[March-15-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

This report details a series of recent cyber incidents, providing key information for each event, strictly based on the provided data. The provided data draft encompasses a 24-hour snapshot of global cyber threat activity recorded on March 15, 2026. The data encompasses 70 distinct security events ranging from rudimentary website defacements to critical infrastructure compromise and high-volume data breaches.

Threat activity spanned multiple vectors, including initial access brokering on the open web, coordinate defacement campaigns advertised on Telegram, and targeted data breaches against the biotechnology, government, and education sectors. The threat landscape demonstrates a high level of geographic and industry diversification, indicating that both opportunistic attacks and highly targeted campaigns were actively executed by varying threat actor groups.

2. Threat Actor Profiling

The analyzed data reveals the involvement of several distinct threat actor groups and individuals, varying from politically motivated defacement groups to financially driven initial access brokers.

2.1 Highly Active Defacement Groups

Several groups demonstrated high operational tempo, primarily focusing on website defacements.

  • BABAYO EROR SYSTEM: This was the most prolific actor in the dataset, claiming responsibility for numerous website defacements. Their targets were globally distributed and included IT services, retail, non-profits, and gambling sites across countries like Bangladesh, Nepal, Germany, Malaysia, and Nigeria.
  • Hax.or: This group targeted multiple websites for defacement, focusing heavily on regions like Nigeria, Brazil, Mexico, and Indonesia. Targeted industries included IT services, health & fitness, construction, and journalism.
  • SNR INTEL: This actor engaged in both defacements and the leaking of vulnerabilities. They targeted educational and government institutions in the USA, Sri Lanka, Philippines, and Indonesia, alongside leaking SQL injection vulnerabilities.

2.2 Initial Access Brokers (IABs)

Financially motivated actors were observed selling network and administrative access to corporate environments.

  • citizenfour: This actor specialized in selling unauthorized access to compromised WordPress-based online shops. Their listings highlighted the platforms’ credit card processing capabilities and integrations (such as Stripe and Authorize.Net), explicitly suggesting the infrastructure could be used for fraudulent transactions utilizing stolen credit card data.
  • Big-Bro: This actor claimed to sell unauthorized SonicWall VPN access to organizations in the building and construction sector. One listing noted the inclusion of valid domain user credentials to allow entry into the corporate environment.
  • Anon-WMG: This actor claimed to sell admin-level access via an FTP server to a US manufacturing company, reportedly containing roughly 126 GB of data and 8,569 files.

2.3 Sector-Specific and High-Profile Actors

  • CoinbaseCartel: This group executed a highly targeted data breach campaign exclusively focused on the biotechnology and financial services sectors. They utilized the Tor network to publish breaches impacting companies in China, the USA, and Germany, including Novogene, AUGenomics, and nChroma Bio.
  • Whale Market: This actor claimed major data leaks targeting Iranian state infrastructure, specifically the Ministry of Cooperatives Labour and Social Welfare and an Iranian Nuclear database.
  • Anonymous For Justice: Operating as a politically motivated group, they issued alerts and claimed attacks specifically targeting Israeli infrastructure, food, and accounting organizations.

3. Incident Category Analysis

The events recorded on March 15, 2026, can be classified into distinct cybersecurity incident categories.

3.1 Data Breaches

Data breaches formed a significant portion of the critical incidents, exposing large volumes of personally identifiable information (PII) and corporate data.

  • Educational Institutions: The Universidad Tecnológica del Centro de Veracruz (Mexico) suffered a breach allegedly exposing full names, home addresses, dates of birth, CURP (National ID), financial assistance information, and academic program details. Universitas Pendidikan Indonesia reportedly had 145,000 records leaked, including Student IDs, National IDs, phone numbers, and graduation years.
  • Corporate and B2B Data: The threat actor SudoDragon claimed to leak 10,000 records from ReachIQ, an AI-based sales platform, containing first and last names, direct phone numbers, employee counts, and annual revenue. Another breach linked to “CloudBerry ULP” allegedly offered 346,000 fresh URL-login-password combinations. Additionally, 827 GB of confidential data related to electronic oil systems and operations was reportedly breached from Oman-based CC Energy by “Nasir Security”.
  • Financial & Legal Sectors: A dataset belonging to UK law firms was reportedly breached by “betway”, containing over 146,000 records including National Insurance numbers, dates of birth, and residential addresses. Furthermore, SudoDragon alleged the leak of 45 MB of data belonging to Indian credit card holders.

3.2 Initial Access and Network Compromise

Threat actors actively commodified compromised networks and administrative panels on forums.

