[March-16-2026] Daily Cybersecurity Threat Report

Executive Summary

This report details a series of recent cyber incidents, providing key information for each event strictly based on the provided data. The dataset comprises 130 distinct cybersecurity incidents recorded on March 16, 2026. The incidents span various categories, including Defacements, Data Breaches, Initial Access sales, Vulnerability disclosures, and Combo List distributions.

The most prominent trend in the dataset is a massive, coordinated defacement campaign targeting Canadian small and medium-sized businesses (SMBs), primarily in the building and construction sectors. Additionally, significant initial access sales targeting government infrastructure and critical industrial control systems (ICS) highlight a severe escalation in threats to national infrastructure globally.

1. Threat Actor Landscape

Several threat actors and groups demonstrated high volumes of activity or targeted high-value assets.

Z-BL4CX-H4T: This group is the most prolific actor in the dataset, responsible for over 40 distinct website defacements. Their campaign overwhelmingly targets Canadian organizations.
Escanors Official: This actor focused heavily on data breaches targeting Chinese organizations, particularly in the Financial Services and E-commerce sectors. They also claimed a data breach involving Amazon Web Services (AWS) in the USA.
BABAYO EROR SYSTEM: This group specialized in obtaining and selling initial admin-level access, specifically targeting Indonesian government districts and departments. They also engaged in defacements.
CinCauGhast: Focused on initial access leaks in Indonesia, targeting broadcast media and government agencies.
KTX TEAM: Active in defacements, primarily targeting Iranian IT, network/telecommunications, and staffing organizations , as well as entities in the UAE and China.
NoName057(16): Claimed unauthorized access to critical Industrial Heating and Ventilation Control Systems in Lithuania, noting a lack of modern security protections. They also accessed CCTV cameras in Latvia.
SnowSoul: Claimed multiple leaks of large datasets (up to 10GB) related to Chinese entities.
Fatimion cyber team: Targeted Lebanese broadcast media, specifically MTV Lebanon, leaking employee emails and declaring them a target.

2. Categorical Analysis

A. Data Breaches

Data breaches formed a critical segment of the incidents, exposing PII, corporate data, and government records. Notable breaches include:

Target/Victim	Threat Actor	Compromised Data	Source
Breach Forums	Insider005	347,000 user records (Users, Passwords, Emails, PMs, IP logs)
SimpCity	Raperdogan	Over 6 million records (usernames, emails, metadata)
Russian Border Service	Flexx	1,098,248,515 records (Name, DOB, Citizenship)
US Businesses	Lanex	200+ records of business/owner fullz data (EIN, SSN, revenue)
Sadenet (Turkish ISP)	Raperdogan	118,000 subscriber records
Colombian Ministry of Health	Iron Atlas	Full compromise; complete copy of data extracted
BPJS (Indonesia)	ZamXploit	447 Records (Address, Name, Gender, DOB, ID)
Mexico CURP & Suppliers	foximiyos	390 CURP records and 4,000+ supplier details (IDs, coordinates, tax info)

Additional leaks included 2.5 million Belgian bounced emails , 10,000 cryptocurrency wallet seed phrases , and US military logistics documents by threat actor Cardinal.

B. Initial Access Brokers (IAB)

The sale or leaking of initial access was highly prevalent, particularly targeting e-commerce and government platforms.

E-Commerce Platforms: Threat actor “ed1n1ca” sold unauthorized access to unidentified WordPress shops in Canada and the UK, explicitly listing their recent credit card transaction volumes. “Shopify” sold admin and shell access to various UK and Canadian online stores , and “mullah” sold root access to an Australian Magento shop processing PayPal and bank transfers.
Government Access: “BABAYO EROR SYSTEM” extensively sold admin access to Indonesian local governments (e.g., Kadudampit District, Kebonpedes District, Sukalarang District). “blackwinter99” sold admin access to the Inspector General of Registration in Odisha, India.
Corporate & IT Access: “BamAG” sold access to a US telecommunications company and a US law firm.

C. Industrial Control Systems (ICS) / Operational Technology (OT)

A highly alarming trend is the direct targeting of physical infrastructure via digital means.

Ukraine Heating Stations: IT ARMY OF RUSSIA claimed access to Kyiv heating station control systems, manipulating temperature and power levels.
Lithuania Heating Systems: NoName057(16) gained full access to industrial heating/ventilation controls, warning of the ability to disrupt processes or create unsafe conditions due to a lack of security.
Turkey Agriculture: Armenian code disrupted automated infrastructure, interfering with irrigation, nutrient delivery, and greenhouse climate control systems.

D. Defacement Campaigns

Defacements accounted for the highest sheer volume of recorded incidents.

Canadian Infrastructure: As noted, Z-BL4CX-H4T ravaged Canadian web infrastructure. Victims spanned Building & Construction (e.g., EquiBuild, Fraser Form Rental, Father and Son Masonry) , Transportation (YVR Limo Service) , and Healthcare (Therapy Now Clinic).
Other Defacements: “Thekitten” defaced the Israel Ministry of Tourism and an e-learning system. RAKYAT AGENCY INDONESIA INTERNASIONAL defaced Italian fitness clubs (20Hours Club, PentaFIT) and a Sri Lankan Divisional Secretariat.

3. Geographical and Industry Impact Analysis

Most Targeted Countries

Canada: Suffered the highest volume of attacks, almost exclusively due to Z-BL4CX-H4T’s defacement spree .
Indonesia: Highly targeted for Initial Access and Data Breaches affecting broadcast media, government agencies, and personal activist data (e.g., Abu Janda).
China: Targeted primarily for data breaches and SSL private key leaks (e.g., Qihoo 360’s 360Claw Platform).
USA: Faced a mix of business data sales, Initial Access to telecom/law firms, AWS data breach claims, and military document leaks.

Most Targeted Industries

Building and Construction: Primarily SMBs in Canada targeted for defacements.
Government Administration: A lucrative target for Initial Access brokers and data thieves in Indonesia, India, Colombia, and Israel.
Financial Services: Targeted mostly in China (e.g., VCREDIT, Geerong, X Financial).
Broadcast Media: Targeted in Indonesia (TRANS7, Trans TV) and Lebanon (MTV Lebanon).

Conclusion

The data recorded on March 16, 2026, indicates a highly active and fragmented cyber threat landscape. We observe low-sophistication, high-volume attacks (mass SMB defacements in Canada) occurring concurrently with high-stakes, potentially devastating operations (ICS manipulation in Ukraine, Turkey, and Lithuania).

The commoditization of access is apparent, with initial access to e-commerce sites being sold with explicit revenue metrics, and root access to government networks being auctioned openly. Furthermore, the exposure of massive datasets—ranging from 1 billion Russian border records to Chinese financial tech data—suggests that identity theft, corporate espionage, and state-level data harvesting remain rampant. Organizations must prioritize securing Initial Access vectors (like WordPress and Magento), hardening Operational Technology (OT) systems against public internet exposure, and maintaining strict vendor risk management.

