forces personal data, including national ID numbers and addresses. The group DORNA Iran claims to have exposed the identities of 100 personnel affiliated with the Salman Corps and provincial police. The threat actor 0BITS claims a data breach of MTN Irancell.
3.2. North America
- United States: The US suffered significant data breaches targeting major corporations and government entities. Notably, ShinyHunters claimed a breach of hundreds of millions of records from WoFlow, Inc.. FulcrumSec claimed a breach of LexisNexis cloud infrastructure. The threat actor “korea” breached the U.S. Government Publishing Office. Furthermore, max987 claimed to sell 300,000 Coinbase logins.
- Canada: Canada experienced defacement activity, with Edmonton Auto Loans targeted by BABAYO EROR SYSTEM.
3.3. Asia-Pacific
- India: India faced multiple defacements by actors such as BABAYO EROR SYSTEM , Team Azrael Angel Of Death , and Team insane Pakistan. A data breach was also reported at Loanwiser by the threat actor HighRisk.
- Thailand: Thailand was specifically targeted by the hacktivist group EXADOS, which systematically defaced multiple local subdistrict administrative organization websites.
- Japan: Significant data breaches occurred in Japan, including the leak of 500,000 PlayStation user logs by VFVCT and the exfiltration of sensitive patient records from Shiraume Hospital by NetRunnerPR.
3.4. Europe and Latin America
- France: Major financial institutions were targeted, including a massive 75 million record leak from Bebunk by Spirigatito and a 130,930 record leak from Crédit Mutuel by arpanetmdr. Florajet was also breached, exposing 1.4 million orders.
- Colombia: The healthcare and education sectors were hit. Hospital General de Medellín suffered a breach of sensitive lab results by delitospenales. Universidad del Rosario and Universidad Surcolombiana experienced student data leaks by NyxarGroup.
4. Key Threat Actor Profiles
Based on the draft data, several threat actors and groups demonstrated high capabilities or high operational tempo.
| Threat Actor | Primary Category | Notable Targets / Victims | Assessment based on Data |
| L4663R666H05T | Defacement | Green Vision Co , ZGames , ICTC | Highly active hacktivist group focusing primarily on Saudi Arabian commercial and manufacturing domains. |
| BABAYO EROR SYSTEM | Defacement | Edmonton Auto Loans , Mirha Tour and Travels | Opportunistic defacement group targeting vulnerable websites globally, with a noted presence in India and Canada. |
| Handala / Handala Hack | Alerts / Critical Infrastructure | INSS , Saudi Aramco | Demonstrates a focus on high-profile, state-level critical infrastructure in the Middle East. |
| MORNING STAR | Initial Access | Israeli water supply system , Flour production facility | Displays concerning capabilities regarding Industrial Control Systems (ICS) and Operational Technology (OT) within Israel. |
| EXADOS | Defacement | Thai Subdistrict Organizations | Shows a concerted effort to target local government web infrastructure in Thailand. |
5. Conclusion
The intelligence derived strictly from the provided incident data highlights a volatile global cybersecurity environment. The volume of incidents proves that threat actors are actively and successfully penetrating networks across all sectors.
The prevalence of initial access sales targeting e-commerce (Magento 2) and critical infrastructure suggests that underground marketplaces remain robust, facilitating a dangerous hand-off between specialized access brokers and disruptive actors. Furthermore, the extreme claims regarding attacks on Saudi Aramco and Israel’s Iron Dome servers underscore that cyber warfare continues to run parallel to physical geopolitical conflicts. Organizations globally, particularly those in government, healthcare, and finance, must prioritize securing external-facing infrastructure, hardening authentication mechanisms against brute-force attacks, and actively monitoring the deep and dark web for compromised credentials.
Detected Incidents Draft Data
- Alleged Data breach of Universidad Politécnica de Cartagena (UPCT)
Category: Data Breach
Content: The threat actor claims to have leaked data from the Universidad Politécnica de Cartagena (UPCT). The compromised data reportedly contains 73,371 records, The exposed data fields allegedly include Personal Data, Staff DNI numbers, Internal Administrative data, Access Data, Activity Logs, Institutional Content Archives, Event, Calendar Information.
Date: 2026-03-03T23:54:08Z
Network: openweb
Published URL: https://darkforums.su/Thread-SPAIN-Universidad-Polit%C3%A9cnica-de-Cartagena-UPCT
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e5e717f1-7f9b-48d5-a107-195bd46c32d7.png
https://d34iuop8pidsy8.cloudfront.net/d1f082f7-b3b7-4fd2-aabe-c02431b3017e.png
Threat Actors: Evorax
Victim Country: Spain
Victim Industry: Education
Victim Organization: universidad politécnica de cartagena (upct)
Victim Site: upct.es - Handala claims to target INSS
Category: Alert
Content: A recent post by the group indicates that they are targetting INSS
Date: 2026-03-03T22:33:56Z
Network: openweb
Published URL: https://x.com/Handala_GROUP/status/2028941525812457903
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7e3e27f-92c0-417a-9911-a73415610cf1.jpg
Threat Actors: Handala
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of New Power Party
Category: Data Breach
Content: The threat actor claims to have leaked a database allegedly belonging to the New Power Party. the data exposed personal information of over 33,000 users, including customer records with contact details and registration data.
Date: 2026-03-03T22:29:41Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Taiwan-newpowerparty-tw-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7abba451-060b-40d1-ab90-b1ca671d0d74.png
Threat Actors: lulzintel
Victim Country: Taiwan
Victim Industry: Political Organization
Victim Organization: new power party
Victim Site: newpowerparty.tw - BABAYO EROR SYSTEM targets the website of Edmonton Auto Loans
Category: Defacement
Content: The group claims to have defaced the website of Edmonton Auto Loans.
Date: 2026-03-03T22:17:44Z
Network: telegram
Published URL: https://t.me/c/3716986899/245
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/df1bf92a-18ca-4194-be6f-c8565fd86e3f.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Canada
Victim Industry: Financial Services
Victim Organization: edmonton auto loans
Victim Site: edmontonautoloans.com - Alleged unauthorized access to an unidentified Military Intelligence Simulation System in China
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified Military Intelligence Simulation System in China.
Date: 2026-03-03T22:07:04Z
Network: telegram
Published URL: https://t.me/crewcyber/875
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/970835ce-f84e-48d7-b830-17272d6e1a1f.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of NFCRipper Tool
Category: Malware
Content: The threat actor selling a NFCRipper tool which allegedly enables NFC relay, card capture, session cloning, and POS/ATM CVM bypass functionalities, claiming it can capture, replay, and manage card data through a centralized web panel for research and testing purposes.
Date: 2026-03-03T22:02:16Z
Network: openweb
Published URL: https://breachforums.as/Thread-NFCRIPPER–190094
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2e687402-c97a-45da-8630-2b089aee2284.png
Threat Actors: jinkusu01
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Breach of U.S. Government Publishing Office (GPO)
Category: Data Breach
Content: The threat actor claims to have leaked a database allegedly belonging to the U.S. Government Publishing Office (GPO). According to the post, over 1,500 rows of data were exposed, affecting approximately 1,500 users and including 518 unique email addresses. The compromised data reportedly includes information such as email addresses, emails sent, BCC addresses, CC addresses, and full names.