  • E-commerce Exploitation: Access to multiple regional WordPress e-commerce sites (US, New Zealand, Australia) was sold by “citizenfour”. Another actor, “Saiwer”, claimed to sell access to approximately 175 separate WordPress admin (wp-admin) panels.
  • Critical Infrastructure Systems: The group “Z-PENTEST ALLIANCE” claimed unauthorized access to the industrial automation system of a greenhouse in Romania. The actors claimed to gain control over climate control, heating, ventilation, and the main motor’s VFD. This allowed them to manipulate motor speed, trigger motor overloads, and set extreme temperatures via the HMI interface. Similarly, the group “We are MONARCH” alleged unauthorized access to an Israeli Air Defense Battle Management & Control (BMC) terminal linked to the Iron Dome system.

3.3 Defacements

Website defacements were the most frequent attack type, primarily utilizing Telegram as a publication platform.

  • These attacks were largely opportunistic, impacting a wide variety of sectors including non-profits (LoveForHumanity) , cosmetics (Avaya Glow) , financial services (VKA Wealth Planners) , and news organizations (Kabarsukowati).

4. Geographic and Industry Distribution

4.1 Victimology by Country

The threat actors targeted a highly distributed set of countries. Based on the provided data, the primary affected nations include:

  • United States: Targeted for e-commerce initial access, manufacturing network access, education defacement, and biotechnology data breaches.
  • Indonesia: Targeted heavily for educational data breaches (UPI), telecommunications (Indosat), and SQL injection vulnerabilities by multiple actors.
  • Israel: Faced targeted attacks against air defense systems, national security studies (INSS), and accounting firms, primarily driven by politically motivated groups like Anonymous For Justice and Handala Hack.
  • Other Notable Targets: Breaches and defacements occurred across Mexico , the United Kingdom , Iran , Nigeria , Bangladesh , Romania , Oman , China , and Germany.

4.2 Victimology by Industry

  • Education: Frequently targeted for high-volume PII data breaches and defacements (e.g., UPI, Universidad Tecnológica del Centro de Veracruz, Schools Division of Marinduque, Republic of the Philippines Department of Education).
  • Biotechnology: Systematically targeted by the “CoinbaseCartel” group, compromising entities like Novogene, AUGenomics, nChroma Bio, and Neochromosome.
  • Government & Public Sector: High-value targets included the Oyo State Ministry of Commerce (Nigeria), Badulla Divisional Secretariat (Sri Lanka), and the Ministry of Cooperatives Labour and Social Welfare (Iran).
  • Building & Construction: Specific targets of VPN credential compromise by the actor “Big-Bro” , as well as defacement targets like Balaji Carpentry LLC.
  • E-commerce & Retail: A prime target for Initial Access Brokers looking to monetize payment infrastructure vulnerabilities via Stripe and Authorize.Net.

5. Conclusion

The threat intelligence snapshot from March 15, 2026, illustrates a dynamic and multi-faceted cyber threat landscape.

The most concerning trends include the active commodification of e-commerce payment infrastructure by initial access brokers like “citizenfour”, who explicitly market compromised stores to facilitate credit card fraud. Furthermore, the targeted targeting of critical infrastructure—such as the manipulation of industrial HMI and VFD systems in a Romanian facility and the alleged access to Israeli Air Defense terminals —highlights severe kinetic risks stemming from poor digital perimeters. Finally, the strategic focus by “CoinbaseCartel” on the global biotechnology sector indicates a deliberate effort to extract highly sensitive intellectual property or proprietary genomic data. Organizations must prioritize securing VPN access, patching web-facing administrative panels, and auditing third-party payment integrations to defend against these prominent attack vectors.