Detected Incidents Draft Data

Alleged Sale of Breach Forums
Category: Data Breach
Content: The threat actor claims to be selling 347,000 user records from Breach Fourms (Breachfourm.as). The compromised data reportedly includes Users, Passwords, Emails, Private Messages, IP logs, Post IP logs, History, Profile change emails, Edit History, Administration Logs, Moderator Logs information.
Date: 2026-03-16T23:55:28Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-BreachForums-Database-Source-Code-leaked
Screenshots:
None
Threat Actors: Insider005
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: breach fourms
Victim Site: breachforums.as
Alleged leak of Chinese data.
Category: Data Breach
Content: The threat actor claims to have leaked the Chinese data.
Date: 2026-03-16T23:25:56Z
Network: openweb
Published URL: https://darkforums.su/Thread-Chinese-data-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1252
Screenshots:
None
Threat Actors: SnowSoul
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Business and Owner Fullz Records in USA
Category: Data Breach
Content: Threat Actor claims to be selling more than 200 records containing U.S. business and owner fullz data. The dataset reportedly includes business information such as business name, EIN, business address, industry classification, NAICS code, revenue, year founded, and in some cases contact details like email, website, and phone number. It also includes owner information such as full name, address, date of birth, and SSN.
Date: 2026-03-16T22:35:26Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278477/
Screenshots:
None
Threat Actors: Lanex
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to an unidentified CCTV System in Canada
Category: Initial Access
Content: The group claims to have gained access to an unidentified CCTV System in Canada.
Date: 2026-03-16T22:31:50Z
Network: telegram
Published URL: https://t.me/op_morningstar/544?single
Screenshots:
None
Threat Actors: MORNING STAR
Victim Country: Canada
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Dr. Gutters
Category: Defacement
Content: The group claims to have defaced the website of Dr. Gutters.
Date: 2026-03-16T21:54:56Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Civic & Social Organization
Victim Organization: dr. gutters
Victim Site: drgutters.ca
Z-BL4CX-H4T targets the website of EquiBuild
Category: Defacement
Content: The group claims to have defaced the website of EquiBuild.
Date: 2026-03-16T21:53:35Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: equibuild
Victim Site: equibuild.ca
Z-BL4CX-H4T targets the website of Fraser Form Rental
Category: Defacement
Content: The group claims to have defaced the website of Fraser Form Rental.
Date: 2026-03-16T21:50:14Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: fraser form rental
Victim Site: fraserformrental.ca
Z-BL4CX-H4T targets the website of Group Orbit
Category: Defacement
Content: The group claims to have defaced the website of Group Orbit.
Date: 2026-03-16T21:49:22Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Financial Services
Victim Organization: group orbit
Victim Site: grouporbit.ca
Z-BL4CX-H4T targets the website of Envision Immigration
Category: Defacement
Content: The group claims to have defaced the website of Envision Immigration.
Date: 2026-03-16T21:46:54Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Management Consulting
Victim Organization: envision immigration
Victim Site: envisionimmigration.ca
Z-BL4CX-H4T targets the website of Father and Son Masonry
Category: Defacement
Content: The group claims to have defaced the website of Father and Son Masonry.
Date: 2026-03-16T21:44:49Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: father and son masonry
Victim Site: fatherandsonmasonry.ca
Alleged Leak of SimpCity User Database
Category: Data Breach
Content: A threat actor claims to have leaked a user database containing over 6 million records from the SimpCity forum. The allegedly exposed data includes usernames, email addresses, account metadata, and user profile information.
Date: 2026-03-16T21:31:13Z
Network: openweb
Published URL: https://breached.st/threads/simpcity-user-dump-6m-2026.1245/
Screenshots:
None
Threat Actors: Raperdogan
Victim Country: Unknown
Victim Industry: Social Media & Online Social Networking
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Best Meats
Category: Defacement
Content: The group claims to have defaced the website of Best Meats.
Date: 2026-03-16T21:30:47Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Food & Beverages
Victim Organization: best meats
Victim Site: bestmeats.ca
Z-BL4CX-H4T targets the website of Modern Millwork
Category: Defacement
Content: The group claims to have defaced the website of Modern Millwork.
Date: 2026-03-16T21:28:55Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Printing
Victim Organization: modern millwork
Victim Site: boxmedia.ca
Alleged Sale of Unauthorized Access to an Unidentified WordPress Shop in Canada
Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to an unidentified WordPress shop in Canada, stating that the platform recorded 72 credit card Stripe (frame) transactions in February, 63 in January, and 63 in December.
Date: 2026-03-16T21:26:30Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278440/
Screenshots:
None
Threat Actors: ed1n1ca
Victim Country: Canada
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Leak of Sadenet ISP Subscriber Database
Category: Data Breach
Content: A threat actor claims to have leaked a database containing information related to approximately 118,000 subscribers of Sadenet, a Turkish internet service provider. The leaked data reportedly includes subscriber records extracted from the ISP’s subscriber management system.
Date: 2026-03-16T21:22:13Z
Network: openweb
Published URL: https://breached.st/threads/tr-sadenet-isp-leak-118k-subscribers.1242/
Screenshots:
None
Threat Actors: Raperdogan
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Vanguard Commercial Services
Category: Defacement
Content: The Group claims to have defaced the website of Vanguard Commercial Services.
Date: 2026-03-16T21:13:13Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Facilities Services
Victim Organization: vanguard commercial services
Victim Site: vanguardcommercial.ca
Z-BL4CX-H4T targets the website of Chatora Indian Restaurant
Category: Defacement
Content: The group claims to have defaced the website of Chatora Indian Restaurant.
Date: 2026-03-16T21:12:05Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Food & Beverages
Victim Organization: chatora indian restaurant
Victim Site: chatorarestaurant.ca
Z-BL4CX-H4T targets the website of BrightLink Trucking Ltd
Category: Defacement
Content: The group claims to have defaced the website of BrightLink Trucking Ltd.
Date: 2026-03-16T21:10:38Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Transportation & Logistics
Victim Organization: brightlink trucking ltd
Victim Site: brightlinktrucking.ca
Z-BL4CX-H4T targets the website of Watch Eye Security Inc.
Category: Defacement
Content: The Group claims to have defaced the website of Watch Eye Security Inc.
Date: 2026-03-16T21:08:29Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Security & Investigations
Victim Organization: watch eye security inc.
Victim Site: watcheyesecurity.ca
Z-BL4CX-H4T targets the website of Color Wave Painting Ltd
Category: Defacement
Content: The group claims to have defaced the website of Color Wave Painting Ltd.
Date: 2026-03-16T21:04:04Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: color wave painting ltd
Victim Site: colorwavepainting.ca
Z-BL4CX-H4T targets the website of WCI Staffing Solutions