Date: 2026-03-03T22:00:15Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-gpo-gov-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b29f97f1-20fc-4285-96ef-ede00283122d.png
Threat Actors: korea
Victim Country: USA
Victim Industry: Government Relations
Victim Organization: u.s. government publishing office
Victim Site: gpo.gov - Alleged data breach of Linear eMerge
Category: Data Breach
Content: The threat actor claims to have leaked multiple U.S.-based Linear eMerge servers, publishing a list of IP addresses.
Date: 2026-03-03T21:55:35Z
Network: openweb
Published URL: https://breachforums.as/Thread-usa-337-Linear-eMerge
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6d7e193c-efbb-48f2-9f85-a91ece55963f.png
Threat Actors: jadert54
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: linear emerge
Victim Site: linearemerge.com - Alleged data breach of Coinbase
Category: Data Breach
Content: The threat actor claims to be selling approximately 300,000 Coinbase login records, allegedly containing user credential data compiled in a CSV file totaling around 20MB. The dataset includes login URLs, email addresses, and associated account access information.
Date: 2026-03-03T21:43:29Z
Network: openweb
Published URL: https://breachforums.as/Thread-Crypto-Coinbase-Logins-300k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7a3f29d1-d632-4773-97cb-6fb8781af055.png
Threat Actors: max987
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: coinbase
Victim Site: coinbase.com - Alleged data breach of PlayStation
Category: Data Breach
Content: The threat actor claims to have leaked approximately 500,000 PlayStation user logs, allegedly obtained from PlayStation Network accounts. The exposed data is said to include account IDs, usernames, passwords, account types, creation dates, public profile information, verification status, login URLs, and timestamps.
Date: 2026-03-03T21:36:49Z
Network: openweb
Published URL: https://breachforums.as/Thread-500K-PlayStation-logs-have-been-leaked-by-the-V-for-Vendetta-Cyber-Team-DOWNLOAD
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/41bc80e4-f317-424c-a818-88eb91dd86d6.png
Threat Actors: VFVCT
Victim Country: Japan
Victim Industry: Gaming
Victim Organization: playstation
Victim Site: playstation.com - Alleged Sale of Unauthorized Magento 2 Admin Access to an Unidentified shop in UK
Category: Initial Access
Content: The threat actor claims to be selling unauthorized Magento 2 admin access to an unidentified shop in UK, allegedly enabling code placement on the payment page and facilitating payment redirection activities, indicating full administrative control over the website and its transaction processes.
Date: 2026-03-03T21:33:10Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277474/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/da17b38b-f9f6-49aa-8f46-2a170a60acd1.png
Threat Actors: cosmodrome
Victim Country: UK
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Unauthorized Admin Access to a Magento 2 Shop in Germany
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin access to a magento 2 shop in Germany, which includes full admin rights.
Date: 2026-03-03T21:27:45Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277475/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c915e93-030b-4723-93f5-3ac9422a16c9.png
Threat Actors: cosmodrome
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Unauthorized WordPress Admin Access in Israel
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized WordPress admin access in Israel.
Date: 2026-03-03T21:15:14Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277473/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/026d76e2-f4f0-4ab2-9006-e13521b27fd5.png
Threat Actors: manofworld
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - ANONYMOUS SYRIA HACKERS claims to target an e-commerce website in Iran
Category: Cyber Attack
Content: A recent post by the group indicates that they are targetting an e-commerce website in Iran and they have gained data from the company which includes login credentials related to the global PayPal platform, as well as users’ personal names, personal email addresses, and passwords encrypted
Date: 2026-03-03T21:12:55Z
Network: telegram
Published URL: https://t.me/anonymous_syriaa/12
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c05d03d-5777-4a4e-be55-8f86a2238de8.jpg
Threat Actors: ANONYMOUS SYRIA HACKERS
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of OptimizerAI
Category: Data Breach
Content: A threat actor claims to have leaked a database allegedly belonging to OptimizerAI. The exposed dataset allegedly includes ,User IDs,Registration timestamps,Email addresses,Profile images,Discord IDs, usernames, nicknames, and profile images,Subscription status,Account creation data.
Date: 2026-03-03T21:08:24Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-OptimizerAI-xyz-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ac95c34a-727e-4d76-8084-c315babc9472.png
https://d34iuop8pidsy8.cloudfront.net/3390e0b4-ce1b-4fef-b9d0-96de8f187850.png
Threat Actors: korea
Victim Country: USA
Victim Industry: Software
Victim Organization: optimizerai
Victim Site: optimizerai.xyz - Alleged Sale of Global Stolen Credit Card and Financial databases
Category: Data Breach
Content: The group claims to be selling stolen credit card (CVV) data and related financial databases covering multiple countries, including the United States, Canada, Mexico, Brazil, Argentina, Chile, Colombia, the United Kingdom, Germany, France, Italy, Spain, Switzerland, the Netherlands, Russia, Turkey, China, Japan, South Korea, the United Arab Emirates, Saudi Arabia, Qatar, India, Singapore, Thailand, Vietnam, Australia, New Zealand, South Africa, Nigeria, Egypt, and Morocco.According to the post, the available data allegedly includes CVV details such as card numbers and expiry dates, as well as fresh logs, full databases, all BIN types, and additional related financial information.
Date: 2026-03-03T21:05:14Z
Network: telegram
Published URL: https://t.me/AccountSquadChat/51142
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7ab63749-9627-45b4-b3d9-1b9dc8e89b44.png
Threat Actors: CC Virus
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - INDOHAXSEC targets the websites of St Josephs College Pilathara
Category: Defacement
Content: The group claims to have defaced the websites of St Josephs College Pilathara.stjosephscollege.ac.inadmin.stjosephscollege.ac.in
Date: 2026-03-03T21:01:41Z
Network: telegram
Published URL: https://t.me/IndoHaxSec3/60
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/117d0006-5677-40fa-aeb7-d55d0d9bf91b.png
Threat Actors: INDOHAXSEC
Victim Country: India
Victim Industry: Higher Education/Acadamia
Victim Organization: st josephs college pilathara
Victim Site: stjosephscollege.ac.in - LunarisSec targets the website of Universidad IEU
Category: Defacement
Content: The group claims to have defaced the website of Universidad IEU.
Date: 2026-03-03T20:59:30Z
Network: telegram
Published URL: https://t.me/Lun4risSec/27
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/da26c3f3-1464-48fa-8944-d4bbcd82a006.png
Threat Actors: LunarisSec
Victim Country: Mexico
Victim Industry: Higher Education/Acadamia
Victim Organization: universidad ieu
Victim Site: ieu.edu.mx - ANONYMOUS SYRIA HACKERS claims to target Iran
Category: Cyber Attack
Content: A recent post by the group indicates that they are targetting Iran
Date: 2026-03-03T20:52:11Z
Network: telegram
Published URL: https://t.me/anonymous_syriaa/11
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1cf97e9e-8cda-4106-94ee-95e90bac51f0.jpg
Threat Actors: ANONYMOUS SYRIA HACKERS
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Shiraume Hospital
Category: Data Breach
Content: A threat actor claims to have leaked Shiraume Hospital’s network and exfiltrated sensitive patient data. the allegedly stolen dataset includes patient personally identifiable information (PII) and medical records.
Date: 2026-03-03T20:51:39Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Shiraume-Hospital-Patient-Data-Leaked
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b72afd52-3523-4837-9e46-2437d74ed3cc.png
Threat Actors: NetRunnerPR
Victim Country: Japan
Victim Industry: Hospital & Health Care
Victim Organization: shiraume hospital
Victim Site: kaigocsc.co.jp/shiraume/hospital/ - Alleged Unauthorized Access to Israel SB Printer
Category: Initial Access
Content: The threat group claims to have obtained unauthorized access to corporate systems associated with SB Printer, including email services.