Detected Incidents Draft Data

  1. Alleged Data breach of Universitas Pendidikan Indonesia
    Category: Data Breach
    Content: Threat actor claims to be leaked data from Universitas Pendidikan Indonesia. The compromised data reportedly contains 145,00 records including created_at, updated_at, Student ID numbers, Student names, Phone numbers, Email addresses, Graduation year, National ID and much more information.
    Date: 2026-03-15T23:42:21Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-DATABASE-UPI-INDONESIAN-EDUCATIONAL-UNIVERSITY–68872
    Screenshots:
    None
    Threat Actors: YUKA
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: universitas pendidikan indonesia
    Victim Site: upi.edu
  2. Alleged sale of unauthorized Sonic VPN access to unidentified construction company in USA
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized Sonic VPN access to an unidentified construction company in USA.
    Date: 2026-03-15T23:20:20Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278366/
    Screenshots:
    None
    Threat Actors: Big-Bro
    Victim Country: USA
    Victim Industry: Building and construction
    Victim Organization: Unknown
    Victim Site: Unknown
  3. Alleged sale of compromised U.S. WordPress merchant account linked to Authorize.Net
    Category: Initial Access
    Content: Threat actor claims to be selling access to a compromised U.S.-based WordPress shop with a merchant account connected to Authorize.Net, allegedly capable of processing 150–200 credit card transactions per month.
    Date: 2026-03-15T23:13:17Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278376/
    Screenshots:
    None
    Threat Actors: citizenfour
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  4. Alleged Data Breach of The Oyo State Ministry of Trade, Industry, Investment and Co-operatives
    Category: Data Breach
    Content: The group claims to have accessed the database of The Oyo State Ministry of Trade, Industry, Investment and Co-operatives.
    Date: 2026-03-15T22:21:06Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/19
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Nigeria
    Victim Industry: Government & Public Sector
    Victim Organization: the oyo state ministry of trade, industry, investment and co-operatives
    Victim Site: oyostatecommerce.com.ng
  5. BABAYO EROR SYSTEM targets the website of Daily Commerz
    Category: Defacement
    Content: The group claims to have defaced the website of Daily Commerz.
    Date: 2026-03-15T22:15:01Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/224
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Bangladesh
    Victim Industry: E-commerce & Online Stores
    Victim Organization: daily commerz
    Victim Site: dailycommerz.com
  6. BABAYO EROR SYSTEM targets the website of Hamro Online Store
    Category: Defacement
    Content: The group claims to have defaced the website of Hamro Online Store.
    Date: 2026-03-15T21:59:04Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/224
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Nepal
    Victim Industry: Retail Industry
    Victim Organization: hamro online store
    Victim Site: hamroonlinestore.com
  7. BABAYO EROR SYSTEM targets the website of 1Internet
    Category: Defacement
    Content: The group claims to have defaced the website of 1Internet.
    Date: 2026-03-15T21:56:35Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/224
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Germany
    Victim Industry: Information Technology (IT) Services
    Victim Organization: 1internet
    Victim Site: 1internet.eu
  8. SNR INTEL targets the website of Cicero Books, LLC
    Category: Defacement
    Content: The group claims to have defaced the website of Cicero Books, LLC.
    Date: 2026-03-15T20:23:45Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/21
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: USA
    Victim Industry: Education
    Victim Organization: cicero books, llc
    Victim Site: cicerobook.com
  9. Alleged Leak of ReachIQ Worldwide B2B Users Database
    Category: Data Breach
    Content: The threat actor claims to have leaked a database associated with ReachIQ, an AI-based sales and marketing automation platform. The dataset allegedly contains 10,000 records of worldwide B2B users, with email addresses sorted. According to the post, the exposed data may include first and last names, job titles, company names, email addresses, direct phone numbers, corporate phone numbers, employee counts, industry details, LinkedIn profiles, company websites, social media links, company addresses, annual revenue, and last update timestamps.
    Date: 2026-03-15T20:12:16Z
    Network: openweb
    Published URL: https://darknetarmy.io/threads/10-000-reachiq-net-worldwide-b2b-users-database-email-address-sorted.98925/
    Screenshots:
    None
    Threat Actors: SudoDragon
    Victim Country: Unknown
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: Unknown
    Victim Site: Unknown
  10. SNR INTEL targets the website of Badulla Divisional Secretariat
    Category: Defacement
    Content: The group claims to have defaced the website ofBadulla Divisional Secretariat.
    Date: 2026-03-15T20:12:00Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/20
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Sri Lanka
    Victim Industry: Government Administration
    Victim Organization: badulla divisional secretariat
    Victim Site: divisecbadulla.com
  11. SNR INTEL targets the website of Schools Division of Marinduque
    Category: Defacement
    Content: The group claims to have defaced the website of Schools Division of Marinduque,