Category: Defacement
Content: The Group claims to have defaced the website of WCI Staffing Solutions.
Date: 2026-03-16T21:01:20Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Staffing/Recruiting
Victim Organization: wci staffing solutions
Victim Site: wcistaffing.ca
Z-BL4CX-H4T targets the website of Western Luxury Custom Homes Corp
Category: Defacement
Content: The Group claims to have defaced the website of Western Luxury Custom Homes Corp.
Date: 2026-03-16T20:59:37Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: western luxury custom homes corp
Victim Site: westernluxury.ca
Alleged data breach of VCREDIT Holdings Limited
Category: Data Breach
Content: The threat actor claims to have leaked data allegedly related to VCREDIT, a Chinese financial technology and consumer finance service provider.
Date: 2026-03-16T20:50:54Z
Network: telegram
Published URL: https://t.me/c/3398932380/670
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: Financial Services
Victim Organization: vcredit holdings limited
Victim Site: vcredit.com
Z-BL4CX-H4T targets the website of YVR Limo Service
Category: Defacement
Content: The Group claims to have defaced the website of YVR Limo Service.
Date: 2026-03-16T20:49:57Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Transportation & Logistics
Victim Organization: yvr limo service
Victim Site: yvrlimoservice.ca
Alleged data breach of ZXAX Technology
Category: Data Breach
Content: The threat actor claims to have leaked data allegedly related to ZXAX Technology, a Chinese IT services company.
Date: 2026-03-16T20:46:13Z
Network: telegram
Published URL: https://t.me/c/3398932380/666
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: Information Technology (IT) Services
Victim Organization: zxax technology
Victim Site: zxaxtech.cn
Alleged data breach of Geerong
Category: Data Breach
Content: The threat actor claims to have leaked data related to Geerong, a financial technology platform.
Date: 2026-03-16T20:39:52Z
Network: telegram
Published URL: https://t.me/c/3398932380/665
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: Financial Services
Victim Organization: geerong
Victim Site: geerong.com
Alleged leak of login credentials to Indonesias State Civil Service Agency
Category: Initial Access
Content: The group claims to have leaked the login credentials to Indonesias State Civil Service Agency.
Date: 2026-03-16T20:03:47Z
Network: telegram
Published URL: https://t.me/CinCauGhast404/7
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: state civil service agency
Victim Site: bkn.go.id
Alleged data breach of Wuyou Hebao
Category: Data Breach
Content: The group claims to have accessed the database of Wuyou Hebao.
Date: 2026-03-16T20:02:24Z
Network: telegram
Published URL: https://t.me/c/3398932380/666
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: Financial Services
Victim Organization: wuyou hebao
Victim Site: wuyouhb.com
Alleged data breach of Hefei Fandi E-commerce
Category: Data Breach
Content: The threat group claims to have breached the data of Hefei Fandi E-commerce.
Date: 2026-03-16T19:58:46Z
Network: telegram
Published URL: https://t.me/c/3398932380/666
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: E-commerce & Online Stores
Victim Organization: hefei fandi e-commerce
Victim Site: api.fandidz.cn
Alleged data breach of Amazon Web Services (AWS)
Category: Data Breach
Content: The threat group claims to have breached the data of Amazon Web Services (AWS).
Date: 2026-03-16T19:57:55Z
Network: telegram
Published URL: https://t.me/c/3398932380/666
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: amazon web services (aws)
Victim Site: amazonaws.com
Alleged leak of login credentials to Kaskus
Category: Initial Access
Content: The group claims to have leaked the login credentials to Kaskus.
Date: 2026-03-16T19:57:34Z
Network: telegram
Published URL: https://t.me/CinCauGhast404/7
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Non-profit & Social Organizations
Victim Organization: kaskus
Victim Site: kaskus.co.id
Alleged leak of login credentials to PT. Duta Visual Nusantara Tivi Tujuh (TRANS7).
Category: Initial Access
Content: The group claims to have leaked the login credentials to PT. Duta Visual Nusantara Tivi Tujuh (TRANS7).
Date: 2026-03-16T19:54:50Z
Network: telegram
Published URL: https://t.me/CinCauGhast404/11
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Broadcast Media
Victim Organization: pt. duta visual nusantara tivi tujuh (trans7)
Victim Site: trans7.co.id
Alleged data breach of X Financial
Category: Data Breach
Content: The threat group claims to have breached a data of X Financial.
Date: 2026-03-16T19:48:14Z
Network: telegram
Published URL: https://t.me/c/3398932380/666
Screenshots:
None
Threat Actors: Escanors Official
Victim Country: China
Victim Industry: Financial Services
Victim Organization: x financial
Victim Site: cardloan.xiaoying.com
Alleged data leak of 2.5 million Belgian bounced email addresses
Category: Data Breach
Content: The threat actor claims to be selling a database containing approximately 2.5 million Belgian bounced email addresses.
Date: 2026-03-16T19:40:24Z
Network: openweb
Published URL: https://xss.pro/threads/146447/
Screenshots:
None
Threat Actors: Youzuf BG
Victim Country: Belgium
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to PT Yakult Indonesia Persada
Category: Initial Access
Content: The group claims to have leaked the login credentials to PT Yakult Indonesia Persada.
Date: 2026-03-16T19:39:00Z
Network: telegram
Published URL: https://t.me/CinCauGhast404/10
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Food & Beverages
Victim Organization: pt yakult indonesia persada
Victim Site: yakult.co.id
Alleged leak of MTV Lebanon employee emails
Category: Data Breach
Content: The threat group claims to have leaked a dataset containing email addresses associated with MTV Lebanon, a Lebanese broadcast media organization.
Date: 2026-03-16T19:38:29Z
Network: telegram
Published URL: https://t.me/hak994/5315
Screenshots:
None
Threat Actors: Fatimion cyber team
Victim Country: Lebanon
Victim Industry: Broadcast Media
Victim Organization: mtv lebanon
Victim Site: mtv.com.lb
Alleged Leak of Cryptocurrency Exchange KYC Database
Category: Data Breach
Content: A threat actor claims to have leaked a dataset containing KYC information allegedly associated with cryptocurrency exchange users. the dataset may include personal details such as full names, email addresses, phone numbers, dates of birth, and identity numbers .
Date: 2026-03-16T19:35:12Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Leaked-XZeeone-Grayhat-KYC-Know-Your-Customer
Screenshots:
None
Threat Actors: XZeeoneOfc
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged access to Trans TV
Category: Initial Access
Content: The group claims to have gained access to Trans TV.
Date: 2026-03-16T19:33:04Z
Network: telegram
Published URL: https://t.me/CinCauGhast404/9
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Broadcast Media
Victim Organization: trans tv
Victim Site: transtv.co.id
XYZ targets the website of cmis.ae
Category: Defacement
Content: The group claims to have defaced the website of cmis.ae.
Date: 2026-03-16T19:20:22Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41606891
Screenshots:
None
Threat Actors: XYZ
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: cmis.ae
Victim Site: cmis.ae
KTX TEAM targets the website of PartSouq
Category: Defacement
Content: The group claims to defaced the website of PartSouq.
Date: 2026-03-16T18:40:59Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41606878
Screenshots:
None
Threat Actors: KTX TEAM
Victim Country: UAE