Date: 2026-03-03T20:37:38Z
Network: telegram
Published URL: https://t.me/c/2875163062/841
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e64ad95a-108d-473d-9ed5-764dd3e8904d.png
Threat Actors: RipperSec
Victim Country: Israel
Victim Industry: Printing
Victim Organization: sb printer
Victim Site: sb-printer.co.il - Alleged data breach of Clarity
Category: Data Breach
Content: A threat actor claims to have leaked a database allegedly belonging to clarity.
Date: 2026-03-03T20:21:00Z
Network: openweb
Published URL: https://breachforums.as/Thread-clarity-co-il-database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f0e8c90e-64cd-4b9c-987f-4289e56886f7.png
Threat Actors: jadert54
Victim Country: Israel
Victim Industry: Information Technology (IT) Services
Victim Organization: clarity
Victim Site: clarity.co.il - Alleged unauthorized access to an unidentified CCTV of the Research Center in China
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified CCTV of the Research Center in China.
Date: 2026-03-03T19:22:42Z
Network: telegram
Published URL: https://t.me/crewcyber/872
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b3daea79-fb47-4e6b-ba1a-34840b737b6d.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Drug Regulatory Authority of Pakistan (DRAP)
Category: Data Breach
Content: The threat actor claims to be leaked a database allegedly obtained from Drug Regulatory Authority of Pakistan (DRAP).
Date: 2026-03-03T19:15:39Z
Network: telegram
Published URL: https://t.me/c/2366703983/1075
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b1ffd6ac-b69f-4d04-a8aa-5a6a8ecbf94a.png
Threat Actors: 7 Proxies
Victim Country: Pakistan
Victim Industry: Government Administration
Victim Organization: drug regulatory authority of pakistan (drap)
Victim Site: dra.gov.pk - DEFACER INDONESIAN TEAM targets the website of Altıparmak Law
Category: Defacement
Content: The group claims to have defaced the website of Altıparmak Law.
Date: 2026-03-03T19:13:03Z
Network: telegram
Published URL: https://t.me/c/2433981896/1153
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c406b0d2-a3f1-455f-99da-710bc575e732.png
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Turkey
Victim Industry: Legal Services
Victim Organization: altıparmak law
Victim Site: altiparmakhukuk.org - Alleged Data Leak of Iranian Citizen Personal Database
Category: Data Breach
Content: The threat actor allegedly exposes sensitive personal information of an Iranian individual. The leaked data reportedly includes national ID number, bank account number, full name, father’s name, date of birth, residential address (Shahin Shahr), bank card number, and mobile phone number.
Date: 2026-03-03T18:40:32Z
Network: telegram
Published URL: https://t.me/youranon_storm/1147
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1f12ba71-79fe-47f8-ade7-0c6fa90e426a.png
Threat Actors: Anonymous
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Unauthorized Access to Israeli Water Pump Control System
Category: Initial Access
Content: Threat actor claims to have obtained unauthorized access to an Israeli water supply and pump control management system, alleging full visibility over operational parameters such as frequency, current, pressure, water flow rates, and pump operating time. The actor states they can control equipment switching, modify system settings, and initiate emergency processes, implying potential disruption capabilities against critical water infrastructure.
Date: 2026-03-03T17:29:03Z
Network: telegram
Published URL: https://t.me/op_morningstar/502
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a342a877-8990-4f53-b144-37f56b7da972.png
Threat Actors: MORNING STAR
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Universidad del Rosario
Category: Data Breach
Content: The threat actor claims to be leaked a database allegedly obtained from urosario.edu.co. the leaked data reportedly contains student information including Student ID, first name(s), last name(s), and institutional email addresses.
Date: 2026-03-03T17:22:50Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-CO-78K-UROSARIO-EDU-CO
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/14e729f0-c745-4cdc-be47-b4d41c7b7f3c.png
Threat Actors: NyxarGroup
Victim Country: Colombia
Victim Industry: Education
Victim Organization: universidad del rosario
Victim Site: urosario.edu.co - Alleged Sale of Unauthorized Admin and Database Access to a Magento 2 Shop in Jamaica
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized Admin and database access to a magento 2 shop in Jamaica. The shop processes payments via credit card redirect and indicates that additional code is currently being installed.
Date: 2026-03-03T16:47:22Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277456/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/edc4f98b-a02c-4032-8550-3275c9ec754c.png
Threat Actors: charley88
Victim Country: Jamaica
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Fatimion cyber team claims to target Kuwait
Category: Alert
Content: A recent post by the group indicates that they are targeting Kuwaiti government news agency.
Date: 2026-03-03T16:24:22Z
Network: telegram
Published URL: https://t.me/hak994/4897
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/525fd02e-e0fe-4987-ad34-997c0044ab67.png
Threat Actors: Fatimion cyber team
Victim Country: Kuwait
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Maad International
Category: Data Breach
Content: The group claims to have compromised systems associated with Maad International in Saudi Arabia, alleging unauthorized access to corporate emails, website data, and information belonging to job applicants, including email addresses and phone numbers
Date: 2026-03-03T16:17:46Z
Network: telegram
Published URL: https://t.me/r3_6j/1868?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/02768971-a3a7-4fc8-8f91-6ae1e0805b64.jpg
Threat Actors: FAD Team
Victim Country: Saudi Arabia
Victim Industry: Commercial Real Estate
Victim Organization: maad international
Victim Site: maad.com.sa - Alleged leak of admin credentials for RIMESSNE
Category: Initial Access
Content: The threat group claims to be leaked admin access to RIMESSNE
Date: 2026-03-03T16:01:39Z
Network: telegram
Published URL: https://t.me/firewirBackupChannel/221
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dde7f469-aa66-40aa-9331-15941d33e118.png
Threat Actors: Fire Wire
Victim Country: Tunisia
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: rimessne
Victim Site: rimessne.tn - Alleged data leak of security personnels of Salman Corps and Provincial Police
Category: Data Breach
Content: The group claims to have exposed the identities of 100 personnel allegedly affiliated with the Salman Corps (Sistan and Baluchestan security forces), Special Units, and provincial police command structures in Iran. The group further asserts possession of broader lists of military and government employees across multiple provinces and issues direct warnings to affected individuals
Date: 2026-03-03T15:45:24Z
Network: telegram
Published URL: https://t.me/dornairan_en/107
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/843d047f-38cc-4623-8eec-f3591769490e.jpg
Threat Actors: DORNA Iran
Victim Country: Iran
Victim Industry: Law Enforcement
Victim Organization: Unknown
Victim Site: Unknown - DieNet claims to target Jordan
Category: Alert
Content: A recent post by the group indicated that they are targeting Jordan
Date: 2026-03-03T15:30:12Z
Network: telegram
Published URL: https://t.me/dienet3/326
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fa4af0ee-9137-4e2f-a6bf-0f23735205e4.jpg
Threat Actors: DieNet
Victim Country: Jordan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Evil Markhors -Dark Side of Pakistan Alliance targets the website of Ministry of Transport and Aviation.
Category: Defacement
Content: The group claims to have defaced the website of Ministry of Transport and Aviation.