    Date: 2026-03-15T20:04:24Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/22
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Philippines
    Victim Industry: Education
    Victim Organization: schools division of marinduque
    Victim Site: depedmarinduque.com/index.php/admin-login/
  12. Alleged unauthorized access to Israeli Air Defense BMC Terminal
    Category: Initial Access
    Content: The group claims to have accessed an Israeli Air Defense Battle Management & Control (BMC) terminal associated with the Iron Dome system.
    Date: 2026-03-15T19:45:20Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/371
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  13. Alleged data breach of CC Energy
    Category: Data Breach
    Content: The threat actor claims to have breached 827 GB of confidential data from CC Energy, reportedly including sensitive information related to the company’s electronic oil systems and operational infrastructure.
    Date: 2026-03-15T18:41:57Z
    Network: openweb
    Published URL: http://nasir.cc/pages/oman-cced.html
    Screenshots:
    None
    Threat Actors: Nasir Security
    Victim Country: Oman
    Victim Industry: Oil & Gas
    Victim Organization: cc energy
    Victim Site: ccenergyltd.com
  14. Alleged Sale of Unauthorized Access to a US Manufacturing Company Network
    Category: Initial Access
    Content: Threat actor claims to be selling admin-level access to a corporate server of a manufacturing organization in the United States. The access is reportedly provided via an FTP admin server, containing approximately 126 GB of data and 8,569 files, with the system running Windows and protected by Windows Defender.
    Date: 2026-03-15T18:18:48Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278384/
    Screenshots:
    None
    Threat Actors: Anon-WMG
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  15. Alleged Sale of Unauthorized Access to 175 WordPress Admin Panels
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to approximately 175 WordPress admin wp-admin panels, reportedly associated with websites generating around 1,000 visitors in traffic.
    Date: 2026-03-15T18:17:37Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278382/
    Screenshots:
    None
    Threat Actors: Saiwer
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  16. Tirz4sec targets the website of STV
    Category: Defacement
    Content: The group claims to have defaced the website of STV.
    Date: 2026-03-15T18:13:22Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/810185
    Screenshots:
    None
    Threat Actors: Tirz4sec
    Victim Country: Venezuela
    Victim Industry: Network & Telecommunications
    Victim Organization: stv
    Victim Site: curriculum.stv.com.ve
  17. Alleged Leak of UK Law Firms & Legal Services Database
    Category: Data Breach
    Content: The threat actor claims to have breached organizations associated with law firms and legal services in the United Kingdom (UK) and is offering the extracted data for sale. The leaked dataset reportedly contains over 146,000 records of user information. According to the sample provided, the exposed data may include full names, dates of birth, phone numbers, email addresses, residential addresses, postal codes, city information, and national insurance numbers.
    Date: 2026-03-15T18:06:17Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278380/
    Screenshots:
    None
    Threat Actors: betway
    Victim Country: UK
    Victim Industry: Law Practice & Law Firms
    Victim Organization: Unknown
    Victim Site: Unknown
  18. Alleged unauthorized access to an unidentified Industrial Automation System of a Greenhouse in Romania
    Category: Initial Access
    Content: The group claims to have accessed a greenhouse’s industrial automation system in Romania, gaining control over climate control, heating, ventilation, and the main motor’s VFD. This access allows them to manipulate motor direction and speed, force stops or shutdowns, adjust ventilation programs and temperature setpoints, modify power levels and operation cycles, and use the HMI interface to start or stop equipment, trigger motor overloads, and set extreme temperatures.
    Date: 2026-03-15T17:11:31Z
    Network: telegram
    Published URL: https://t.me/c/3792806777/18
    Screenshots:
    None
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Romania
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  19. Alleged Sale of Unauthorized Access to a US WordPress-Based Shop
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to a US-based WordPress shop allegedly capable of processing approximately 70–90 credit card transactions per month. The listing suggests the shop infrastructure could be used to process payment card transactions, potentially enabling fraudulent purchases using stolen credit card data.
    Date: 2026-03-15T16:56:17Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278374/
    Screenshots:
    None
    Threat Actors: citizenfour
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  20. Alleged Sale of Unauthorized Access to a New Zealand WordPress-Based Shop
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to a New Zealand-based WordPress shop allegedly capable of processing around 250–300 credit card transactions, with approximately 850 cards processed within three months. The listing mentions Stripe merchant integration, which could enable fraudulent transactions using stolen payment card data.
    Date: 2026-03-15T16:23:40Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278372/
    Screenshots:
    None
    Threat Actors: citizenfour
    Victim Country: New Zealand