Victim Industry: Machinery Manufacturing
Victim Organization: partsouq
Victim Site: partsouq.com
Z-BL4CX-H4T targets the website of Bedi Creative
Category: Defacement
Content: The group claims to defaced the website of Bedi Creative.
Date: 2026-03-16T18:23:44Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Information Technology (IT) Services
Victim Organization: bedi creative
Victim Site: laravel-test.bedicreative.ca
Alleged leak of USA Military Data
Category: Data Breach
Content: The group claims to have leaked the Military Data of USA.
Date: 2026-03-16T18:21:21Z
Network: telegram
Published URL: https://t.me/ruskinetgroup/88
Screenshots:
None
Threat Actors: RuskiNet
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Leak of SSL Private Key of Qihoo 360’s 360Claw Platform
Category: Data Breach
Content: Content:A security issue has reportedly exposed the SSL private key associated with Qihoo 360’s 360Claw platform. According to the post, the private key was allegedly included within the software installer, potentially allowing unauthorized parties to access it. If confirmed, the exposed key could enable attackers to impersonate legitimate servers or intercept encrypted communications associated with the platform. NB :- The authenticity of the claim is yet to be verified.
Date: 2026-03-16T18:20:32Z
Network: openweb
Published URL: https://www.reddit.com/r/China_irl/comments/1rv5b94/%E5%91%A8%E9%B8%BF%E7%A5%8E%E9%BE%99%E8%99%BE%E4%BA%A7%E5%93%81360claw%E8%AF%81%E4%B9%A6%E7%A7%81%E9%92%A5%E8%A2%AB%E6%B3%84%E9%9C%B2%E9%AB%98%E5%8D%B1%E9%A3%8E%E9%99%A9%E4%BC%9A%E5%8A%AB%E6%8C%81%E7%BD%91%E7%AB%99%E5%B9%B6%E6%9A%B4%E9%9C%B2%E4%BD%BF%E7%94%A8%E8%80%85%E9%9A%90%E7%A7%81/?captcha=1
Screenshots:
None
Threat Actors: Unknown
Victim Country: China
Victim Industry: Information Technology (IT) Services
Victim Organization: qihoo 360 technology co. ltd.
Victim Site: 360.cn
Alleged Leak of SQL Injection Vulnerability in Alayosh Company
Category: Vulnerability
Content: The group claims to have leaked SQL Injection vulnerability in Alayosh Company.
Date: 2026-03-16T18:12:51Z
Network: telegram
Published URL: https://t.me/Rakyat_DigitalCrew/103
Screenshots:
None
Threat Actors: Rakyat Digital Crew
Victim Country: Palestine
Victim Industry: Food & Beverages
Victim Organization: alayosh company
Victim Site: alayosh.com
RAKYAT AGENCY INDONESIA INTERNASIONAL targets the website of 20Hours Club
Category: Defacement
Content: The group claims to have defaced the website of 20Hours Club .
Date: 2026-03-16T18:10:55Z
Network: telegram
Published URL: https://t.me/TEAM_CY8ER_N4TI0N_IND/176
Screenshots:
None
Threat Actors: RAKYAT AGENCY INDONESIA INTERNASIONAL
Victim Country: Italy
Victim Industry: Health & Fitness
Victim Organization: 20hours club
Victim Site: gesfit2023.best.20hours.it
Z-BL4CX-H4T targets the website of Stratwit Solutions Ltd.
Category: Defacement
Content: The group claims to defaced the website of Stratwit Solutions Ltd.
Date: 2026-03-16T18:10:25Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Information Technology (IT) Services
Victim Organization: stratwit solutions ltd.
Victim Site: testgithub.bedicreative.ca
Fatimion cyber team claims to target MTV Lebanon
Category: Alert
Content: A recent post by the group indicates that they are targeting MTV Lebanon.
Date: 2026-03-16T18:07:55Z
Network: telegram
Published URL: https://t.me/hak994/5299
Screenshots:
None
Threat Actors: Fatimion cyber team
Victim Country: Lebanon
Victim Industry: Broadcast Media
Victim Organization: mtv lebanon
Victim Site: mtv.com.lb
Alleged Sale of CURP Database Records in Mexico
Category: Data Breach
Content: Threat Actor claims to be selling a database allegedly containing 390 records related to Mexico’s CURP system. The dataset includes personal information such as first and last names, second last name, date of birth, sex or gender, nationality, CURP identifiers, state and municipality codes, registration year, record numbers, and related registry details.
Date: 2026-03-16T18:05:36Z
Network: openweb
Published URL: https://xforums.st/threads/curps-mx.535081/
Screenshots:
None
Threat Actors: foximiyos
Victim Country: Mexico
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Therapy Now Clinic
Category: Defacement
Content: The group claims to defaced the website of Therapy Now Clinic.
Date: 2026-03-16T18:03:31Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Hospital & Health Care
Victim Organization: therapy now clinic
Victim Site: therapy.bedicreative.ca
Z-BL4CX-H4T targets the website of Udupi Palace Restaurant
Category: Defacement
Content: The group claims to defaced the website of Udupi Palace Restaurant.
Date: 2026-03-16T18:02:10Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Restaurants
Victim Organization: udupi palace restaurant
Victim Site: udupisurrey.ca
Alleged Sale of Supplier Register Database in Mexico
Category: Data Breach
Content: Threat Actor claims to be selling a supplier register database allegedly containing information on more than 4,000 suppliers in Mexico. The dataset includes extensive supplier and company information such as full name, Mexican National ID (CURP), contact details, phone numbers, email addresses, company descriptions, tax registration numbers, business activities, addresses, geographic coordinates, additional administrative, legal, and registry-related details.
Date: 2026-03-16T17:52:11Z
Network: openweb
Published URL: https://xforums.st/threads/supplier-register.534937/
Screenshots:
None
Threat Actors: foximiyos
Victim Country: Mexico
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Connect FM
Category: Defacement
Content: The group claims to defaced the website of Connect FM .
Date: 2026-03-16T17:51:51Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Broadcast Media
Victim Organization: connect fm
Victim Site: vaisakhi.connectfm.ca
Z-BL4CX-H4T targets the website of AAA Plumbing & Heating
Category: Defacement
Content: The group claims to have defaced the website of AAA Plumbing & Heating.
Date: 2026-03-16T17:51:32Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: aaa plumbing & heating
Victim Site: aaaplumbing.ca
Z-BL4CX-H4T targets the website of Alectra Electrical Services Ltd
Category: Defacement
Content: The group claims to defaced the website of Alectra Electrical Services Ltd
Date: 2026-03-16T17:46:07Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: alectra electrical services ltd
Victim Site: alectraelectrical.ca
Z-BL4CX-H4T targets the website of Shah Driving School Ltd
Category: Defacement
Content: The group claims to have defaced the website of Shah Driving School Ltd
Date: 2026-03-16T17:42:50Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Professional Training
Victim Organization: shah driving school ltd
Victim Site: shahdrivingschool.ca
Z-BL4CX-H4T targets the website of Rai Star Custom Homes Ltd
Category: Defacement
Content: The group claims to have defaced the website of Rai Star Custom Homes Ltd
Date: 2026-03-16T17:41:24Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: rai star custom homes ltd
Victim Site: raistarframing.ca
Z-BL4CX-H4T targets the website of Anisa Homes & Developments Ltd
Category: Defacement
Content: The group claims to defaced the website of Anisa Homes & Developments Ltd
Date: 2026-03-16T17:35:23Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: anisa homes & developments ltd
Victim Site: anisahomes.ca
Z-BL4CX-H4T targets the website of Surrey Podcast Studio
Category: Defacement
Content: The group claims to have defaced the website of Surrey Podcast Studio
Date: 2026-03-16T17:34:20Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Media Production
Victim Organization: surrey podcast studio