Date: 2026-03-03T15:17:56Z
Network: telegram
Published URL: https://t.me/c/2337310341/376
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1da7049c-9706-4dd6-a7d1-c0f710f6eb2f.png
Threat Actors: Evil Markhors -Dark Side of Pakistan Alliance
Victim Country: Afghanistan
Victim Industry: Government Administration
Victim Organization: ministry of transport and aviation
Victim Site: mota.gov.af - Evil Markhors -Dark Side of Pakistan Alliance targets the website of Administrative Office of the President (AOP)
Category: Defacement
Content: The group claims to have defaced the website of Administrative Office of the President (AOP).
Date: 2026-03-03T15:12:33Z
Network: telegram
Published URL: https://t.me/c/2337310341/376
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b4f441ed-75f3-4aec-b81f-20be3c017a29.png
Threat Actors: Evil Markhors -Dark Side of Pakistan Alliance
Victim Country: Afghanistan
Victim Industry: Government Administration
Victim Organization: administrative office of the president (aop)
Victim Site: aop.gov.af - Alleged data breach of WeLearn
Category: Data Breach
Content: The group claims to have breached WeLearn, alleging unauthorized access to all registered user data.
Date: 2026-03-03T15:12:00Z
Network: telegram
Published URL: https://t.me/r3_6j/1862
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d7105fca-1e99-4298-a861-6033c6780fd4.jpg
Threat Actors: FAD Team
Victim Country: Israel
Victim Industry: Education
Victim Organization: welearn
Victim Site: welearn.org.il - 313 Team claims to target Kuwait
Category: Alert
Content: A recent post by the group indicates that they targeting Kuwait.
Date: 2026-03-03T15:05:17Z
Network: telegram
Published URL: https://t.me/xX313XxTeam/628
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c249ee4a-0635-4d90-a630-45a6313fd6d4.jpg
Threat Actors: 313 Team
Victim Country: Kuwait
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - DEFACER INDONESIAN TEAM targets the website of Pengadilan Agama Sorong
Category: Defacement
Content: The group claims to have defaced the website of Pengadilan Agama Sorong.
Date: 2026-03-03T14:58:58Z
Network: telegram
Published URL: https://t.me/c/2433981896/1151
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a2b3d7d2-4add-4a5c-8977-1013a2e02265.png
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Indonesia
Victim Industry: Legal Services
Victim Organization: pengadilan agama sorong
Victim Site: pa-sorong.go.id - Team Azrael Angel Of Death targets the website of TOLO TV
Category: Defacement
Content: The group claims to have defaced the website of TOLO TV
Date: 2026-03-03T14:56:03Z
Network: telegram
Published URL: https://t.me/anonymous_Cr02x/1288
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/387e9d08-860b-4ca6-8ca8-e1b553a39375.jpg
Threat Actors: Team Azrael Angel Of Death
Victim Country: Afghanistan
Victim Industry: Broadcast Media
Victim Organization: tolo tv
Victim Site: tolo.tv/news/evil-markhor-zindabad-0 - Alleged Unauthorized Access to Industrial Control System at Flour Production Facility in Israel
Category: Initial Access
Content: The group claims to have accessed an industrial control system at a flour production facility in Israel, reportedly gaining visibility into process parameters such as weight, temperature, water flow, and production timing cycles. They allege the ability to modify operational settings, potentially impacting manufacturing processes and equipment stability.
Date: 2026-03-03T14:26:32Z
Network: telegram
Published URL: https://t.me/op_morningstar/501
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4a274126-a7e3-4ece-bf0f-dd897eec7af2.png
Threat Actors: MORNING STAR
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Mexitravels
Category: Data Breach
Content: The threat actor claims to have breached 1,983,503 rows of data from Mexitravels, allegedly containing fields such as ID, email, first name, last name, property and more.
Date: 2026-03-03T13:59:50Z
Network: openweb
Published URL: https://breachforums.as/Thread-reservations-mexitravels-com%C2%A0-leak
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/25de4a88-43cb-4129-9399-0735bed20571.png
https://d34iuop8pidsy8.cloudfront.net/4a7bd595-e8b8-4f44-9bf5-d42e77aa8fc4.png
Threat Actors: Tanaka
Victim Country: Mexico
Victim Industry: Leisure & Travel
Victim Organization: mexitravels
Victim Site: reservations.mexitravels.com - Alleged data breach of Loanwiser
Category: Data Breach
Content: The threat actor claims to have breached data from Loanwiser.
Date: 2026-03-03T13:58:51Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277444/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1abd362f-f577-4ea2-863d-5375e56a4c86.png
Threat Actors: HighRisk
Victim Country: India
Victim Industry: Financial Services
Victim Organization: loanwiser
Victim Site: loanwiser.in - Alleged data breach of ONOUSC
Category: Data Breach
Content: The threat actor claims to have leaked a database from ONOUSC on 19/02/2026, The Compromised data includes 4,550 files with student names, IDs, registration numbers, exam numbers, DOBs, and registration statuses.
Date: 2026-03-03T13:57:50Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-amo-onousc-ma-Moroccan-student-registration-data-leak
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/660f7e6d-c91b-4205-beac-ce40c1233997.png
Threat Actors: xNov
Victim Country: Morocco
Victim Industry: Government Administration
Victim Organization: office national des œuvres universitaires, sociales et culturelles
Victim Site: amo.onousc.ma - EXADOS targets the website of Public Relations Department, Khlong Hin Subdistrict Municipality
Category: Defacement
Content: The group claims to have defaced the website of Public Relations Department, Khlong Hin Subdistrict Municipality.
Date: 2026-03-03T13:53:19Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/180
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/31d1ae58-5051-43bf-ae73-c3669c7ab547.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: public relations department, khlong hin subdistrict municipality
Victim Site: klonghin.go.th - EXADOS targets the website of Koh Sukorn Subdistrict Administrative Organization, Trang
Category: Defacement
Content: The group claims to have defaced the website of Koh Sukorn Subdistrict Administrative Organization, Trang.
Date: 2026-03-03T13:49:35Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/180
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/762a74fa-97ed-432c-968f-7c6cc79f9561.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: koh sukorn subdistrict administrative organization, trang
Victim Site: kohsukorn.go.th - EXADOS targets the website of Muang Ngam Subdistrict Administrative Organization
Category: Defacement
Content: The group claims to have defaced the website of Muang Ngam Subdistrict Administrative Organization.
Date: 2026-03-03T13:48:43Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/180
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/57354fa9-a319-4e5c-ad9a-2daf3977b8b3.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: muang ngam subdistrict administrative organization
Victim Site: moungngam.go.th - Alleged data leak of Qazvin University in Iran
Category: Data Breach
Content: The group claims to have leaked data from Qazvin University in Iran.
Date: 2026-03-03T13:27:11Z
Network: telegram
Published URL: https://t.me/AGLegends/4414
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d9a0709b-efea-4809-9b49-115ebf40cd01.jpg
Threat Actors: The GODFATHER of all
Victim Country: Iran
Victim Industry: Education
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of Iranian police forces personal data
Category: Data Breach
Content: The group claims to have leaked over 30,000 Iranian police forces personal data, the compromised data contains names, details, addresses, and national ID numbers.
Date: 2026-03-03T13:25:37Z
Network: telegram
Published URL: https://t.me/youranon_storm/1233
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9ba06e20-421c-4fd4-8d72-0da80b37bac0.png
Threat Actors: Anonymous
Victim Country: Iran
Victim Industry: Law Enforcement
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Ministry of Justice – Qatar
Category: Data Breach
Content: The group claims to have taken down and breached data from Ministry of Justice – Qatar.