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  21. Alleged Data Leak of Indian Credit Card Holders Data
    Category: Data Breach
    Content: The threat actor claims to have leaked a database containing information related to Indian credit card holders, allegedly totaling over 45 MB of data. The exposed dataset reportedly includes sensitive details such as customer names, dates of birth, phone numbers, city/location information, card types, and other associated banking or application-related details.
    Date: 2026-03-15T15:49:18Z
    Network: openweb
    Published URL: https://darknetarmy.io/threads/indian-credit-card-holders-45-mb-leaked.99011/
    Screenshots:
    None
    Threat Actors: SudoDragon
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  22. Alleged Sale of Unauthorized Access to an Australian WordPress-Based Shop
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to an Australian WordPress-based shop allegedly capable of processing approximately 2,000 credit card transactions per month. The listing indicates the presence of Stripe merchant integration and a checkout form, which could enable fraudulent transactions using stolen payment card data.
    Date: 2026-03-15T15:36:45Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278367/
    Screenshots:
    None
    Threat Actors: citizenfour
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  23. Alleged Sale of Construction Company Network Access
    Category: Initial Access
    Content: Threat actor claims to be auctioning unauthorized access to a construction sector organizations internal network through SonicWall VPN. The listing indicates that the access includes valid domain user credentials, potentially allowing entry into the corporate environment.
    Date: 2026-03-15T15:30:13Z
    Network: openweb
    Published URL: http://185.206.215.219/forums/5/
    Screenshots:
    None
    Threat Actors: Big-Bro
    Victim Country: Unknown
    Victim Industry: Building and construction
    Victim Organization: Unknown
    Victim Site: Unknown
  24. Alleged Leak of URL-Login-Password Database Linked to CloudBerry ULP
    Category: Data Breach
    Content: The threat actor claims to be offering approximately 346,000 fresh URL-login-password combinations allegedly sourced from a “CloudBerry ULP” dataset dated 14 March 2026.
    Date: 2026-03-15T14:20:13Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-URL-LOGIN-PASS-14-03-26-Daily-Free-Lines-346-000-Fresh-Cloudberry-ULP
    Screenshots:
    None
    Threat Actors: 6666666666666666
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  25. Alleged sale of webshell access to Graphixals
    Category: Initial Access
    Content: The group claims to be selling web shell access to Graphixals.
    Date: 2026-03-15T14:10:19Z
    Network: telegram
    Published URL: https://t.me/nullsechackers/854
    Screenshots:
    None
    Threat Actors: Nullsec Philippines
    Victim Country: Pakistan
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: graphixals
    Victim Site: graphixals.com
  26. Alleged sale of unauthorized access to Peak Neuro
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized access to PeakNeuro, the website’s dashboard exposed user data: names, usernames, emails, license keys, and account status records.
    Date: 2026-03-15T14:07:00Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-USA-peakneuro-com-technology-and-neuroscience-company
    Screenshots:
    None
    Threat Actors: blackwinter99
    Victim Country: USA
    Victim Industry: Hospital & Health Care
    Victim Organization: peak neuro
    Victim Site: peakneuro.com
  27. Alleged data breach of Universidad Tecnológica del Centro de Veracruz
    Category: Data Breach
    Content: The threat actor claims to have obtained a database belonging to the Universidad Tecnológica del Centro de Veracruz (Mexico). The leaked data allegedly includes personally identifiable information such as full names, paternal and maternal surnames, phone numbers, personal email addresses, dates of birth, home addresses, age, CURP (Mexican national ID), academic program details, disability status, financial assistance information, and other sensitive records.
    Date: 2026-03-15T13:43:45Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-M%C3%89XICO-UNIVERSIDAD-TECNOLOGICA-DEL-CENTRO-DE-VERACRUZ
    Screenshots:
    None
    Threat Actors: SpeakTeam
    Victim Country: Mexico
    Victim Industry: Education
    Victim Organization: universidad tecnológica del centro de veracruz
    Victim Site: utcv.edu.mx
  28. BABAYO EROR SYSTEM targets the website of LoveForHumanity
    Category: Defacement
    Content: The group claims to have defaced the website of LoveForHumanity.
    Date: 2026-03-15T13:16:25Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/219
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: loveforhumanity
    Victim Site: loveforhumanitygh.com
  29. Anonymous For Justice claims to target Israel
    Category: Alert
    Content: A recent post by the group indicates that they will continue the attack on Israel’s infrastructure.
    Date: 2026-03-15T13:10:28Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/33
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  30. BABAYO EROR SYSTEM targets the website of Dhaka solution
    Category: Defacement
    Content: The group claims to have defaced the website of Dhaka solution.
    Date: 2026-03-15T13:06:46Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/219
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Bangladesh
    Victim Industry: Information Technology (IT) Services
    Victim Organization: dhaka solution
    Victim Site: dhakasolution.com
  31. BABAYO EROR SYSTEM targets the website of rival.8th-cgen.com