Victim Site: surreypodcaststudio.ca
Z-BL4CX-H4T targets the website of Best Look Roofing Ltd
Category: Defacement
Content: The group claims to defaced the website of Best Look Roofing Ltd.
Date: 2026-03-16T17:33:02Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: best look roofing ltd
Victim Site: bestlookroofing.ca
Z-BL4CX-H4T targets the website of Est Choice Security
Category: Defacement
Content: The group claims to defaced the website of Est Choice Security.
Date: 2026-03-16T17:32:02Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Security & Investigations
Victim Organization: est choice security
Victim Site: estchoicesecurity.ca
KTX TEAM targets the website of ParsOnline Group
Category: Defacement
Content: The group claims to have defaced the website of ParsOnline Group.
Date: 2026-03-16T17:20:39Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41606879
Screenshots:
None
Threat Actors: KTX TEAM
Victim Country: Iran
Victim Industry: Information Technology (IT) Services
Victim Organization: parsonline group
Victim Site: parsonline.com
Z-BL4CX-H4T targets the website of Surrey Podcast Studio
Category: Defacement
Content: The group claims to have defaced the website of Surrey Podcast Studio
Date: 2026-03-16T17:19:27Z
Network: openweb
Published URL: https://surreypodcaststudio.ca/
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Media Production
Victim Organization: surrey podcast studio
Victim Site: surreypodcaststudio.ca
Z-BL4CX-H4T targets the website of Journeyman
Category: Defacement
Content: The group claims to have defaced the website of Journeyman
Date: 2026-03-16T17:12:35Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Graphic & Web Design
Victim Organization: journeyman
Victim Site: journeyman.bedicreative.ca
KTX TEAM targets the website of Gigago
Category: Defacement
Content: The group claims to defaced the website of Gigago
Date: 2026-03-16T17:10:16Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41606886?hz=1
Screenshots:
None
Threat Actors: KTX TEAM
Victim Country: China
Victim Industry: Network & Telecommunications
Victim Organization: gigago
Victim Site: gigago.com/iran-sim-card/
Z-BL4CX-H4T targets the website of Open Staircase
Category: Defacement
Content: The group claims to have defaced the website of Open Staircase.
Date: 2026-03-16T17:09:09Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: open staircase
Victim Site: openstaircase.com
Z-BL4CX-H4T targets the website of Northern Lights Contracting
Category: Defacement
Content: The group claims to have defaced the website of Northern Lights Contracting.
Date: 2026-03-16T17:08:45Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: northern lights contracting
Victim Site: northernlightscontracting.ca
Z-BL4CX-H4T targets the website of Outlaw Industries
Category: Defacement
Content: The group claims to have defaced the website of Outlaw Industries.
Date: 2026-03-16T17:05:05Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Manufacturing & Industrial Products
Victim Organization: outlaw industries
Victim Site: outlawindustries.ca
KTX TEAM targets the website of IranTalent
Category: Defacement
Content: The group claims to defaced the website of IranTalent.
Date: 2026-03-16T17:03:29Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41606881
Screenshots:
None
Threat Actors: KTX TEAM
Victim Country: Iran
Victim Industry: Staffing/Recruiting
Victim Organization: irantalent
Victim Site: irantalent.com/en/company/pars-online-group/
KTX TEAM targets the website of MTN Irancell
Category: Defacement
Content: The group claims to defaced the website of MTN Irancell.
Date: 2026-03-16T17:03:13Z
Network: openweb
Published URL: https://zone-h.org/mirror/id/41606882?hz=1
Screenshots:
None
Threat Actors: KTX TEAM
Victim Country: Iran
Victim Industry: Network & Telecommunications
Victim Organization: mtn irancell
Victim Site: irancell.ir
Z-BL4CX-H4T targets the website of Pro-Direct Transport Inc
Category: Defacement
Content: The group claims to have defaced the website of Pro-Direct Transport Inc.
Date: 2026-03-16T16:59:40Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Transportation & Logistics
Victim Organization: pro-direct transport inc
Victim Site: prodirecttransport.ca
Z-BL4CX-H4T targets the website of Punjab Optical
Category: Defacement
Content: The group claims to have defaced the website of Punjab Optical.
Date: 2026-03-16T16:56:44Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: punjab optical
Victim Site: punjabopticals.ca
Z-BL4CX-H4T targets the website of Moody Park Homes Industry
Category: Defacement
Content: The group claims to have defaced the website of Moody Park Homes Industry.
Date: 2026-03-16T16:56:30Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: moody park homes industry
Victim Site: moodyparkhomes.ca
BABAYO EROR SYSTEM targets the subdomains of Modern Cooking Academy (MCA)
Category: Defacement
Content: The group claims to defaced the subdomains of Modern Cooking Academy (MCA).The subdomains include:developer.mca-edu.commca-edu.com.modernitsbd.combm.mca-edu.commca-edu.com
Date: 2026-03-16T16:51:57Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/229
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Bangladesh
Victim Industry: Education
Victim Organization: modern cooking academy (mca)
Victim Site: developer.mca-edu.com
Z-BL4CX-H4T targets the website of MRM Homes Ltd
Category: Defacement
Content: The group claims to have defaced the website of MRM Homes Ltd.
Date: 2026-03-16T16:49:55Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: mrm homes ltd
Victim Site: mrmhomes.ca
Z-BL4CX-H4T targets the website of Nanak Construction & Framing Ltd
Category: Defacement
Content: The group claims to have defaced the website of Nanak Construction & Framing Ltd.
Date: 2026-03-16T16:48:42Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: nanak construction & framing ltd
Victim Site: nanakconstruction.ca
Z-BL4CX-H4T targets the website of Nanny On Call Near Me
Category: Defacement
Content: The group claims to have defaced the website of Nanny On Call Near Me.
Date: 2026-03-16T16:41:12Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Consumer Services
Victim Organization: nanny on call near me
Victim Site: nannyoncallnearme.ca
Alleged unauthorized access to an unidentified Industrial Heating and Ventilation Control System in Lithuania
Category: Initial Access
Content: The group claims to have gained access to a monitoring and control system managing industrial heating and ventilation equipment in Lithuania. The exposed interface reportedly allows control over air circulation, valves, electric heaters, and pumps, with basic settings for airflow and temperature management. According to the group, The system lacks modern security protections and contains multiple log errors related to key components, potentially allowing disruption of the heating process or the creation of unsafe operating conditions.
Date: 2026-03-16T16:37:07Z
Network: telegram
Published URL: https://t.me/c/2787466017/2938
Screenshots:
None
Threat Actors: NoName057(16)
Victim Country: Lithuania
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of personal data of Indonesian activist Abu Janda
Category: Data Breach
Content: The threat group claims to have leaked extensive personal information related to Indonesian activist Abu Janda. The exposed dataset reportedly includes sensitive details such as a photo, national ID number, full name and aliases, date and place of birth, religion, marital status, profession, gender, city and regional address details, phone numbers, email addresses, vehicle records, education history, family member information, and social media accounts.