Date: 2026-03-03T13:23:14Z
Network: telegram
Published URL: https://t.me/AGLegends/4414
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f2b2cc7a-276d-4b85-b1b0-aeba50037b6d.jpg
Threat Actors: The GODFATHER of all
Victim Country: Qatar
Victim Industry: Government Administration
Victim Organization: ministry of justice
Victim Site: moj.gov.qa - Trojan 1337 targets the website of AJK Food Authority
Category: Defacement
Content: The group claims to have defaced the website of AJK Food Authority.
Date: 2026-03-03T12:19:40Z
Network: telegram
Published URL: https://t.me/c/2805167925/118
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4fc43721-460b-4bf5-b9e9-6bccd08cb5af.png
Threat Actors: Trojan 1337
Victim Country: Pakistan
Victim Industry: Government Administration
Victim Organization: ajk food authority
Victim Site: fa.ajk.gov.pk - Alleged data breach of Bebunk
Category: Data Breach
Content: The threat actor claims to have breached the data from Bebunk. The compromised data reportedly contain approximately 75 million records including ID, account type, email address, full name, phone number, balance information, IBAN details, fees, and related financial data.
Date: 2026-03-03T12:17:32Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-FR-Bebunk-com-75M
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7088f995-61ac-4f50-88c6-8ae79fe494c8.png
https://d34iuop8pidsy8.cloudfront.net/0619e4fc-82dd-4107-ad04-a78ae0f8043d.png
Threat Actors: Spirigatito
Victim Country: France
Victim Industry: Financial Services
Victim Organization: be-bunk
Victim Site: bebunk.com - Team insane Pakistan targets the website of Government Of Assam Higher Education Rashtriya Uchchattar Shiksha Abhiyan
Category: Defacement
Content: The group claims to have defaced the website of Government Of AssamHigher Education Rashtriya Uchchattar Shiksha Abhiyan.
Date: 2026-03-03T10:55:48Z
Network: telegram
Published URL: https://t.me/c/2767021745/41
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/745c1190-a3fd-47e3-96e6-696c3159299d.jpg
Threat Actors: Team insane Pakistan
Victim Country: India
Victim Industry: Government Administration
Victim Organization: government of assam higher education rashtriya uchchattar shiksha abhiyan
Victim Site: heis-rusa.assam.gov.in - Alleged hack of Saudi Aramco
Category: Alert
Content: The threat actor claims to have hacked the entire infrastructure of Saudi Aramco and alleging oil extraction and refining have been completely ceased.
Date: 2026-03-03T10:16:32Z
Network: openweb
Published URL: https://x.com/HANDALA_X/status/2028769622778954093
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e3b09cca-44e2-441a-a956-7c0329d3acb8.png
Threat Actors: Handala Hack
Victim Country: Saudi Arabia
Victim Industry: Oil & Gas
Victim Organization: saudi aramco
Victim Site: aramco.com - NoName claim to target Czech Republic
Category: Alert
Content: A recent post by the group indicates that they are targeting Czech Republic.
Date: 2026-03-03T10:02:08Z
Network: telegram
Published URL: https://t.me/c/2787466017/2627
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b666a5bb-39ba-4e40-8fc0-fd594f52915f.jpg
Threat Actors: NoName057(16)
Victim Country: Czech Republic
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged breach of NASA data
Category: Data Breach
Content: The threat actor claims to have breached the database from NASA.
Date: 2026-03-03T09:53:18Z
Network: openweb
Published URL: https://breachforums.as/Thread-nasa-gov-database-leaked
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c487c0d-f2e4-4038-ac0d-1ae3848a5efb.png
Threat Actors: Jax7
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: nasa
Victim Site: nasa.gov - Alleged data leak of Unistream
Category: Data Breach
Content: The threat actor claims to have leaked a database from Unistream, The compromised data reportedly contains approximately 107 million rows of transactional activity covering nearly 20 years, specifically from 2005 to August 2023.
Date: 2026-03-03T09:44:51Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-unistream-ru-107kk
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0da0e3d6-b270-4ecb-bb77-55313c0aba5c.png
Threat Actors: btCC
Victim Country: Russia
Victim Industry: Financial Services
Victim Organization: unistream
Victim Site: unistream.ru - Alleged leak of ICMR, PAK, HITEK, and COWIN data
Category: Data Breach
Content: The threat actor claims to have leaked databases allegedly related to ICMR, PAK, HITEK, and COWIN, claiming to provide direct files with backup.
Date: 2026-03-03T09:33:44Z
Network: openweb
Published URL: https://breachforums.as/Thread-ICMR-PAK-HITEK-COWIN-All-files-available–190048
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3f3c627c-f4d5-410f-8cc1-ea986aa0249c.png
Threat Actors: DWST
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged breach of Florajet
Category: Data Breach
Content: Threat actor claims to be breached data from Florajet. The compromised data reportedly contains 1,457,473 orders covering the period from 2023 to 2026, totaling 136GB of information.
Date: 2026-03-03T09:30:12Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-FR-Florajet-1-4M-Orders
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/81a5d3c1-7b11-45b2-8ed5-94a3d336ef69.png
https://d34iuop8pidsy8.cloudfront.net/816c1a7f-60be-481b-9d7c-500ba9fd3227.png
Threat Actors: HexDex
Victim Country: France
Victim Industry: E-commerce & Online Stores
Victim Organization: florajet
Victim Site: florajet.com - Team Azrael Angel Of Death targets the website of Vidyawan
Category: Defacement
Content: The group claims to have defaced the website of Vidyawan.Mirror: https://defacer.id/mirror/id/246563
Date: 2026-03-03T09:04:59Z
Network: telegram
Published URL: https://t.me/anonymous_Cr02x/1284
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/13936a83-28bf-4172-8a42-049efd6b4048.png
Threat Actors: Team Azrael Angel Of Death
Victim Country: India
Victim Industry: Education
Victim Organization: vidyawan
Victim Site: vidyawan.in - Alleged data leak of Israel Military database
Category: Data Breach
Content: The group claims to have leaked Military database of Israel.
Date: 2026-03-03T08:54:17Z
Network: telegram
Published URL: https://t.me/liwaamohammad/921
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b860dfd1-2931-46b5-9a34-1f7883d0478b.jpg
Threat Actors: Liwaa Muhammad
Victim Country: Israel
Victim Industry: Military Industry
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of COSMOTE
Category: Data Breach
Content: The threat actor claims to have leaked data from COSMOTE.
Date: 2026-03-03T08:29:25Z
Network: openweb
Published URL: https://breachforums.as/Thread-SnowSoul-ID-1258-cosmote-scholarships-gr
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9e933b45-e2b3-4bc8-ab13-e071bdc5a45e.png
Threat Actors: SnowSoul
Victim Country: Greece
Victim Industry: Education
Victim Organization: cosmote
Victim Site: cosmote-scholarships.gr - Alleged data breach of Rishon LeZion Municipal Corporation
Category: Data Breach
Content: Threat actor claims to have leaked data from Rishon LeZion Municipal Corporation.
Date: 2026-03-03T07:46:21Z
Network: openweb
Published URL: https://breachforums.as/Thread-COLLECTION-Rishon-LeZion-Municipal-Corporation
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bfded4b8-8d1f-4517-9bef-1c5269253a19.png
Threat Actors: Jax7
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: rishon lezion municipal corporation
Victim Site: rishonlezion.muni.il - OpIsraelTeam claims to target Israel
Category: Alert
Content: A recent post by the group indicates that theyre targeting Israel.