    Category: Defacement
    Content: The group claims to have defaced the website of rival.8th-cgen.com
    Date: 2026-03-15T13:05:40Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/219
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: rival.8th-cgen.com
  32. BABAYO EROR SYSTEM targets the website of treescapepower.com.amgmarketingnow.com
    Category: Defacement
    Content: The group claims to have defaced the website of treescapepower.com.amgmarketingnow.com
    Date: 2026-03-15T13:03:08Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/219
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: treescapepower.com.amgmarketingnow.com
  33. INDOHAXSEC targets the website of VKA Wealth Planners
    Category: Defacement
    Content: The group claims to have defaced the website of VKA Wealth Planners.
    Date: 2026-03-15T12:26:08Z
    Network: telegram
    Published URL: https://t.me/IndoHaxSec3/74
    Screenshots:
    None
    Threat Actors: INDOHAXSEC
    Victim Country: Malaysia
    Victim Industry: Financial Services
    Victim Organization: vka wealth planners
    Victim Site: vka.com.my
  34. Alleged Leak of SQL Injection Vulnerability in SMAN 1 Sumedang
    Category: Vulnerability
    Content: The group claims to have leaked SQL Injection vulnerability in SMAN 1 Sumedang.
    Date: 2026-03-15T12:16:55Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/18
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: sman 1 sumedang
    Victim Site: smanegeri1sumedang.sch.id
  35. Alleged Leak of SQL Injection Vulnerability in PT Omni Inovasi Indonesia
    Category: Vulnerability
    Content: The group claims to have leaked SQL Injection vulnerability in PT Omni Inovasi Indonesia.
    Date: 2026-03-15T11:39:51Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/17
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Indonesia
    Victim Industry: Business and Economic Development
    Victim Organization: pt omni inovasi indonesia
    Victim Site: omniinovasiindonesia.co.id
  36. Alleged leak of Indosat phone number database
    Category: Data Breach
    Content: The group claims to have leaked phone number database from Indosat.
    Date: 2026-03-15T11:28:31Z
    Network: telegram
    Published URL: https://t.me/c/3895337347/15
    Screenshots:
    None
    Threat Actors: SNR INTEL
    Victim Country: Indonesia
    Victim Industry: Network & Telecommunications
    Victim Organization: indosat
    Victim Site: Unknown
  37. Hax.or targets the website of Bestaf Technologies
    Category: Defacement
    Content: The group claims to have defaced the website of Bestaf Technologies
    Date: 2026-03-15T10:51:11Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129189
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Nigeria
    Victim Industry: Information Technology (IT) Services
    Victim Organization: bestaf technologies
    Victim Site: bestaftechnologies.com
  38. Alleged cyberattack on Balaji Carpentry LLC
    Category: Cyber Attack
    Content: Threat actors claim to have carried out a cyberattack on Balaji Carpentry LLC, asserting that they gained unauthorized access to the company’s website and defaced its public interface.
    Date: 2026-03-15T10:49:43Z
    Network: telegram
    Published URL: https://t.me/teambcs404/353
    Screenshots:
    None
    Threat Actors: Team Bangladesh cyber squad
    Victim Country: UAE
    Victim Industry: Building and construction
    Victim Organization: balaji carpentry llc
    Victim Site: balajicarpentry.com
  39. Hax.or targets the website of Avaya Glow
    Category: Defacement
    Content: The group claims to have defaced the website of Avaya Glow.
    Date: 2026-03-15T10:49:09Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129190
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Unknown
    Victim Industry: Cosmetics
    Victim Organization: avaya glow
    Victim Site: avayaglow.co
  40. Hax.or targets the website of Synergy Fit
    Category: Defacement
    Content: The group claims to have defaced the website of Synergy Fit.
    Date: 2026-03-15T10:48:28Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129188
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Brazil
    Victim Industry: Health & Fitness
    Victim Organization: synergy fit
    Victim Site: synergyfit.com.br
  41. Hax.or targets the website of Veta Vertical
    Category: Defacement
    Content: The group claims to have defaced the website of Veta Vertical.
    Date: 2026-03-15T10:42:30Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129187
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Mexico
    Victim Industry: Building and construction
    Victim Organization: veta vertical
    Victim Site: vetavertical.com.mx
  42. Hax.or targets the website of rfau.com.br
    Category: Defacement
    Content: The group claims to have defaced the website of rfau.com.br.
    Date: 2026-03-15T10:35:41Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129191
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Brazil
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: rfau.com.br
  43. Alleged data breach of Institute for National Security Studies (INSS)
    Category: Data Breach
    Content: The group claims to have breached data from Institute for National Security Studies (INSS).
    Date: 2026-03-15T09:53:46Z
    Network: telegram
    Published URL: https://t.me/HANDALA_HPR2/82
    Screenshots:
    None
    Threat Actors: Handala Hack
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: institute for national security studies (inss)
    Victim Site: inss.org.il
  44. BABAYO EROR SYSTEM targets the website of nine.mabtech.ro
    Category: Defacement