Date: 2026-03-16T16:33:57Z
Network: telegram
Published URL: https://t.me/IndoHaxSec3/75
Screenshots:
None
Threat Actors: INDOHAXSEC
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Access to an Unidentified WordPress Shop in United Kingdom
Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to an unidentified WordPress shop in the United Kingdom, stating that the platform recorded 771 credit card native form transactions in February, 731 in January, and 691 in December.
Date: 2026-03-16T16:33:15Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278446/
Screenshots:
None
Threat Actors: ed1n1ca
Victim Country: UK
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of New Design Homes Ltd
Category: Defacement
Content: The group claims to have defaced the website of New Design Homes Ltd.
Date: 2026-03-16T16:32:51Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: new design homes ltd
Victim Site: ndhomes.ca
Z-BL4CX-H4T targets the website of H & S Insulation Ltd
Category: Defacement
Content: The group claims to have defaced the website of H & S Insulation Ltd.
Date: 2026-03-16T16:31:13Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: h & s insulation ltd
Victim Site: hsinsulation.ca
Z-BL4CX-H4T targets the website of JBS Auto Sales & Services Ltd
Category: Defacement
Content: The group claims to have defaced the website of JBS Auto Sales & Services Ltd.
Date: 2026-03-16T16:26:17Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Automotive
Victim Organization: jbs auto sales & services ltd
Victim Site: jbsauto.ca
Z-BL4CX-H4T targets the website of Modern Tech Heating & Cooling Ltd
Category: Defacement
Content: The group claims to have defaced the website of Modern Tech Heating & Cooling Ltd
Date: 2026-03-16T16:17:40Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: modern tech heating & cooling ltd
Victim Site: moderntechheatingandcooling.ca
Z-BL4CX-H4T targets the website of IGR Contracting
Category: Defacement
Content: The group claims to have defaced the website of IGR Contracting.
Date: 2026-03-16T16:17:33Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: igr contracting
Victim Site: igrcontracting.ca
Z-BL4CX-H4T targets the website of Maple Roofing Ltd
Category: Defacement
Content: The group claims to have defaced the website of Maple Roofing Ltd.
Date: 2026-03-16T16:13:26Z
Network: telegram
Published URL: https://t.me/c/3027611821/456
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Building and construction
Victim Organization: maple roofing ltd
Victim Site: mapleroofingltd.ca
Alleged Sale of Roundcube Business Webmail Leads
Category: Data Breach
Content: A threat actor claims to be selling 800,000 Roundcube business webmail B2B leads, allegedly collected from various mail servers. The listing mentions that the dataset is offered along with a Judger cPanel script and is priced at $800.
Date: 2026-03-16T15:45:34Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278438/
Screenshots:
None
Threat Actors: Spectre6272
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of admin access to Kadudampit District
Category: Initial Access
Content: The group claims to have selling admin-level access to the Kadudampit District.
Date: 2026-03-16T15:42:20Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/228
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: kadudampit district
Victim Site: kec-kadudampit.sukabumikab.go.id
Alleged sale of admin access to Kebonpedes District
Category: Initial Access
Content: The group claims to have selling admin-level access to the Kebonpedes District.
Date: 2026-03-16T15:31:56Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/228
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: kebonpedes district
Victim Site: kec-kebonpedes.sukabumikab.go.id
RAKYAT AGENCY INDONESIA INTERNASIONAL targets the website of PentaFIT
Category: Defacement
Content: The group claims to have defaced the website of PentaFIT.
Date: 2026-03-16T15:27:25Z
Network: telegram
Published URL: https://t.me/TEAM_CY8ER_N4TI0N_IND/173
Screenshots:
None
Threat Actors: RAKYAT AGENCY INDONESIA INTERNASIONAL
Victim Country: Italy
Victim Industry: Health & Fitness
Victim Organization: pentafit
Victim Site: gesfit24.gestione.pentafit.it
Z-BL4CX-H4T targets the website of American Fast Freight Ltd
Category: Defacement
Content: The group claims to have defaced the website of American Fast Freight Ltd.
Date: 2026-03-16T15:15:29Z
Network: telegram
Published URL: https://t.me/c/3027611821/452
Screenshots:
None
Threat Actors: Z-BL4CX-H4T
Victim Country: Canada
Victim Industry: Transportation & Logistics
Victim Organization: american fast freight ltd
Victim Site: fastfreight.info
RAKYAT AGENCY INDONESIA INTERNASIONAL targets the website of Badulla Divisional Secretariat
Category: Defacement
Content: The group claims to have defaced the website of Badulla Divisional Secretariat.
Date: 2026-03-16T15:12:11Z
Network: telegram
Published URL: https://t.me/TEAM_CY8ER_N4TI0N_IND/172
Screenshots:
None
Threat Actors: RAKYAT AGENCY INDONESIA INTERNASIONAL
Victim Country: Sri Lanka
Victim Industry: Government Administration
Victim Organization: badulla divisional secretariat
Victim Site: divisecbadulla.com/frontofficenew/admin
Alleged sale of admin access to Sukalarang District Office
Category: Initial Access
Content: The threat actor claims to have selling admin-level access to the Sukalarang District Office.
Date: 2026-03-16T15:02:35Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/228
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: sukalarang district office
Victim Site: kec-sukalarang.sukabumikab.go.id
Alleged sale of admin access to Department of Public Works – Sukabumi Regency
Category: Initial Access
Content: The threat group claims to have selling admin-level access to the Department of Public Works – Sukabumi Regency.
Date: 2026-03-16T14:57:16Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/228
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: department of public works – sukabumi regency
Victim Site: dpu.sukabumikab.go.id
Alleged leak of Unauthorized WordPress Admin Access to Explora Pucon
Category: Initial Access
Content: The group claims to have leaked unauthorized wordpress admin access to Explora Pucon.
Date: 2026-03-16T14:38:06Z
Network: telegram
Published URL: https://t.me/c/2433981896/1309
Screenshots:
None
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Chile
Victim Industry: Leisure & Travel
Victim Organization: explora pucon
Victim Site: explorapucon.cl
Alleged Sale of unauthorized access to an unidentified telecommunication company in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access to an unidentified telecommunication company in USA.
Date: 2026-03-16T14:33:49Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278429/
Screenshots:
None
Threat Actors: BamAG
Victim Country: USA
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of unauthorized access to an unidentified law firm company in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access to an unidentified law firm company in USA.
Date: 2026-03-16T14:31:28Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278429/
Screenshots:
None
Threat Actors: BamAG
Victim Country: USA
Victim Industry: Law Practice & Law Firms
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Chinese data
Category: Data Breach
Content: The threat actor claims to have leaked 10GB of Chinese data.
Date: 2026-03-16T14:27:01Z
Network: openweb
Published URL: https://darkforums.su/Thread-Chinese-data-Free-download-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1247
Screenshots:
None
Threat Actors: SnowSoul
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of an Chinese organization
Category: Data Breach
Content: The threat actor claims to have leaked 10GB of data related to an Chinese organization.
Date: 2026-03-16T14:26:00Z
Network: openweb
Published URL: https://darkforums.su/Thread-Chinese-data-Free-download-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1247
Screenshots:
None
Threat Actors: SnowSoul
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Heating Station Control Systems in Ukraine
Category: Initial Access
Content: The group claims to have accessed heating station control systems in Kyiv, Ukraine, allegedly manipulating operational parameters such as temperature and power levels while operators attempted to restore normal settings.
Date: 2026-03-16T14:01:09Z
Network: telegram
Published URL: https://t.me/itarmyofrussianews/347
Screenshots:
None
Threat Actors: IT ARMY OF RUSSIA
Victim Country: Ukraine
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Agricultural Irrigation and Greenhouse Control Systems in Turkey
Category: Initial Access
Content: The group claims to have disrupted automated agricultural infrastructure in Turkey, alleging interference with two irrigation and nutrient delivery systems and three greenhouse climate control systems responsible for temperature and humidity regulation.
Date: 2026-03-16T11:17:14Z
Network: telegram
Published URL: https://t.me/armeniancode_eng/77
Screenshots:
None
Threat Actors: Armenian code
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of U.S. military document
Category: Data Breach
Content: The threat actor claims to have obtained and disclosed a classified U.S. military logistics document alleging emergency resupply details following a reported cyber incident affecting components of Israel’s air-defense systems.
Date: 2026-03-16T11:06:48Z
Network: telegram
Published URL: https://t.me/c/2869875394/383
Screenshots:
None
Threat Actors: Cardinal
Victim Country: USA
Victim Industry: Military Industry
Victim Organization: Unknown
Victim Site: Unknown
Cardinal claims to target USA
Category: Alert
Content: A recent post by the group indicates that they are targeting USA.
Date: 2026-03-16T10:36:57Z
Network: telegram
Published URL: https://t.me/c/2869875394/378
Screenshots:
None
Threat Actors: Cardinal
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of 100K Corporate Mail Pass Credentials
Category: Combo List
Content: The threat actor claims to be selling a dataset containing approximately 100,000 corporate email and password combinations in mailpass format, reportedly compiled from multiple sources.
Date: 2026-03-16T10:09:02Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278416/
Screenshots:
None
Threat Actors: Domainstore
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of UAE Business (B2B) data
Category: Data Breach
Content: The threat actor claims to be selling a UAE Business (B2B) database allegedly containing business directory records, free zone company data, startup records, Dubai business tower records, real estate databases, telecall research data, and DMCC records.
Date: 2026-03-16T09:41:52Z
Network: openweb
Published URL: https://niflheim.world/threads/uae-buisness-b2b-database-breach.163522/#post-379930
Screenshots:
None
Threat Actors: Exorcist
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to an unidentified Industrial Heating and Ventilation Control System in Lithuania
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified Industrial Heating and Ventilation Control System in Lithuania. They allegedly have full access to the control and monitoring interface of an industrial heating and ventilation system, allowing them to view system data and potentially control air supply and circulation, adjust temperature settings, and operate components such as valves, electric heaters, and pumps.
Date: 2026-03-16T09:07:30Z
Network: telegram
Published URL: https://t.me/c/2787466017/2926
Screenshots:
None
Threat Actors: NoName057(16)
Victim Country: Lithuania
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized cctv access to an unidentified shop in Latvia
Category: Initial Access
Content: The group claims to have gained CCTV cameras of Kekava and Firmas Veikals meat and sausage stores in Latvia.
Date: 2026-03-16T08:47:04Z
Network: telegram
Published URL: https://t.me/c/2787466017/2925
Screenshots:
None
Threat Actors: NoName057(16)
Victim Country: Latvia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged breach of the Colombian Ministry of Health
Category: Data Breach
Content: The threat actor claims to have fully compromised systems of the Colombian Ministry of Health. They allege that a complete copy of the ministry’s data and internal components was extracted and made publicly accessible
Date: 2026-03-16T07:56:23Z
Network: telegram
Published URL: https://t.me/ironatlas_organization/44?single
Screenshots:
None
Threat Actors: Iron Atlas New Generation
Victim Country: Colombia
Victim Industry: Government Administration
Victim Organization: ministry of health and social protection
Victim Site: minsalud.gov.co
Hax.or targets the website of brilliant.ae
Category: Defacement
Content: The group claims to have defaced the website of brilliant.ae.
Date: 2026-03-16T07:52:09Z
Network: telegram
Published URL: https://t.me/ctifeeds/129180
Screenshots:
None
Threat Actors: Hax.or
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: brilliant
Victim Site: brilliant.ae
Alleged sale of access to go.id
Category: Initial Access
Content: The group claims to be selling unauthorized admin access to go.id
Date: 2026-03-16T07:26:49Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/227
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: go.id
Alleged data leak of The Purr Company
Category: Data Breach
Content: The threat actor claims to have leaked data allegedly taken from The Purr Company.
Date: 2026-03-16T07:13:56Z
Network: telegram
Published URL: https://t.me/silenterrorsystem/158
Screenshots:
None
Threat Actors: SILENT ERROR SYSTEM
Victim Country: UK
Victim Industry: E-commerce & Online Stores
Victim Organization: the purr company
Victim Site: thepurrcompany.com
Hax.or targets the website of Brillscan Building Inspection Services
Category: Defacement
Content: The group claims to have defaced the website of Brillscan Building Inspection Services
Date: 2026-03-16T07:12:29Z
Network: telegram
Published URL: https://t.me/ctifeeds/129206
Screenshots:
None
Threat Actors: Hax.or
Victim Country: UAE
Victim Industry: Building and construction
Victim Organization: brillscan building inspection services
Victim Site: brillscan.ae
Thekitten targets the website of unidentified Israeli government e-learning system
Category: Defacement
Content: The group claims to have defaced the website of Israeli government e-learning system.
Date: 2026-03-16T06:22:47Z
Network: telegram
Published URL: https://t.me/cyberbannews_ir/20510?single
Screenshots:
None
Threat Actors: Thekitten
Victim Country: Israel
Victim Industry: Higher Education/Acadamia
Victim Organization: Unknown
Victim Site: Unknown
Thekitten targets the website of Israel Ministry of Tourism
Category: Defacement
Content: The group claims to have defaced the website of Israel Ministry of Tourism.
Date: 2026-03-16T06:12:18Z
Network: telegram
Published URL: https://t.me/cyberbannews_ir/20510?single
Screenshots:
None
Threat Actors: Thekitten
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: israel ministry of tourism
Victim Site: gov.il
Alleged sale of unauthorized admin access to Inspector General of Registration and Commissioner of Stamps Odisha.
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to Inspector General of Registration and Commissioner of Stamps Odisha.
Date: 2026-03-16T06:06:54Z
Network: openweb
Published URL: https://darkforums.su/Thread-%E2%AD%90INDIA%E2%AD%90-Government-igrodisha-gov-in-Admin-Access
Screenshots:
None
Threat Actors: blackwinter99
Victim Country: India
Victim Industry: Government Administration
Victim Organization: inspector general of registration and commissioner of stamps odisha
Victim Site: igrodisha.gov.in
Alleged sale of unauthorized admin access to Comunicate Web.
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to Comunicate Web.
Date: 2026-03-16T05:55:11Z
Network: openweb
Published URL: https://darkforums.su/Thread-%E2%AD%90ITALY%E2%AD%90-comunicateweb-it-admin-access
Screenshots:
None
Threat Actors: blackwinter99
Victim Country: Italy
Victim Industry: Network & Telecommunications
Victim Organization: comunicate web
Victim Site: comunicateweb.it
Alleged sale of unauthorized admin access to KFA Cafe
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to KFA Cafe .
Date: 2026-03-16T05:43:41Z
Network: openweb
Published URL: https://darkforums.su/Thread-kfacafe-ct-ws-admin-access
Screenshots:
None
Threat Actors: blackwinter99
Victim Country: Unknown
Victim Industry: Food & Beverages
Victim Organization: kfa cafe
Victim Site: kfacafe.ct.ws
Alleged data breach of Border Service of the Federal Security Service of the Russian Federation.
Category: Data Breach
Content: Threat actor claims to be leaked data from Border Service of the Federal Security Service of the Russian Federation. The compromised data reportedly contains 1,098,248,515 records including Name, DOB, Citizenship, Country and much more information.
Date: 2026-03-16T05:12:02Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Russian-Federal-Border-Service-1kkk
Screenshots:
None
Threat Actors: Flexx
Victim Country: Russia
Victim Industry: Government Administration
Victim Organization: border service of the federal security service of the russian federation
Victim Site: ps.fsb.ru
Alleged Leak of Cryptocurrency Wallet Users Data
Category: Data Breach
Content: The threat actor claims to have leaked 10,000 cryptocurrency wallet seed phrases associated with BTC, SOL, and EVM-based wallets.
Date: 2026-03-16T04:59:24Z
Network: openweb
Published URL: https://darkforums.su/Thread-10-000-FREE-SEED-PHRASES-SOL-BTC-EVM
Screenshots:
None
Threat Actors: dolboebina
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized admin and shell access to an unidentified store
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin and shell access to an unidentified online store in UK.
Date: 2026-03-16T04:53:41Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278331/
Screenshots:
None
Threat Actors: Shopify
Victim Country: UK
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged breach of Badan Penyelenggara Jaminan Sosial Kesehatan (BPJS)
Category: Data Breach
Content: The threat actor claims to be leaked 447 Records from Badan Penyelenggara Jaminan Sosial Kesehatan (BPJS). The exposed data fields allegedly include Address, Name, Gender, DOB, ID and much more information.
Date: 2026-03-16T04:41:26Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-FRESH-bpjs-kalsel-org-Leaked
Screenshots:
None
Threat Actors: ZamXploit
Victim Country: Indonesia
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: badan penyelenggara jaminan sosial kesehatan (bpjs)
Victim Site: bpjs-kalsel.org
Alleged sale of unauthorized admin and shell access to unidentified store
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin and shell access to an unidentified online store in Canada.
Date: 2026-03-16T04:39:36Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278327/
Screenshots:
None
Threat Actors: Shopify
Victim Country: Canada
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized admin and shell access to unidentified store
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin and shell access to an unidentified online store in Canada.
Date: 2026-03-16T04:35:24Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278326/
Screenshots:
None
Threat Actors: Shopify
Victim Country: Canada
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized admin and shell access to an unidentified store in UK
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin and shell access to an unidentified online store in UK.
Date: 2026-03-16T04:34:16Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278325/
Screenshots:
None
Threat Actors: Shopify
Victim Country: UK
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
DEFACER INDONESIAN TEAM targets the website of Dino Di Basilio
Category: Defacement
Content: The group claims to have defaced the website of Dino Di Basilio.
Date: 2026-03-16T03:33:34Z
Network: telegram
Published URL: https://t.me/c/2433981896/1306
Screenshots:
None
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Italy
Victim Industry: Music
Victim Organization: dino di basilio
Victim Site: dinodibasilio.it
Alleged data breach of Iran International
Category: Data Breach
Content: The group claims to have leaked data belonging to more than 2,000 users of Iran International after allegedly gaining unauthorized access to the outlet’s messaging bot. The exposed data reportedly includes information from users who submitted videos, photos, and news through the platform.
Date: 2026-03-16T03:09:16Z
Network: telegram
Published URL: https://t.me/Separekorosh/6
Screenshots:
None
Threat Actors: Separekorosh
Victim Country: UK
Victim Industry: Broadcast Media
Victim Organization: iran international
Victim Site: iranintl.com
Z-BL4CK-H4T targets the website of Para-Puan
Category: Defacement
Content: The group claims to have defaced the website of Para-Puan
Date: 2026-03-16T03:05:00Z
Network: telegram
Published URL: https://t.me/c/3027611821/450
Screenshots:
None
Threat Actors: Z-BL4CK-H4T
Victim Country: Turkey
Victim Industry: Information Technology (IT) Services
Victim Organization: para-puan
Victim Site: para-puan.com
Alleged Sale of Root Access to Magento Shop in Australia
Category: Initial Access
Content: Threat actor claims to be selling root access to an Australia-based Magento e-commerce shop. The listing includes order statistics from 2023–2026 with payments reportedly processed via methods such as PayPal Express, bank transfer, and other gateways. The auction reportedly starts at USD 3,000 with a buy-now price of USD 6,000.
Date: 2026-03-16T02:51:16Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278399/
Screenshots:
None
Threat Actors: mullah
Victim Country: Australia
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of MTV Channel
Category: Data Breach
Content: The group claims to have breached data from MTV Channel
Date: 2026-03-16T02:49:33Z
Network: telegram
Published URL: https://t.me/hak994/5268
Screenshots:
None
Threat Actors: Fatimion cyber team
Victim Country: Lebanon
Victim Industry: Broadcast Media
Victim Organization: mtv lebanon
Victim Site: mtv.com.lb
TikusXploit targets the website of Clear Fonts Graphics Ltd
Category: Defacement
Content: The group claims to have taken down the website of Clear Fonts Graphics Ltd.
Date: 2026-03-16T02:26:39Z
Network: telegram
Published URL: https://t.me/bertahan1ci/47
Screenshots:
None
Threat Actors: TikusXploit
Victim Country: Unknown
Victim Industry: Printing
Victim Organization: clear fonts graphics ltd
Victim Site: clearfontsprint.com
DEFACER INDONESIAN TEAM targets the website of whatsapp2019.unblog.fr
Category: Defacement
Content: The group claims to have defaced the website of whatsapp2019.unblog.fr .
Date: 2026-03-16T02:04:06Z
Network: telegram
Published URL: https://t.me/c/2433981896/1305
Screenshots:
None
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: France
Victim Industry: Online Publishing
Victim Organization: Unknown
Victim Site: whatsapp2019.unblog.fr