Date: 2026-03-03T07:30:49Z
Network: telegram
Published URL: https://t.me/OpIsraelTeam/1640
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/794ee4a8-7a04-49e3-ad6c-8d4f19baab96.jpg
Threat Actors: OpIsraelTeam
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged unauthorized access to Lifetime Nepal
Category: Initial Access
Content: The group claims to have gained unauthorized access to Lifetime Nepal
Date: 2026-03-03T06:33:48Z
Network: telegram
Published URL: https://t.me/c/2622575053/1568
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e28957a8-ff4d-40b8-bf0e-5b10724962d6.png
Threat Actors: NOTRASEC TEAM
Victim Country: Nepal
Victim Industry: Broadcast Media
Victim Organization: lifetime nepal
Victim Site: lifetimenepal.com - BABAYO EROR SYSTEM targets the website of cjhilton.servicereviews.net
Category: Defacement
Content: The group claims to have defaced the website of cjhilton.servicereviews.net .
Date: 2026-03-03T06:31:27Z
Network: telegram
Published URL: https://t.me/c/3716986899/226
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/390bfad1-c61c-4f13-ac4b-612fdf1fe6e7.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: cjhilton.servicereviews.net - Alleged Data Brech of Futurize Sistemas
Category: Data Breach
Content: Threat actor claims to be selling a leaked database allegedly linked to futurizesistemas.com.br. The dataset is described as containing approximately 6.7 million records, shared in .SQL format with a reported file size of ~1.3GB and dated 2026. The exposed data reportedly includes personal and business information such as names, CPF/CNPJ numbers, email addresses, phone numbers, and full address details.
Date: 2026-03-03T06:25:40Z
Network: openweb
Published URL: https://leakbase.la/threads/database-leaked-futurizesistemas-com-br-6-7m.49251/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/371b1052-9d45-4e59-8c7a-c2087a09633a.png
https://d34iuop8pidsy8.cloudfront.net/f8e451af-b6d0-4991-a626-fa24397a3ed0.png
Threat Actors: Chucky
Victim Country: Brazil
Victim Industry: Information Technology (IT) Services
Victim Organization: futurize sistemas
Victim Site: futurizesistemas.com.br - Alleged Data Breach of LexisNexis
Category: Data Breach
Content: The threat actor claims to have directly breached LexisNexis cloud infrastructure.
Date: 2026-03-03T06:17:38Z
Network: openweb
Published URL: https://breachforums.as/Thread-FRESH-BREACH-LEXIS-NEXIS-YES-AGAIN-US-DOJ-SEC-USERS-EXPOSED
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/96d9dd70-6b87-4b32-aaac-7bd6762112ba.png
https://d34iuop8pidsy8.cloudfront.net/5d1f0f08-14c4-4688-b6a8-76316170e3b0.png
https://d34iuop8pidsy8.cloudfront.net/e8e2488d-a3f3-488f-b709-56a9d1034c13.png
Threat Actors: FulcrumSec
Victim Country: USA
Victim Industry: Legal Services
Victim Organization: lexisnexis
Victim Site: lexisnexis.com - L4663R666H05T targets the website of Green Vision Co
Category: Defacement
Content: The group claims to have defaced the website of Green Vision Co
Date: 2026-03-03T06:16:52Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/797020
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/18d2c56a-ce95-4298-a476-b8e6b6aa2d69.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Environmental Services
Victim Organization: green vision co
Victim Site: greenvisionco.sa - L4663R666H05T targets the website of Sharqiya Paints Factory
Category: Defacement
Content: The group claims to have defaced the website of Sharqiya Paints Factory
Date: 2026-03-03T06:12:08Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795777
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d604dceb-7ccf-4daf-8754-dff8959e72db.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Manufacturing
Victim Organization: sharqiya paints factory
Victim Site: sharqiyapaints.com.sa - L4663R666H05T targets the website of ZGames
Category: Defacement
Content: The group claims to have defaced the website of ZGames
Date: 2026-03-03T06:09:06Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795566
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/580d3b43-89da-4aa2-b9ec-73760e487748.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Gaming
Victim Organization: zgames
Victim Site: zgames.sa - L4663R666H05T targets the website of Asseeb
Category: Defacement
Content: The group claims to have defaced the website of Asseeb
Date: 2026-03-03T06:02:25Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795538
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/48809b62-2cfb-4d11-953a-1ddaab449a4a.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Manufacturing
Victim Organization: asseeb
Victim Site: shop.asseeb.sa - Alleged Data breach of Kairos
Category: Data Breach
Content: The threat actor claims to have leaked data from the Kairos. The compromised data reportedly contains 302,314 records, The exposed data fields allegedly include Title, Last Name, First Name, Date of Birth, Address, Postal Code, City, Phone Number and Email information.
Date: 2026-03-03T05:55:04Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-FR-Kairos
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5f720cc4-7d62-4a12-8ed8-08bdf8c08eb5.png
Threat Actors: arpanetmdr
Victim Country: France
Victim Industry: Management Consulting
Victim Organization: kairos
Victim Site: kairos-formation.fr - Alleged Data Breach of SDN Larangan 11
Category: Data Breach
Content: The threat actor claims to have breached the database of SDN Larangan 11. The dataset contains student personal information.
Date: 2026-03-03T05:49:03Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Database-Sekolah-SDN-Larangan-11
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c07ffe1-4b4f-4e15-a467-969f2ebd332c.png
https://d34iuop8pidsy8.cloudfront.net/3e2c0284-c7ee-41f2-85f0-f4d050b699bc.png
Threat Actors: MRanzXploit
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: sekolah dasar negeri larangan 11
Victim Site: Unknown - Alleged unauthorized access to government and military communication infrastructure of Israel
Category: Initial Access
Content: The group claims to have gained unauthorized access to government and military communication infrastructure of Israel. which contain more than 160 data centers that manage internal networks in various cities of the occupied territories. It disrupted all military, government, and private communications and destroyed all their data and documents.Update: The second batch of leaked documents allegedly contains materials related to the infrastructure of the defense contractor Elbit Systems. The disclosure also references unauthorized configuration activity within Elbit Systems infrastructure, indicating a significant breach of the company’s network security.
Date: 2026-03-03T05:47:40Z
Network: telegram
Published URL: https://t.me/CyberIsnaadFront2/560?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d121276b-9180-4873-a990-8885560fdc78.png
https://d34iuop8pidsy8.cloudfront.net/8eb1c138-9903-46a2-bf67-32bba44c28fa.png
https://d34iuop8pidsy8.cloudfront.net/2f07e01d-7f59-460c-b2a3-efeb794f6ccb.png
Threat Actors: Cyber Isnaad Front
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of 150 credit card records from USA
Category: Data Breach
Content: Threat actor claims to be selling 150 credit card records from USA. The compromised data reportedly includes card number, expiry, cvv2, full name, address, city, state, zip, country etc.
Date: 2026-03-03T05:22:10Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277351/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a237ca18-8b19-48a7-b707-788cad06154f.png
Threat Actors: twelvetech
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of 150 credit card records in Canada
Category: Data Breach
Content: Threat actor claims to be selling 150 credit card records in Canada. The compromised data reportedly includes card number, cvv, name, country, region etc.