    Content: The group claims to have defaced the website of nine.mabtech.ro.
    Date: 2026-03-15T09:36:39Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/215
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: nine.mabtech.ro
  45. Alleged data breach of The William Louis-Dreyfus Foundation
    Category: Data Breach
    Content: The group claims to have defaced and breached the data of The William Louis-Dreyfus Foundation.
    Date: 2026-03-15T09:33:18Z
    Network: telegram
    Published URL: https://t.me/tegalcyberteamch/250
    Screenshots:
    None
    Threat Actors: TEGAL CYBER TEAM
    Victim Country: USA
    Victim Industry: Museums & Institutions
    Victim Organization: the william louis-dreyfus foundation
    Victim Site: wldfoundation.org
  46. Alleged data breach of the Republic of the Philippines Department of Education
    Category: Data Breach
    Content: Threat actors claim to have breached internal systems of the Republic of the Philippines Department of Education, allegedly obtaining sensitive department-managed records.
    Date: 2026-03-15T09:31:24Z
    Network: openweb
    Published URL: https://x.com/cyb_r21643/status/2033106384284221453
    Screenshots:
    None
    Threat Actors: LunarisSec
    Victim Country: Philippines
    Victim Industry: Government Administration
    Victim Organization: republic of the philippines department of education
    Victim Site: deped.gov.ph
  47. BABAYO EROR SYSTEM targets the website of greenleafbd.com.dhakasolution.com
    Category: Defacement
    Content: The group claims to have defaced the website of greenleafbd.com.dhakasolution.com
    Date: 2026-03-15T09:17:58Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/214
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: greenleafbd.com.dhakasolution.com
  48. Hax.or targets the website of sowangubug
    Category: Defacement
    Content: The group claims to have defaced the website of sowangubug.
    Date: 2026-03-15T09:14:26Z
    Network: telegram
    Published URL: http://t.me/ctifeeds/129186
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Indonesia
    Victim Industry: Government & Public Sector
    Victim Organization: sowangubug
    Victim Site: sowangubug.com
  49. Hax.or targets the website of Kabarsukowati
    Category: Defacement
    Content: The group claims to have defaced the website of Kabarsukowati
    Date: 2026-03-15T09:10:31Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129185
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Indonesia
    Victim Industry: Newspapers & Journalism
    Victim Organization: kabarsukowati
    Victim Site: kabarsukowati.id
  50. Alleged cyberattack on Yahowa Canadian Immigration Inc
    Category: Cyber Attack
    Content: Threat actors claim to have carried out a cyberattack on Yahowa Canadian Immigration Inc, asserting that they gained unauthorized access to the company’s website and defaced its public interface.
    Date: 2026-03-15T09:09:32Z
    Network: telegram
    Published URL: https://t.me/teambcs404/353
    Screenshots:
    None
    Threat Actors: Team Bangladesh cyber squad
    Victim Country: Canada
    Victim Industry: Legal Services
    Victim Organization: yahowa canadian immigration inc
    Victim Site: ycimmigration.ca
  51. Alleged cyberattack on Veta Vertical
    Category: Cyber Attack
    Content: Threat actors claim to have carried out a cyberattack on Veta Vertical, asserting that they gained unauthorized access to the company’s website and defaced its public interface.
    Date: 2026-03-15T08:53:56Z
    Network: telegram
    Published URL: https://t.me/teambcs404/353
    Screenshots:
    None
    Threat Actors: Team Bangladesh cyber squad
    Victim Country: Mexico
    Victim Industry: Building and construction
    Victim Organization: veta vertical
    Victim Site: vetavertical.com.mx
  52. BABAYO EROR SYSTEM targets the website of RUPOMEHSAN
    Category: Defacement
    Content: The group claims to have defaced the website of RUPOMEHSAN.
    Date: 2026-03-15T08:43:36Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/213
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Bangladesh
    Victim Industry: Unknown
    Victim Organization: rupomehsan
    Victim Site: developer.mca-edu.com
  53. BABAYO EROR SYSTEM targets the website of wellous.trisquare.com.my
    Category: Defacement
    Content: The group claims to have defaced the website of wellous.trisquare.com.my.
    Date: 2026-03-15T08:40:47Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/213
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Malaysia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: wellous.trisquare.com.my
  54. Alleged data breach of Gutman Harari
    Category: Data Breach
    Content: The group claims to have deleted data from Gutman Harari.
    Date: 2026-03-15T08:35:32Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/32
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Accounting
    Victim Organization: gutman harari
    Victim Site: Unknown
  55. BABAYO EROR SYSTEM targets the website of favour.name.ng
    Category: Defacement
    Content: The group claims to have defaced the website of favour.name.ng.
    Date: 2026-03-15T08:02:04Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/213
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Nigeria
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: favour.name.ng
  56. Alleged data leak of NSO Group
    Category: Data Breach
    Content: The threat actor claims to have leaked personal and account-related information allegedly linked to an individual associated with NSO Group. The dataset is said to include categories such as contact details, usernames, email addresses, and other sensitive identifiers.
    Date: 2026-03-15T07:12:45Z
    Network: telegram
    Published URL: https://t.me/Akatsukiyberteam/740
    Screenshots:
    None
    Threat Actors: Akatsuki cyber team (official)
    Victim Country: Israel
    Victim Industry: Information Technology (IT) Services
    Victim Organization: nso group
    Victim Site: nsogroup.com
  57. InDoM1nus Team targets the website of Kabarsukowati
    Category: Defacement
    Content: The group claims to have defaced the website of Kabarsukowati.
    Date: 2026-03-15T07:02:36Z
    Network: telegram
    Published URL: https://t.me/InDoM1nusTe4m/108
    Screenshots:
    None
    Threat Actors: InDoM1nus Team
    Victim Country: Indonesia
    Victim Industry: Newspapers & Journalism
    Victim Organization: kabarsukowati
    Victim Site: kabarsukowati.id
  58. Alleged Sale of HQ Email Account Access
    Category: Initial Access
    Content: The threat actor claims to be selling bulk access to compromised email accounts.
    Date: 2026-03-15T05:59:44Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-HQ-Email-Account-Access
    Screenshots:
    None
    Threat Actors: TraffikGen
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  59. maulnism1337 claims to target unidentified shopping website in Israel
    Category: Alert
    Content: A recent post by the group indicates that they are targeting unidentified shopping website in Israel.
    Date: 2026-03-15T05:41:09Z
    Network: telegram
    Published URL: https://t.me/maul1337anon/1279
    Screenshots:
    None
    Threat Actors: maulnism1337
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  60. Alleged data breach of Ministry of Cooperatives Labour and Social Welfare
    Category: Data Breach
    Content: The threat claims to be leaked data from Ministry of Cooperatives Labour and Social Welfare
    Date: 2026-03-15T05:39:35Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1168
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: Iran
    Victim Industry: Government Administration
    Victim Organization: ministry of cooperatives labour and social welfare
    Victim Site: mcls.gov.ir
  61. Alleged data leak of Iranian Nuclear Data base
    Category: Data Breach
    Content: The group claims to have leaked data from Nuclear Iranian Data base
    Date: 2026-03-15T05:33:45Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1158
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: Iran
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  62. BABAYO EROR SYSTEM targets the website of Buaya77Game
    Category: Defacement
    Content: The group claims to have defaced the website of Buaya77Game
    Date: 2026-03-15T04:10:19Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/201
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Gambling & Casinos
    Victim Organization: buaya77game
    Victim Site: buaya77game.com
  63. BABAYO EROR SYSTEM targets the website of FIFA885
    Category: Defacement
    Content: The group claims to have defaced the website of FIFA885
    Date: 2026-03-15T04:02:07Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/201
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Gambling & Casinos
    Victim Organization: fifa885
    Victim Site: fifa885.org
  64. Alleged Sale of Stripe API Key
    Category: Data Breach
    Content: The threat actor claims to be selling a Stripe API key associated with a German Stripe account, allegedly linked to an active payment processing setup.
    Date: 2026-03-15T03:46:28Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278337/
    Screenshots:
    None
    Threat Actors: JustAnon69
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: stripe
    Victim Site: stripe.com
  65. Aleged data breach of Novogene
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-15T03:28:44Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/novo
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: China
    Victim Industry: Biotechnology
    Victim Organization: novogene
    Victim Site: novogene.com
  66. Alleged data breach of AUGenomics
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-15T03:24:19Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/aug
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: USA
    Victim Industry: Biotechnology
    Victim Organization: augenomics
    Victim Site: augenomics.com
  67. Alleged data breach of Geno Bank Essen
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-15T03:17:28Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/genobank
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: Germany
    Victim Industry: Financial Services
    Victim Organization: geno bank essen
    Victim Site: genobank.de
  68. Alleged Data breach of nChroma Bio
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-15T03:07:08Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/nchroma
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: USA
    Victim Industry: Biotechnology
    Victim Organization: nchroma bio
    Victim Site: nchromabio.com
  69. Alleged Data breach of Neochromosome
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-15T03:01:20Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/neo
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: USA
    Victim Industry: Biotechnology
    Victim Organization: neochromosome
    Victim Site: neochromosome.com
  70. Alleged data breach of Hadassa
    Category: Data Breach
    Content: The group claims to have deleted data from Hadassa
    Date: 2026-03-15T00:34:22Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/31
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Food & Beverages
    Victim Organization: hadassa
    Victim Site: hadassa.co.il

Related Posts