Date: 2026-03-03T05:14:56Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277350/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5b6f38e7-acfc-473e-b9f8-b77b3659b311.png
Threat Actors: Forbs
Victim Country: Canada
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged unauthorized access to system in Israel
Category: Initial Access
Content: The group claims to have gained unauthorized access to system in Israel
Date: 2026-03-03T05:09:18Z
Network: telegram
Published URL: https://t.me/c/2337310341/364
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b95d9385-a814-4f8d-9777-d09e257f40ad.png
https://d34iuop8pidsy8.cloudfront.net/9a538038-f106-4d4d-bc4a-55a643e29151.png
Threat Actors: Evil Markhors -Dark Side of Pakistan Alliance
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of 120 credit card records
Category: Data Breach
Content: Threat actor claims to be selling 120 credit card records from Australia. The compromised data reportedly includes card number, expiry month, expiry year, cvv, fullname etc.
Date: 2026-03-03T05:08:47Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277349/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d59c3972-6da5-4bf5-8bf4-8f9b08b29e30.png
Threat Actors: badop69
Victim Country: Australia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - L4663R666H05T targets the website of MyList
Category: Defacement
Content: The group claims to have defaced the website of MyList
Date: 2026-03-03T04:46:56Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795516
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f3aca11-f421-4339-a287-c94bad1c2ad4.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: E-commerce & Online Stores
Victim Organization: mylist
Victim Site: mylist.sa - Alleged data breach of Elbit Systems
Category: Data Breach
Content: The group claims to have breached data from Elbit Systems. NB: The organization was previously breached on 1st January 2026
Date: 2026-03-03T04:46:09Z
Network: openweb
Published URL: https://x.com/VECERTRadar/status/2028605323041485303
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d6308a17-0d6b-4028-98b8-564cc0a3ba76.png
https://d34iuop8pidsy8.cloudfront.net/f58d0e88-dd19-4bb7-83c0-e7a91f337349.png
Threat Actors: Cyber Isnaad Front
Victim Country: Israel
Victim Industry: Defense & Space
Victim Organization: elbit systems
Victim Site: elbitsystems.com - L4663R666H05T targets the website of Sasura
Category: Defacement
Content: The group claims to have defaced the website of Sasura
Date: 2026-03-03T04:42:40Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795537
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e967c1f6-fb82-4fcd-8006-94926cc85509.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: E-commerce & Online Stores
Victim Organization: sasura
Victim Site: sasura.sa - L4663R666H05T targets the website of Roasting House
Category: Defacement
Content: The group claims to have defaced the website of Roasting House
Date: 2026-03-03T04:37:00Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795533
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/59e53ed9-3837-47e7-a17d-96cd9340aa10.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Food & Beverages
Victim Organization: roasting house
Victim Site: roastinghouse.sa - L4663R666H05T targets the website of ETLALA
Category: Defacement
Content: The group claims to have defaced the website of ETLALA.
Date: 2026-03-03T04:33:04Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795479
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3d3bb723-6b06-41fc-83a8-4c786dd4949a.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Textiles
Victim Organization: etlala
Victim Site: etlala.sa - L4663R666H05T targets the website of Nobles
Category: Defacement
Content: The group claims to have defaced the website of Nobles
Date: 2026-03-03T04:32:36Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795523
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cefb9968-fbd0-4fb9-994a-0f3bf28b6693.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: E-commerce & Online Stores
Victim Organization: nobles
Victim Site: nobles.com.sa - L4663R666H05T targets the website of ICTC
Category: Defacement
Content: The group claims to have defaced the website of ICTC.
Date: 2026-03-03T04:21:39Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795490
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bdbce403-7b64-4671-aa7f-f6e22c020dd6.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: Building and construction
Victim Organization: ictc
Victim Site: ictc.com.sa - Alleged Data Breach of WoFlow, Inc.
Category: Data Breach
Content: The threat post claims that WoFlow, Inc. has been compromised and that a massive dataset containing hundreds of millions of records has been exfiltrated. The dataset contains hundreds of millions of records has been exfiltrated.
Date: 2026-03-03T04:20:10Z
Network: tor
Published URL: http://toolatedhs5dtr2pv6h5kdraneak5gs3sxrecqhoufc5e45edior7mqd.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5aa3cb52-e8e6-4cf1-a684-211b08a87081.png
Threat Actors: ShinyHunters
Victim Country: USA
Victim Industry: Business and Economic Development
Victim Organization: woflow, inc.
Victim Site: woflow.com - L4663R666H05T targets the website of Green up
Category: Defacement
Content: The group claims to have defaced the website of Green up.
Date: 2026-03-03T04:11:26Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795485
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e2364809-bd52-4054-9e7b-e6af052cb90d.png
Threat Actors: L4663R666H05T
Victim Country: Saudi Arabia
Victim Industry: E-commerce & Online Stores
Victim Organization: green up
Victim Site: greenup.com.sa - Alleged Data Breach of Eholo Health
Category: Data Breach
Content: The threat actor claims to have breached the Eholo Health database. The dataset inlcludes over one million medical notes and more than 600,000 user records.
Date: 2026-03-03T04:03:37Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-eholo-health-Breach-Spain
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/42491121-c6bf-4fa8-a5ea-24144fb73f4f.png
Threat Actors: XP95
Victim Country: Spain
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: eholo health
Victim Site: eholo.health - Alleged Sale of notnullOSx – MacOSx RAT/Stealer
Category: Malware
Content: The threat actor advertises notnullOSx, a MacOS RAT/stealer allegedly featuring modular execution and web panel management. Claimed capabilities include browser data harvesting, Telegram data theft, system information collection, and builder-based deployment.
Date: 2026-03-03T03:57:42Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277421/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/08232dec-84c2-47a8-84e2-539024b9db91.png
https://d34iuop8pidsy8.cloudfront.net/d8b20c3d-b89e-434e-96da-a687e7196516.png
https://d34iuop8pidsy8.cloudfront.net/83cb02f5-072b-42a7-886a-c7e2efcc2ddf.png
https://d34iuop8pidsy8.cloudfront.net/8138539c-1c24-46e0-bb4b-b0af0da4bb0c.png
Threat Actors: not null
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Brute Forced Multiple Accesses
Category: Initial Access
Content: Threat actor claims to be auctioning approximately 10,000 brute-forced remote access credentials, including 5,315 RDP, 3,613 PPTP, 831 SSH, and 253 VNC accesses worldwide. The seller states the accesses are currently valid and obtained via brute-force methods.
Date: 2026-03-03T03:48:03Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277419/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/44246273-1a37-4013-a30e-7cd4eaabbefa.png
Threat Actors: Absence
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Unauthorized Root Access to Claude code website
Category: Initial Access
Content: The threat actor claims to be selling Unauthorized Root Access to Claude code website
Date: 2026-03-03T03:41:25Z
Network: openweb
Published URL: https://breachforums.as/Thread-ROOT-SHELL-Claude-code-website
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/66d2e260-e37c-4ea9-9e9c-9976a06c902a.png
Threat Actors: fluffyduck
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: claude code
Victim Site: Unknown - L4663R666H05T targets the website of Roadiez Passengers Transport
Category: Defacement
Content: The group claims to have defaced the website of Rodiez Passengers Transport.
Date: 2026-03-03T03:34:43Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41581658
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aeb5e9de-d55f-45df-b28a-66c32136d376.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Transportation & Logistics
Victim Organization: roadiez passengers transport
Victim Site: roadieztransport.ae - Nicotine targets the website of Maz Marine Services LLC
Category: Defacement
Content: The group claims to have defaced the website of Maz Marine Services LLC, UAE.
Date: 2026-03-03T03:30:05Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41581657
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/daf586d9-913a-4585-80dc-1e3144db22e8.png
Threat Actors: Nicotine
Victim Country: UAE
Victim Industry: Shipbuilding
Victim Organization: maz marine services llc
Victim Site: mazmarine.ae - L4663R666H05T targets the website of Greatdeals
Category: Defacement
Content: The group claims to have defaced the website of Greatdeals.
Date: 2026-03-03T03:25:39Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41581899?hz=1
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8d23e7a6-54b4-42e7-8297-b29d632e9e85.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Leisure & Travel
Victim Organization: greatdeals
Victim Site: greatdeals.ae - Alleged data leak of Fenerbahçe Spor Kulübü
Category: Data Breach
Content: Threat actor claims to have leaked data from Fenerbahçe Spor Kulübü.
Date: 2026-03-03T03:20:35Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277389/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1e098e6c-14ef-4fc7-a01b-d29086e6a16e.png
Threat Actors: anugod
Victim Country: Turkey
Victim Industry: Sports
Victim Organization: fenerbahçe spor kulübü
Victim Site: fenerbahce.org - Alleged Data Breach of Hospital General de Medellín
Category: Data Breach
Content: The threat actor claims to have breached the database of Hospital General de Medellín Luz Castro de Gutiérrez E.S.E. The dataset contains personally identifiable information (PII) and highly sensitive medical laboratory results.
Date: 2026-03-03T03:14:18Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-COLLAB-FREE-LEAK-Hospital-de-Medellin
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/550e7d6d-4243-4822-a15c-fb76475abe57.png
https://d34iuop8pidsy8.cloudfront.net/cad7f24c-ce87-499d-af5d-4093c852d879.png
Threat Actors: delitospenales
Victim Country: Colombia
Victim Industry: Hospital & Health Care
Victim Organization: hospital general de medellín luz castro de gutiérrez e.s.e.
Victim Site: hgm.gov.co - Alleged data breach of MTN Irancell
Category: Data Breach
Content: The threat actor claims to have leaked Irancell data associated with the 930–933 mobile number. The compromised dataset reportedly contains 296,248 records, including mobile numbers, first and last names, national ID numbers, addresses, and contact details.
Date: 2026-03-03T03:12:46Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Irancell-930-933-Database-leak
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fcc1292a-9606-4e59-b549-0557395625d3.png
Threat Actors: 0BITS
Victim Country: Iran
Victim Industry: Network & Telecommunications
Victim Organization: mtn irancell
Victim Site: irancell.ir - Hax.or targets the website of Be Healthy
Category: Defacement
Content: The group claims to have defaced the website of Be Healthy.
Date: 2026-03-03T02:57:40Z
Network: telegram
Published URL: https://t.me/ctifeeds/128513
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5a5f023f-f212-41b1-9f72-592e6eb13657.png
Threat Actors: Hax.or
Victim Country: UAE
Victim Industry: Health & Fitness
Victim Organization: be healthy
Victim Site: behealthydxb.com - Alleged Data breach of Universidad Surcolombiana
Category: Data Breach
Content: The threat actor claims to have leaked data from the Universidad Surcolombiana. The exposed data fields allegedly include Student ID, Name, Last name, Institutional email information.
Date: 2026-03-03T02:24:08Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-CO-USCO-EDU-CO
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/92a14e0b-5314-41a7-b16e-a3c5083e6a30.png
Threat Actors: NyxarGroup
Victim Country: Colombia
Victim Industry: Education
Victim Organization: universidad surcolombiana
Victim Site: usco.edu.co - BABAYO EROR SYSTEM targets the website of Jamnagar Ika Chori
Category: Defacement
Content: The group claims to have defaced the website of Jamnagar Ika Chori
Date: 2026-03-03T02:18:05Z
Network: telegram
Published URL: https://t.me/c/3716986899/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0f0f99aa-64ec-480a-83a2-7e4d08667ff2.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: India
Victim Industry: Media Production
Victim Organization: jamnagar ika chori
Victim Site: jamnagarikachori.com - BABAYO EROR SYSTEM targets the website of Mirha Tour and Travels
Category: Defacement
Content: The group claims to have defaced the website of Mirha Tour and Travels
Date: 2026-03-03T02:12:36Z
Network: telegram
Published URL: https://t.me/c/3716986899/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/37b56029-6a8e-4b2b-9c7e-34dcd2d4462d.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: mirha tour and travels
Victim Site: mirhatourandtravels.com - White System./404 targets the website of gcmi.gov.iq
Category: Defacement
Content: The group claims to have defaced the website of gcmi.gov.iq
Date: 2026-03-03T01:57:14Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41582255
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1aaba135-1602-4d4f-8b2e-170e97b3dc46.png
Threat Actors: White System./404
Victim Country: Iraq
Victim Industry: Government Administration
Victim Organization: gcmi
Victim Site: gcmi.gov.iq - Alleged data breach of Crédit Mutuel
Category: Data Breach
Content: The threat actor claims to have breached the database containing over 130,930 records from Crédit Mutuel. The alleged leak includes sensitive personal and financial information such as full names, addresses, dates of birth, bank account details, IBANs, and other banking information.
Date: 2026-03-03T01:56:33Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-FR-Cr%C3%A9dit-Mutuel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f047363b-9e4d-419a-947c-9afa38ab31ec.png
Threat Actors: arpanetmdr
Victim Country: France
Victim Industry: Financial Services
Victim Organization: crédit mutuel
Victim Site: creditmutuel.com - Hax.or targets the website of Ascea Vacanze
Category: Defacement
Content: The group claims to have defaced the website of Ascea Vacanze
Date: 2026-03-03T01:31:36Z
Network: telegram
Published URL: https://t.me/ctifeeds/128528
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/37c98223-3dba-41dc-81e6-9ad9a0057aa9.png
Threat Actors: Hax.or
Victim Country: Italy
Victim Industry: Leisure & Travel
Victim Organization: ascea vacanze
Victim Site: asceavacanze.com - BABAYO EROR SYSTEM targets the website of hotelshreejivatikasurat.com
Category: Defacement
Content: The group claims to have defaced the website of hotelshreejivatikasurat.com
Date: 2026-03-03T01:12:01Z
Network: telegram
Published URL: https://t.me/c/3716986899/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/135c3a25-9511-4a5f-a74a-ddec0e80c211.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: Unknown
Victim Site: hotelshreejivatikasurat.com - BABAYO EROR SYSTEM targets the website of Acronics Electric Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Acronics Electric Private Limited
Date: 2026-03-03T00:53:49Z
Network: telegram
Published URL: https://t.me/c/3716986899/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/73b8de20-6afd-408a-83ea-fde10cbd626e.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: India
Victim Industry: Electrical & Electronic Manufacturing
Victim Organization: acronics electric private limited
Victim Site: acronicselectric.com - BABAYO EROR SYSTEM targets the website of chitrakalaprints.com
Category: Defacement
Content: The group claims to have defaced the website of chitrakalaprints.com
Date: 2026-03-03T00:47:37Z
Network: telegram
Published URL: https://t.me/c/3716986899/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/775d59fd-8ce0-4fae-8bbe-ba00cdee2d92.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: chitrakalaprints.com - 313 Team claims to target Israel
Category: Alert
Content: A recent post by the group indicates that they targeting and disabling Rafaels servers operating the Iron Dome and the servers of the Israel
Date: 2026-03-03T00:21:04Z
Network: telegram
Published URL: https://t.me/xX313XxTeam/619
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dade9a7e-949e-46e9-9a72-2332e78fd9cb.png
Threat Actors: 313 Team
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown