[March-21-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report details a series of recent cyber incidents, providing key information for each event strictly based on the provided data. Over a 24-hour monitoring period spanning March 21 to March 22, 2026, 140 distinct cybersecurity incidents were recorded. The threat landscape is overwhelmingly dominated by the distribution of credential “Combo Lists,” highlighting a massive, ongoing campaign of credential harvesting and recycling targeting major technology providers. Furthermore, the period saw significant data breaches affecting government entities, telecommunications, and healthcare, alongside a persistent wave of politically or ideologically motivated website defacements.

2. Threat Landscape & Attack Categorization

The incidents observed can be classified into several primary categories, each representing different phases and methodologies of cybercriminal activity.

2.1 Credential Combo Lists (The Dominant Vector)

The vast majority of the recorded incidents involve the distribution of credential combolists on underground forums (primarily CrackingX) and Telegram channels.

Targeted Platforms: Major email providers are the primary targets. There were massive, repeated leaks targeting Microsoft’s Outlook and Hotmail services. Google’s Gmail was also explicitly targeted, with one list containing over 306,000 unique combinations. Yahoo accounts were targeted with lists exceeding 1.4 million and 1.9 million records.
Corporate & Regional Targeting: Threat actors did not solely focus on general consumers. HQcomboSpace leaked over 145,000 corporate email credentials. Furthermore, specific geographic targeting was evident, with multiple massive combolists specifically containing German (.de) domain credentials and German shopping site credentials.
Scale of Distribution: The volume of compromised records is staggering. Threat actor CODER distributed lists containing 12 million corporate credentials , 21 million SMTP credentials , and a massive list of 23 million mixed entries.

2.2 High-Impact Data Breaches & Leaks

Several high-profile organizations suffered alleged data breaches, resulting in the exposure of sensitive Personally Identifiable Information (PII), financial data, and internal corporate infrastructure.

Telecommunications: Threat actor Tanaka claimed to have breached Orange Romania, leaking customer records, source code, internal documents, and credit card details. A separate actor, PeakyBlinders, claimed a leak of 10.9 million records from Rogers Communications and Fido in Canada.
Healthcare & Pharmaceuticals: The LAPSUS-GROUP claimed to sell leaked data from UK-based AstraZeneca, reportedly containing Azure, AWS, and Terraform source code alongside employee data. In the US, actor uawrongteam claimed a breach of Healthcare.com and Pivot Health, exposing 2 million records including insurance details and password hashes. A medical record database from a Naval Hospital was also allegedly leaked by XZeeoneOfc.
Financial Services: Actor Blastoize claimed to have breached 243 million records from Brazilian financial protection service Credilink, exposing CPF numbers, income, and federal status records. Dedale Office claimed a leak of 7 million records from Santander Bank Mexico.
Government & International Bodies: Actor XZeeoneOfc claimed multiple breaches related to the United Nations, including the UN Committee on the Rights of the Child (CRC) and the Lebanon Crisis Response Plan (LCRP). NyxarGroup allegedly sold a dataset from Colombia’s national civil registry system.

2.3 Hacktivism and Website Defacement

Defacement campaigns remain a visible, though often lower-impact, form of cyber attack. These were heavily concentrated geographically and driven by specific groups.

konco Indonesian Team official: This group was highly active, defacing multiple global targets including the Graphic Design Association in Saudi Arabia , Depok City Government in Indonesia , and various educational and real estate sites.
Anti-Israel Campaigns: Several groups focused on Israeli infrastructure. GORZ ROSTAM defaced multiple Israeli businesses, including Sea Kayak Israel, Alumatt, and Even Niyar VeMisparayim. DieNet targeted the Open University of Israel , and VandaTheGod defaced Eventbuzz.
Shadow Cyber Indonesia: Focused primarily on the hospitality sector, defacing The Queeny Hotel and Hotel Citadel Surat in India, and the Embryo Hotel in Thailand.

2.4 Initial Access and Infrastructure Compromise

Beyond data theft, threat actors were observed selling or claiming initial access to sensitive networks.

Government Access: Threat actor ZvokxGustav claimed unauthorized administrative access to the Ministry of Health and Family Welfare portal in India. Another actor claimed administrator-level access to an Indonesian government system under the .go.id domain.
CCTV and Surveillance: The NetStrike group and the TFA Team claimed unauthorized access to multiple CCTV systems in the USA and Israel. A group named Guardium was also reported to have attacked CCTV cameras in Israel.
Corporate Access: Actor klatre was observed soliciting access to Office 365 accounts within valid corporate networks.

3. Key Threat Actor Profiles

CODER: A highly prolific distributor of credential combolists utilizing Telegram as a distribution network. They focus on massive volume, offering lists containing tens of millions of records (corporate, SMTP, mixed countries, and platforms like Facebook).
HQcomboSpace: A specialized combolist actor operating on the CrackingX forum. They focus on targeted datasets, particularly Yahoo credentials and European/German domains and corporate accounts.
Blackcloud: Another high-volume combolist distributor on the CrackingX forum, repeatedly releasing lists containing hundreds of thousands to millions of supposedly “ultra-high quality” (UHQ) records.
XZeeoneOfc: This actor focuses on high-value, institutional data leaks. Their targets during this period included United Nations divisions, naval hospital medical records, and environmental sector contact databases.
Dedale Office: This group targeted national and financial infrastructure, claiming leaks from Santander Mexico, Bangladesh Bank customers, and the Iraq National Security Database.

4. Conclusion and Strategic Assessment

The cyber incidents recorded between March 21 and 22, 2026, reveal a highly active and commoditized cybercriminal ecosystem. The sheer volume of combo lists being distributed for free on forums like CrackingX and via Telegram suggests that credential stuffing attacks will remain a persistent, high-volume threat against enterprise and consumer services. Organizations must prioritize Multi-Factor Authentication (MFA) to mitigate this risk.

Furthermore, the scale of alleged data breaches—ranging from telecommunications source code to sensitive UN planning documents and national registries—demonstrates that actors are actively seeking out misconfigurations, unpatched vulnerabilities, or compromised credentials to exfiltrate massive datasets.

Finally, the localized clusters of defacement and infrastructure attacks (particularly targeting Israel, Indonesia, and India) indicate that geopolitical tensions and regional hacktivism continue to drive a significant portion of surface-level cyber attacks. Security postures must account for both financially motivated data brokers and ideologically motivated disruptors.

Detected Incidents Draft Data

Alleged leak of Outlook and Hotmail credentials
Category: Combo List
Content: Actor karaokecloud leaked a combolist containing 2,770 Outlook and Hotmail email credentials on CrackingX forum. The credentials are being distributed as a free download.
Date: 2026-03-21T23:37:38Z
Network: openweb
Published URL: https://crackingx.com/threads/69421/
Screenshots:
None
Threat Actors: karaokecloud
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: outlook.com
Alleged leak of credential combolist containing 529K records
Category: Combo List
Content: Threat actor shared a fresh credential combolist containing 529,000 records described as ultra-high quality (UHQ) for free download on underground forum.
Date: 2026-03-21T23:19:25Z
Network: openweb
Published URL: https://crackingx.com/threads/69419/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of credential combolist containing 697K records
Category: Combo List
Content: A threat actor shared a fresh credential combolist containing 697,000 username and password combinations on a cybercriminal forum. The data is being distributed for free download.
Date: 2026-03-21T23:10:22Z
Network: openweb
Published URL: https://crackingx.com/threads/69418/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of credential combolist containing 812,000 records
Category: Combo List
Content: Threat actor shared a fresh credential combolist containing 812,000 records for free download on underground forum. The post advertises the credentials as ultra-high quality and recently obtained.
Date: 2026-03-21T23:00:07Z
Network: openweb
Published URL: https://crackingx.com/threads/69417/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of UHQ credential combolist
Category: Combo List
Content: Threat actor Blackcloud made available a fresh credential combolist containing 1.1 million records described as ULP UHQ FRESH for free download on CrackingX forum.
Date: 2026-03-21T22:50:54Z
Network: openweb
Published URL: https://crackingx.com/threads/69415/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of credential combolist containing 60,000 entries
Category: Combo List
Content: A threat actor shared a credential combolist containing 60,000 URL:username:password combinations on a cybercriminal forum. The data is made available for free download to registered forum users.
Date: 2026-03-21T22:50:18Z
Network: openweb
Published URL: https://crackingx.com/threads/69416/
Screenshots:
None
Threat Actors: Seaborg
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged distribution of credential combolist on CrackingX forum
Category: Combo List
Content: User Blackcloud allegedly distributed a high-quality credential combolist containing 2.8 million entries on the CrackingX forum. The post indicates the data is described as UHQ FRESH suggesting recent and high-quality credential pairs.
Date: 2026-03-21T22:41:05Z
Network: openweb
Published URL: https://crackingx.com/threads/69413/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unified Electricity Services Platform Database in Egypt
Category: Data Leak
Content: Threat Actor claims to be selling a database allegedly sourced from the Egyptian Unified Electricity Services Platform, containing approximately 1,900 records. The dataset reportedly includes usernames, phone numbers and passwords, full names, national ID numbers, IP addresses, and detailed user profile information such as nationality, account creation data, and device/browser details.
Date: 2026-03-21T22:41:00Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278869/
Screenshots:
None
Threat Actors: rythem
Victim Country: Egypt
Victim Industry: Energy & Utilities
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of credential combolist
Category: Combo List
Content: A threat actor shared a fresh credential combolist containing 2.7 million username and password combinations on a cybercriminal forum for free download.
Date: 2026-03-21T22:40:18Z
Network: openweb
Published URL: https://crackingx.com/threads/69414/
Screenshots:
None
Threat Actors: Blackcloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Credilink
Category: Data Breach
Content: The threat actor claims to have breached 243 millions of data from Credilink. The dataset reportedly contains personal and financial data, including CPF numbers, names, addresses, DOBs, emails, income, vehicle info, and federal status records.Note: it was previously breached by the threat actor Buddha on jan 22, 2025.
Date: 2026-03-21T22:30:20Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-Brazil-credilink-com-br-Financial-Protection-Services-Customers-243-Million
Screenshots:
None
Threat Actors: Blastoize
Victim Country: Brazil
Victim Industry: Financial Services
Victim Organization: credilink
Victim Site: credilink.com.br
Website defacement of FATEC São Paulo by Mizun0/RATMAN team
Category: Defacement
Content: The attacker Mizun0, associated with the RATMAN team, successfully defaced a subdomain of FATEC São Paulos website on March 22, 2026. The compromised system was running on Linux infrastructure.
Date: 2026-03-21T22:23:42Z
Network: openweb
Published URL: https://haxor.id/archive/mirror/248061
Screenshots:
None
Threat Actors: Mizun0, RATMAN
Victim Country: Brazil
Victim Industry: Education
Victim Organization: FATEC São Paulo
Victim Site: patrimonio.fatecsp.br
Alleged leak of German domain credentials combolist
Category: Combo List
Content: A threat actor shared a credentials combolist containing 959,432 lines of alleged German domain email and password combinations via a file-sharing service.
Date: 2026-03-21T22:23:19Z
Network: openweb
Published URL: https://crackingx.com/threads/69412/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Admin Access to Ministry of Health and Family Welfare Portal in India
Category: Initial Access
Content: Threat Actor claims to have obtained unauthorized administrative access, including login credentials, to the Ministry of Health and Family Welfare portal in India.
Date: 2026-03-21T22:16:06Z
Network: openweb
Published URL: https://darkforums.su/Thread-Ministry-of-Health-and-Family-Welfare-Free-Admin-Access
Screenshots:
None
Threat Actors: ZvokxGustav
Victim Country: India
Victim Industry: Government Administration
Victim Organization: ministry of health and family welfare
Victim Site: ncd.mohfw.gov.in
Alleged Data Breach of CSL Freight
Category: Data Breach
Content: A threat actor claims to be selling a database containing 2,366 user records along with admin access to the website of CSL Freight. The leaked data reportedly includes user details such as names, emails, phone numbers, and client-related information, along with backend access.
Date: 2026-03-21T22:06:11Z
Network: openweb
Published URL: https://darkforums.su/Thread-CSL-Freight-2366-Users-Database-Website-Access-Admin-by-Zvok-x-Gustav
Screenshots:
None
Threat Actors: ZvokxGustav
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
konco Indonesian Team official targets the website of velqip.com
Category: Defacement
Content: The group claims to have defaced the website of velqip.com
Date: 2026-03-21T22:00:13Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: velqip.com
konco Indonesian Team official targets the website of Graphic Design Association
Category: Defacement
Content: The group claims to have defaced the website of Graphic Design Association.
Date: 2026-03-21T21:57:27Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: Saudi Arabia
Victim Industry: Non-profit & Social Organizations
Victim Organization: graphic design association
Victim Site: gda.org.sa
Alleged leak of mixed email-password combolist
Category: Combo List
Content: A threat actor shared a combolist containing 170,000 email and password combinations described as fresh and high quality. The credentials appear to be from mixed sources and are being distributed for free download.
Date: 2026-03-21T21:56:31Z
Network: openweb
Published URL: https://crackingx.com/threads/69409/
Screenshots:
None
Threat Actors: steeve75
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a combolist containing 317,232 credentials specifically targeting Hotmail.com email accounts. The data was made available as a free download on a cybercriminal forum.
Date: 2026-03-21T21:56:13Z
Network: openweb
Published URL: https://crackingx.com/threads/69410/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
HellR00ters Team targets the website of Prefeitura Municipal de Macaíba
Category: Defacement
Content: The group claims to have defaced the website of Prefeitura Municipal de Macaíba.
Date: 2026-03-21T21:55:28Z
Network: telegram
Published URL: https://t.me/c/2758066065/1153
Screenshots:
None
Threat Actors: HellR00ters Team
Victim Country: Brazil
Victim Industry: Government Administration
Victim Organization: prefeitura municipal de macaíba
Victim Site: antigo.macaiba.rn.gov.br
konco Indonesian Team official targets the website of Skills PTE Academic
Category: Defacement
Content: The group claims to have defaced the website of Skills PTE Academic.
Date: 2026-03-21T21:53:54Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: India
Victim Industry: Education
Victim Organization: skills pte academic
Victim Site: skillsproai.com
Alleged Data Breach of OkayHai
Category: Data Breach
Content: Threat Actor claims to have breached the database of OkayHai in Pakistan, containing approximately 3,500 records. The dataset reportedly includes information such as names, email addresses, contact details, dates of birth, income data, and status indicator.
Date: 2026-03-21T21:52:54Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Pakistan-okayhai-com-is-an-online-store-3-5k-for-you
Screenshots:
None
Threat Actors: blackwinter99
Victim Country: Pakistan
Victim Industry: E-commerce & Online Stores
Victim Organization: okayhai
Victim Site: okayhai.com
Alleged Data Leak of Rogers Communications & Fido
Category: Data Leak
Content: A threat actor claims to be selling a database containing 10.9 million records allegedly sourced from Rogers Communications and its subsidiary Fido. The dataset include mobile-related data, with samples provided.
Date: 2026-03-21T21:44:36Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278868/
Screenshots:
None
Threat Actors: PeakyBlinders
Victim Country: Canada
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown
konco Indonesian Team official targets the website of Baitengfei Tech
Category: Defacement
Content: The group claims to have defaced the website of Baitengfei Tech.
Date: 2026-03-21T21:44:14Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: China
Victim Industry: E-commerce & Online Stores
Victim Organization: baitengfei tech
Victim Site: baitengfei.com
konco Indonesian Team official targets the website of Skademy
Category: Defacement
Content: The group claims to have defaced the website of Skademy
Date: 2026-03-21T21:40:53Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: Unknown
Victim Industry: E-Learning
Victim Organization: skademy
Victim Site: skademy.com/googleb06d891fe6196a69.html
konco Indonesian Team official targets the website of South Delhi Flats
Category: Defacement
Content: The group claims to have defaced the website of South Delhi Flats.
Date: 2026-03-21T21:38:36Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: Unknown
Victim Industry: Real Estate
Victim Organization: south delhi flats
Victim Site: southdelhiflats.com
Alleged data leak of USA 133K
Category: Data Leak
Content: The threat actor claims to have leaked a database containing approximately 133k records from the United States. The exposed dataset reportedly includes email addresses and password combinations.
Date: 2026-03-21T21:36:42Z
Network: openweb
Published URL: https://xss.pro/threads/146541/
Screenshots:
None
Threat Actors: Immanuel_Kant
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
konco Indonesian Team official targets the website of Depok City Government
Category: Defacement
Content: The group claims to have defaced the website of Depok City Government.
Date: 2026-03-21T21:33:53Z
Network: telegram
Published URL: https://t.me/c/3807888281/187
Screenshots:
None
Threat Actors: konco Indonesian Team official
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: depok city government
Victim Site: helpdesk.depok.go.id
Website defacement of South Delhi Flats by VOID2401/ANTI VOID team
Category: Defacement
Content: The attacker VOID2401 from the ANTI VOID team defaced the South Delhi Flats real estate website on March 22, 2026. The incident targeted a single page rather than being part of a mass defacement campaign.
Date: 2026-03-21T21:30:13Z
Network: openweb
Published URL: https://haxor.id/archive/mirror/248060
Screenshots:
None
Threat Actors: VOID2401, ANTI VOID
Victim Country: India
Victim Industry: Real Estate
Victim Organization: South Delhi Flats
Victim Site: southdelhiflats.com
Alleged leak of Hotmail credentials on CrackingX forum
Category: Combo List
Content: A threat actor named ValidMail allegedly leaked a combolist containing 41,000 Hotmail credentials on the CrackingX forum. The credentials are claimed to be valid and sourced from forums.
Date: 2026-03-21T21:27:39Z
Network: openweb
Published URL: https://crackingx.com/threads/69408/
Screenshots:
None
Threat Actors: ValidMail
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of credential logs collection
Category: Combo List
Content: A threat actor shared a 3GB collection of private credential logs through a file sharing service. The logs are distributed freely via Mega.nz with password access provided through a Telegram channel.
Date: 2026-03-21T21:09:39Z
Network: openweb
Published URL: https://crackingx.com/threads/69407/
Screenshots:
None
Threat Actors: maicolpg19
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Shadow Cyber Indonesia targets the website of The Queeny Hotel
Category: Defacement
Content: The group claims to have defaced the website of The Queeny Hotel.
Date: 2026-03-21T20:42:31Z
Network: telegram
Published URL: https://t.me/Shadow_Cyber_Indonesia/7
Screenshots:
None
Threat Actors: Shadow Cyber Indonesia
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: the queeny hotel
Victim Site: thequeeny.com
Alleged data leak of European corporate data
Category: Combo List
Content: Threat actor Immanuel_Kant shared European corporate data for free download on CrackingX forum, requesting additional data requests from users.
Date: 2026-03-21T20:27:34Z
Network: openweb
Published URL: https://crackingx.com/threads/69405/
Screenshots:
None
Threat Actors: Immanuel_Kant
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of US credentials combolist
Category: Combo List
Content: Threat actor Immanuel_Kant leaked a combolist containing 133,000 US email and password combinations for free download on CrackingX forum.
Date: 2026-03-21T20:27:15Z
Network: openweb
Published URL: https://crackingx.com/threads/69406/
Screenshots:
None
Threat Actors: Immanuel_Kant
Victim Country: United States
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Shadow Cyber Indonesia targets the website of Embryo Hotel
Category: Defacement
Content: The group claims to have defaced the website of Embryo Hotel.
Date: 2026-03-21T20:18:00Z
Network: telegram
Published URL: https://t.me/Shadow_Cyber_Indonesia/5
Screenshots:
None
Threat Actors: Shadow Cyber Indonesia
Victim Country: Thailand
Victim Industry: Hospitality & Tourism
Victim Organization: embryo hotel
Victim Site: embryohotel.com
Shadow Cyber Indonesia targets the website of Hotel Citadel Surat
Category: Defacement
Content: The group claims to have defaced the website of Hotel Citadel Surat
Date: 2026-03-21T20:16:35Z
Network: telegram
Published URL: https://t.me/Shadow_Cyber_Indonesia/6
Screenshots:
None
Threat Actors: Shadow Cyber Indonesia
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: hotel citadel surat
Victim Site: hotelcitadelsurat.com
Fatimion cyber team claims to Lebanon and Iraq
Category: Alert
Content: A recent post by the group indicates that theyre targeting Lebanon and Iraq.
Date: 2026-03-21T20:10:22Z
Network: telegram
Published URL: https://t.me/hak994/5435
Screenshots:
None
Threat Actors: Fatimion cyber team
Victim Country: Lebanon
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Yahoo credentials combolist
Category: Combo List
Content: A threat actor shared a combolist containing 712,987 Yahoo credential combinations via a cloud storage link. The actor claims these are fresh leaks targeting Yahoo streaming services.
Date: 2026-03-21T20:08:42Z
Network: openweb
Published URL: https://crackingx.com/threads/69404/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Yahoo
Victim Site: yahoo.com
Cardinal claims to target UK
Category: Alert
Content: A recent post by the group indicates that they are targeting UK.
Date: 2026-03-21T20:02:48Z
Network: telegram
Published URL: https://t.me/c/2869875394/392
Screenshots:
None
Threat Actors: Cardinal
Victim Country: UK
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Indonesian Government System
Category: Initial Access
Content: A threat actor claims to have obtained administrator-level access to an Indonesian government system under the .go.id domain. The shared screenshots appear to display internal dashboards, administrative panels, and sensitive operational data, suggesting potential unauthorized access to government-managed platforms.
Date: 2026-03-21T20:01:46Z
Network: telegram
Published URL: https://t.me/CinCauGhast405/32
Screenshots:
None
Threat Actors: CinCauGhast
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: go.id
Alleged distribution of mixed country credential combolists
Category: Combo List
Content: Threat actor CODER is distributing free credential combolists containing mixed country accounts for various services including Twitter, cryptocurrency platforms, Facebook ads and other services through Telegram channels.
Date: 2026-03-21T19:45:09Z
Network: openweb
Published URL: https://crackingx.com/threads/69403/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of BDK Travel & Tourism L.L.C
Category: Defacement
Content: The group claims to have defaced the website of BDK Travel & Tourism L.L.C.
Date: 2026-03-21T19:36:09Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/295
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: UAE
Victim Industry: Hospitality & Tourism
Victim Organization: bdk travel & tourism l.l.c
Victim Site: portal.bdktravels.com
Alleged leak of crypto-banking credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing 1.235 million credentials allegedly targeting crypto-banking platforms through a file sharing service.
Date: 2026-03-21T19:34:39Z
Network: openweb
Published URL: https://crackingx.com/threads/69402/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Gmail credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing 306,250 unique Gmail email and password combinations on a cybercriminal forum.
Date: 2026-03-21T19:12:03Z
Network: openweb
Published URL: https://crackingx.com/threads/69401/
Screenshots:
None
Threat Actors: UniqueCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Google
Victim Site: gmail.com
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a combolist containing 1,600 Hotmail email credentials with alleged full email access validation dated March 21st.
Date: 2026-03-21T18:33:25Z
Network: openweb
Published URL: https://crackingx.com/threads/69398/
Screenshots:
None
Threat Actors: MailAccesss
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of mixed country credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing 60,000 mixed country credentials on a cybercrime forum. The content is hidden and only available to registered users of the forum.
Date: 2026-03-21T18:32:10Z
Network: openweb
Published URL: https://crackingx.com/threads/69399/
Screenshots:
None
Threat Actors: RandomUpload
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Mass defacement targeting Indonesian government site by Death Networks (Kize1337)
Category: Defacement
Content: The Death Networks group, through attacker Kize1337, conducted a mass defacement campaign targeting the Indonesian Religious Court of Kendal website. This attack was part of a broader mass defacement operation affecting multiple sites.
Date: 2026-03-21T18:15:02Z
Network: openweb
Published URL: https://haxor.id/archive/mirror/248059
Screenshots:
None
Threat Actors: Kize1337, Death Networks
Victim Country: Indonesia
Victim Industry: Government
Victim Organization: Religious Court of Kendal
Victim Site: www.pa-kendal.go.id
VandaTheGod targets the website of Eventbuzz
Category: Defacement
Content: The group claims to have defaced the website of Eventbuzz.
Date: 2026-03-21T18:00:47Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41611334
Screenshots:
None
Threat Actors: VandaTheGod
Victim Country: Israel
Victim Industry: Events Services
Victim Organization: eventbuzz
Victim Site: cdnpad.eventbuzz.co.il
Alleged leak of Target Germany credentials
Category: Combo List
Content: A threat actor shared a combolist containing 108,184 credentials allegedly associated with Target Germany customers. The data is being distributed for free via a file sharing platform.
Date: 2026-03-21T17:58:01Z
Network: openweb
Published URL: https://crackingx.com/threads/69397/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Retail
Victim Organization: Target
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a link to what appears to be a fresh collection of Hotmail credentials on a cybercriminal forum. The data is being made available for free download through an external paste service.
Date: 2026-03-21T17:49:42Z
Network: openweb
Published URL: https://crackingx.com/threads/69395/
Screenshots:
None
Threat Actors: viqhiboy2001
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
BABAYO EROR SYSTEM targets the website of RFontes
Category: Defacement
Content: The group claims to have defaced the website of RFontes.
Date: 2026-03-21T17:48:07Z
Network: telegram
Published URL: https://t.me/BabayoErorSyteam/295
Screenshots:
None
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Brazil
Victim Industry: Marketing, Advertising & Sales
Victim Organization: rfontes
Victim Site: actus.rfontes.com
Alleged leak of mixed domain credential list
Category: Combo List
Content: A credential list containing 8,414 lines targeting mixed domains was leaked and made available for download via a file sharing service.
Date: 2026-03-21T17:24:49Z
Network: openweb
Published URL: https://crackingx.com/threads/69394/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed email credentials combolist
Category: Combo List
Content: User alphaxdd shared a combolist containing 3,955 mixed email credentials including Hotmail accounts for free download on March 21, 2026.
Date: 2026-03-21T17:16:23Z
Network: openweb
Published URL: https://crackingx.com/threads/69393/
Screenshots:
None
Threat Actors: alphaxdd
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a combolist containing 950 Hotmail email and password combinations on a cybercriminal forum. The credentials are described as fresh and high quality.
Date: 2026-03-21T17:00:15Z
Network: openweb
Published URL: https://crackingx.com/threads/69390/
Screenshots:
None
Threat Actors: KiwiShio
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of Hotmail credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing 1,000 allegedly valid Hotmail email credentials through a file sharing service. The credentials are being distributed for free on a cybercriminal forum.
Date: 2026-03-21T16:59:37Z
Network: openweb
Published URL: https://crackingx.com/threads/69391/
Screenshots:
None
Threat Actors: Kommander0
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
GORZ ROSTAM targets the website of Sea Kayak Israel
Category: Defacement
Content: The group claims to have defaced the website of Sea Kayak Israel.
Date: 2026-03-21T16:53:13Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41611309
Screenshots:
None
Threat Actors: GORZ ROSTAM
Victim Country: Israel
Victim Industry: Recreational Facilities & Services
Victim Organization: sea kayak israel
Victim Site: seakayak.co.il
Alleged Sale of Documents from Asian and South American Countries
Category: Data Leak
Content: Threat Actor claims to be selling a large number of documents originating from various countries in Asia and South America.
Date: 2026-03-21T16:52:19Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/278853/
Screenshots:
None
Threat Actors: LOGS_KING
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed email credentials combolist
Category: Combo List
Content: Threat actor klyne05 distributed a mixed email combolist described as private, fresh, and checked credentials on a cybercriminal forum.
Date: 2026-03-21T16:35:51Z
Network: openweb
Published URL: https://crackingx.com/threads/69388/
Screenshots:
None
Threat Actors: klyne05
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing 1,845 allegedly valid Hotmail email and password combinations on a cybercrime forum. The credentials are described as premium hits from private cloud sources with mixed email types.
Date: 2026-03-21T16:35:12Z
Network: openweb
Published URL: https://crackingx.com/threads/69389/
Screenshots:
None
Threat Actors: alphaxdd
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
GORZ ROSTAM targets the website of Alumatt
Category: Defacement
Content: The group claims to have defaced the website of Alumatt.
Date: 2026-03-21T16:25:28Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41611302?hz=1
Screenshots:
None
Threat Actors: GORZ ROSTAM
Victim Country: Israel
Victim Industry: Manufacturing & Industrial Products
Victim Organization: alumatt
Victim Site: alumatt.co.il
GORZ ROSTAM targets the website of Even Niyar VeMisparayim
Category: Defacement
Content: The group claims to have defaced the website of Even Niyar VeMisparayim.
Date: 2026-03-21T16:18:22Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41611301?hz=1
Screenshots:
None
Threat Actors: GORZ ROSTAM
Victim Country: Israel
Victim Industry: Events Services
Victim Organization: even niyar vemisparayim
Victim Site: evenniar.co.il
GORZ ROSTAM targets the website of Tuv Haaretz Adei Ad Ltd
Category: Defacement
Content: The group claims to have defaced the website of Tuv Haaretz Adei Ad Ltd.
Date: 2026-03-21T16:12:12Z
Network: openweb
Published URL: https://www.zone-h.org/mirror/id/41611300
Screenshots:
None
Threat Actors: GORZ ROSTAM
Victim Country: Israel
Victim Industry: Retail Industry
Victim Organization: tuv haaretz adei ad ltd
Victim Site: tuv-haaretz.co.il
Alleged distribution of Facebook credential combolists via Telegram
Category: Combo List
Content: Threat actor CODER is distributing Facebook credential combolists for free through Telegram channels, along with associated programs for credential stuffing attacks.
Date: 2026-03-21T16:09:32Z
Network: openweb
Published URL: https://crackingx.com/threads/69387/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Social Media
Victim Organization: Facebook
Victim Site: facebook.com
Alleged data leak of Santander bank Mexico
Category: Data Leak
Content: The group claims to have leaked 7 millions of data from Santander bank Mexico. The exposed dataset reportedly includes Social Security Number or ID, Address Line 1, Address Line 2, Municipality or District, State, City, ZIP/Postal Code, Area Code 1, Phone Number 1, Area Code 2, Phone Number 2, Name, Tax ID (RFC), Record Creation Date.
Date: 2026-03-21T15:57:56Z
Network: telegram
Published URL: https://t.me/DedaleOffice/1180
Screenshots:
None
Threat Actors: Dedale Office
Victim Country: Mexico
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Yahoo credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing approximately 1.9 million credential pairs allegedly targeting Yahoo users. The data is being distributed for free via a file sharing platform.
Date: 2026-03-21T15:53:07Z
Network: openweb
Published URL: https://crackingx.com/threads/69386/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Yahoo
Victim Site: yahoo.com
Alleged data leak of Bangladesh Bank Customers Data
Category: Data Leak
Content: The group claims to have leaked 100,677 of data from Bangladesh Bank Customers Data. The exposed dataset reportedly includes Prefix FullName FatherName MotherName DOB Age MailingAddr ContactNo PermanentAddr HomeDivision HomeDist HomeUpazila Quota PositionSLNo LastAppDate AdmitSLNo Qualified PostDateTime Email.
Date: 2026-03-21T15:52:42Z
Network: telegram
Published URL: https://t.me/DedaleOffice/1177
Screenshots:
None
Threat Actors: Dedale Office
Victim Country: Bangladesh
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials and mixed account data
Category: Combo List
Content: Threat actor noir shared what appears to be a collection of valid Hotmail credentials and mixed account data through their Telegram channel. The post indicates high-quality validated credential lists are being distributed.
Date: 2026-03-21T15:43:35Z
Network: openweb
Published URL: https://crackingx.com/threads/69385/
Screenshots:
None
Threat Actors: noir
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged data leak of Iraq National Security Database
Category: Data Leak
Content: The group claims to have leaked 6.1 GB of data from Iraq National Security Database. The exposed dataset reportedly includes Full Name, City, Date of birth, national ID, National office ID, document number, very detailed address and other ID number.
Date: 2026-03-21T15:38:45Z
Network: telegram
Published URL: https://t.me/DedaleOffice/1176
Screenshots:
None
Threat Actors: Dedale Office
Victim Country: Iraq
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to multiple CCTV systems from USA and Israel
Category: Initial Access
Content: The group claims to have gained unauthorized access to multiple CCTV systems from USA and Israel.
Date: 2026-03-21T15:36:55Z
Network: telegram
Published URL: https://t.me/netstrikegroup/45
Screenshots:
None
Threat Actors: NetStrike
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Russian email credentials
Category: Combo List
Content: A forum user shared access to 5,700 Russian email credentials dated March 21st. The credentials are described as valid mail access and appear to be made available for free to registered forum users.
Date: 2026-03-21T15:35:01Z
Network: openweb
Published URL: https://crackingx.com/threads/69384/
Screenshots:
None
Threat Actors: MailAccesss
Victim Country: Russia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed email credentials from multiple domains
Category: Combo List
Content: A threat actor shared a combolist containing 4,437 email credentials from mixed domains including Polish and French origins. The credentials are being distributed as a free download on a cybercriminal forum.
Date: 2026-03-21T15:25:51Z
Network: openweb
Published URL: https://crackingx.com/threads/69382/
Screenshots:
None
Threat Actors: karaokecloud
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Japanese military access credentials
Category: Combo List
Content: A threat actor shared 2,300 allegedly valid military access credentials from Japan dated March 21st on an underground forum.
Date: 2026-03-21T15:25:17Z
Network: openweb
Published URL: https://crackingx.com/threads/69383/
Screenshots:
None
Threat Actors: MailAccesss
Victim Country: Japan
Victim Industry: Military/Defense
Victim Organization: Unknown
Victim Site: Unknown
Alleged SMS OTP bypass service offering
Category: Initial Access
Content: RatelSMS advertises an SMS receiving service for OTP bypass with multiple countries and services available at low prices. No post content was available for detailed analysis.
Date: 2026-03-21T15:16:43Z
Network: openweb
Published URL: https://crackingx.com/threads/69374/
Screenshots:
None
Threat Actors: RatelSMS
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged solicitation for Office 365 access on corporate networks
Category: Initial Access
Content: Threat actor soliciting access to Office 365 accounts within valid corporate networks, requesting private and unique materials from sellers.
Date: 2026-03-21T15:15:59Z
Network: openweb
Published URL: https://crackingx.com/threads/69381/
Screenshots:
None
Threat Actors: klatre
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed country credential combolist
Category: Combo List
Content: A threat actor leaked a combolist containing 1,883,302 credentials from mixed countries via a free download link on a file sharing platform.
Date: 2026-03-21T15:08:18Z
Network: openweb
Published URL: https://crackingx.com/threads/69378/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed email credentials combolist
Category: Combo List
Content: A threat actor shared a combolist containing 22,000 valid email credentials from mixed sources dated March 21st. The credentials are being distributed for free to registered forum users.
Date: 2026-03-21T15:07:59Z
Network: openweb
Published URL: https://crackingx.com/threads/69379/
Screenshots:
None
Threat Actors: MailAccesss
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of German email credentials
Category: Combo List
Content: A threat actor shared a combolist containing 90,000 German email credentials dated March 21st on an underground forum.
Date: 2026-03-21T14:59:01Z
Network: openweb
Published URL: https://crackingx.com/threads/69375/
Screenshots:
None
Threat Actors: MailAccesss
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a sample combolist containing 1,074 Hotmail credentials on a cybercrime forum. The credentials appear to be distributed as a free download.
Date: 2026-03-21T14:41:20Z
Network: openweb
Published URL: https://crackingx.com/threads/69373/
Screenshots:
None
Threat Actors: HollowKnight07
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of email credentials combolist
Category: Combo List
Content: Forum post claims to offer 33,000 valid email credentials through hidden content available to registered users, with additional access via private Telegram contact.
Date: 2026-03-21T14:32:10Z
Network: openweb
Published URL: https://crackingx.com/threads/69372/
Screenshots:
None
Threat Actors: TeraCloud1
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Kramnycja
Category: Data Breach
Content: The threat actor claims to have breached data from Kramnycja.
Date: 2026-03-21T14:25:47Z
Network: telegram
Published URL: https://t.me/QuietSecurity/12
Screenshots:
None
Threat Actors: QuietSec
Victim Country: Ukraine
Victim Industry: Food Production
Victim Organization: kramnycja
Victim Site: kramnytsia.com
Alleged leak of Hotmail credentials on cybercriminal forum
Category: Combo List
Content: A threat actor shared a combolist containing 41,000 Hotmail email credentials on a cybercriminal forum. The post indicates these are valid credentials sourced from forums.
Date: 2026-03-21T14:15:49Z
Network: openweb
Published URL: https://crackingx.com/threads/69371/
Screenshots:
None
Threat Actors: ValidMail
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged cyberattack targeting CCTV cameras in Israel
Category: Cyber Attack
Content: A threat group named Guardium has reportedly carried out cyberattack on CCTV cameras in Israel.
Date: 2026-03-21T14:03:16Z
Network: telegram
Published URL: https://t.me/cyberbannews_ir/20690?single
Screenshots:
None
Threat Actors:
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Gmail credentials combolist
Category: Combo List
Content: Forum post claims to offer a combolist containing 304,334 unique Gmail email and password combinations from 2026. The actual content is hidden behind registration requirements.
Date: 2026-03-21T13:59:19Z
Network: openweb
Published URL: https://crackingx.com/threads/69370/
Screenshots:
None
Threat Actors: UniqueCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Google
Victim Site: gmail.com
Alleged data breach of French Scrabble Federation
Category: Data Breach
Content: The threat actor claims to have breached 1,498,871 lines of data from the Fédération Française de Scrabble, allegedly containing title, last name, first name, date of birth, address, postal code, city, phone number, and email.
Date: 2026-03-21T13:36:42Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-FR-FF-SCRABBLE
Screenshots:
None
Threat Actors: kazutlg
Victim Country: France
Victim Industry: Non-profit & Social Organizations
Victim Organization: french scrabble federation
Victim Site: ffscrabble.fr
Alleged leak of Yahoo credentials
Category: Combo List
Content: A threat actor shared a combolist containing over 1.46 million credential pairs specifically targeting Yahoo domain accounts. The data was made available for free download via a file sharing service.
Date: 2026-03-21T13:34:03Z
Network: openweb
Published URL: https://crackingx.com/threads/69369/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Yahoo
Victim Site: yahoo.com
Alleged leak of Hotmail credentials
Category: Combo List
Content: Threat actor claims to have leaked 2,100 fresh Hotmail credentials in a combolist format. The credentials are described as high quality and recently obtained.
Date: 2026-03-21T13:24:52Z
Network: openweb
Published URL: https://crackingx.com/threads/69368/
Screenshots:
None
Threat Actors: Lexser
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of mixed country credential combolist
Category: Combo List
Content: A threat actor shared a combolist containing approximately 2.4 million credentials from mixed countries through a file sharing service. The credentials are described as high quality and originate from multiple geographic regions.
Date: 2026-03-21T12:58:39Z
Network: openweb
Published URL: https://crackingx.com/threads/69365/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: A threat actor shared a combolist containing 13,000 allegedly valid Hotmail email credentials through a Pastebin-style service on a cybercriminal forum.
Date: 2026-03-21T12:57:59Z
Network: openweb
Published URL: https://crackingx.com/threads/69367/
Screenshots:
None
Threat Actors: Cir4d
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of Comcast, AT&T, and Hotmail credential lists
Category: Combo List
Content: Threat actor CODER is distributing credential lists containing approximately 3.8 million accounts from Comcast, AT&T, and Hotmail through Telegram channels. The actor is offering free access to these combolists and associated cracking tools via dedicated Telegram groups.
Date: 2026-03-21T11:38:11Z
Network: openweb
Published URL: https://crackingx.com/threads/69363/
Screenshots:
None
Threat Actors: CODER
Victim Country: United States
Victim Industry: Telecommunications
Victim Organization: Comcast, AT&T, Microsoft
Victim Site: comcast.net, att.net, hotmail.com
Alleged Sale of Unauthorized Admin Panel Access to frostdigi
Category: Initial Access
Content: The threat actor claims to be selling Unauthorized Admin Panel Access to frostdigi
Date: 2026-03-21T11:33:02Z
Network: telegram
Published URL: https://t.me/kittysearchnews/236
Screenshots:
None
Threat Actors: Kitty Search
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: frostdigi
Victim Site: frostdigi.ai
Alleged leak of corporate email credentials
Category: Combo List
Content: A threat actor shared a combolist containing 145,744 corporate email and password combinations through a file hosting service. The credentials appear to target corporate email accounts across various organizations.
Date: 2026-03-21T11:23:20Z
Network: openweb
Published URL: https://crackingx.com/threads/69362/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Ion Creangă State Pedagogical University of Chișinău
Category: Data Breach
Content: Group claims to have leaked data from Ion Creangă State Pedagogical University of Chișinău
Date: 2026-03-21T11:14:38Z
Network: telegram
Published URL: https://t.me/c/3731684343/3721
Screenshots:
None
Threat Actors: Escanors Files
Victim Country: Moldova
Victim Industry: Education
Victim Organization: ion creangă state pedagogical university of chișinău
Victim Site: upsc.md
Alleged leak of mixed email credentials combolist
Category: Combo List
Content: Threat actor claims to have leaked a mixed combolist containing 2,100 email credentials with access capabilities.
Date: 2026-03-21T11:13:29Z
Network: openweb
Published URL: https://crackingx.com/threads/69360/
Screenshots:
None
Threat Actors: Cl0ud0wner
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credential combolist
Category: Combo List
Content: Threat actor claims to have leaked a combolist containing 2,400 Hotmail email credentials on a cybercrime forum.
Date: 2026-03-21T11:12:11Z
Network: openweb
Published URL: https://crackingx.com/threads/69361/
Screenshots:
None
Threat Actors: Cl0ud0wner
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of mixed email credentials combolist
Category: Combo List
Content: Actor shared a combolist containing 11.1k mixed email credentials through a private cloud service.
Date: 2026-03-21T10:55:17Z
Network: openweb
Published URL: https://crackingx.com/threads/69359/
Screenshots:
None
Threat Actors: Cl0ud0wner
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credential lists
Category: Combo List
Content: A threat actor shared 459 fresh Hotmail credential combinations organized by country. The credentials are being distributed as free downloads in combolist format.
Date: 2026-03-21T10:47:58Z
Network: openweb
Published URL: https://crackingx.com/threads/69358/
Screenshots:
None
Threat Actors: Hotmail Cloud
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged data leak of fast-anime
Category: Data Leak
Content: The group claims to have leaked data from fast-anime
Date: 2026-03-21T10:40:24Z
Network: telegram
Published URL: https://t.me/c/3731684343/3748
Screenshots:
None
Threat Actors: Escanors Files
Victim Country: Russia
Victim Industry: Entertainment & Movie Production
Victim Organization: fast-anime
Victim Site: fast-anime.ru
Alleged leak of Hotmail credential combolist containing 1.5 million records
Category: Combo List
Content: A threat actor shared a combolist containing 1,508,481 alleged Hotmail email and password combinations via a file sharing service. The credentials are being distributed for free on a cybercrime forum.
Date: 2026-03-21T10:32:50Z
Network: openweb
Published URL: https://crackingx.com/threads/69357/
Screenshots:
None
Threat Actors: BestCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of Hotmail credentials
Category: Combo List
Content: Forum user HollowKnight07 shared a sample of 935 Hotmail credentials as a free download on CrackingX forum.
Date: 2026-03-21T10:16:11Z
Network: openweb
Published URL: https://crackingx.com/threads/69356/
Screenshots:
None
Threat Actors: HollowKnight07
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged Data Breach of Healthcare.com
Category: Data Breach
Content: The threat actor claims to have leaked 2 million data from Healthcare.com and Pivot Health, which are reportedly connected platforms. The exposed dataset allegedly includes user profiles, leads, and additional S3-stored data, containing personal and sensitive information such as names, emails, addresses, insurance details, and password hashes.
Date: 2026-03-21T10:15:54Z
Network: openweb
Published URL: https://forum.exploit.in/topic/278837/
Screenshots:
None
Threat Actors: uawrongteam
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: healthcare.com
Victim Site: healthcare.com
Alleged distribution of credential combolist containing 23 million entries
Category: Combo List
Content: Threat actor CODER is distributing a credential combolist containing 23 million entries through Telegram channels, advertising it as good quality credentials.
Date: 2026-03-21T10:07:53Z
Network: openweb
Published URL: https://crackingx.com/threads/69355/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unidentified PrestaShop E-commerce site data from Vietnam
Category: Data Breach
Content: The threat actor claims to be selling a database allegedly containing information on over 190,000 users from a PrestaShop-based clothing and accessories website in Vietnam.
Date: 2026-03-21T10:04:15Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-Vietnam-database-with-over-190-000-users
Screenshots:
None
Threat Actors: Tamnaamm
Victim Country: Vietnam
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged data sale of PrestaShop
Category: Data Breach
Content: The threat actor claims to be selling over 190,000 user records allegedly stolen from PrestaShop.
Date: 2026-03-21T09:54:29Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-Vietnam-database-with-over-190-000-users
Screenshots:
None
Threat Actors: Tamnaamm
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of mixed email credential list
Category: Combo List
Content: A threat actor shared a mixed email credential list containing 6,950 entries for free download on an underground forum.
Date: 2026-03-21T09:36:21Z
Network: openweb
Published URL: https://crackingx.com/threads/69353/
Screenshots:
None
Threat Actors: NotSellerxd
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credential combolist
Category: Combo List
Content: Actor distributes a combolist containing 1,800 Hotmail email credentials through a Telegram channel, claiming the credentials are fresh and valid with daily updates.
Date: 2026-03-21T09:36:03Z
Network: openweb
Published URL: https://crackingx.com/threads/69354/
Screenshots:
None
Threat Actors: Kokos2846q
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged Data Breach of United Nations Human Rights
Category: Data Breach
Content: The threat actor claims to have leaked data related to the United Nations Committee on the Rights of the Child (CRC). The exposed dataset reportedly includes country-level reports, recommendations, and structured documentation derived from official UN human rights records.
Date: 2026-03-21T09:23:26Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Committee-on-the-Rights-of-the-Child-CRC
Screenshots:
None
Threat Actors: XZeeoneOfc
Victim Country: Switzerland
Victim Industry: Human Resources
Victim Organization: united nations human rights
Victim Site: ohchr.org
Alleged leak of German domain credentials combolist
Category: Combo List
Content: A combolist containing 994,447 credential pairs targeting German (.de) domains was made available for free download on a cybercriminal forum.
Date: 2026-03-21T09:06:22Z
Network: openweb
Published URL: https://crackingx.com/threads/69352/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Gmail credential combolist containing 300,000+ accounts
Category: Combo List
Content: A threat actor posted a Gmail credential combolist containing 300,764 unique email:password combinations from 2026 on a cybercriminal forum. The credentials are being distributed as a free download to forum members.
Date: 2026-03-21T08:50:58Z
Network: openweb
Published URL: https://crackingx.com/threads/69350/
Screenshots:
None
Threat Actors: UniqueCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Google
Victim Site: gmail.com
Alleged data breach of United Nations Lebanon
Category: Data Breach
Content: The threat actor claims to have leaked data from the United Nations Lebanon Lebanon Crisis Response Plan – LCRP. The compromised data reportedly includes internal planning information such as budget allocations, target population details, geographic distribution, and program performance indicators related to humanitarian operations.
Date: 2026-03-21T08:49:24Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Lebanon-Crisis-Response-Plan-LCRP
Screenshots:
None
Threat Actors: XZeeoneOfc
Victim Country: Lebanon
Victim Industry: Government Administration
Victim Organization: united nations lebanon
Victim Site: lebanon.un.org
Alleged leak of naval hospital medical data
Category: Data Leak
Content: The threat actor claims to have leaked a medical record database from a naval hospital, allegedly containing highly sensitive personal information of patients, including national ID numbers, full names, addresses, contact details, dates of birth, insurance information, and demographic data.
Date: 2026-03-21T08:46:45Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-complete-medical-record-database-of-Tjiptadi-Mangunkusumo-Naval-Hospital-patients
Screenshots:
None
Threat Actors: XZeeoneOfc
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of Business Registers Agency of Serbia
Category: Data Breach
Content: The threat actor claims to be selling a 2.15 GB dataset allegedly associated with business registry records in Serbia. According to the listing, the data reportedly includes scanned identification documents such as passports and national IDs, JMBG numbers, full names, residential addresses, bank statements, credit ratings, beneficial ownership declarations, notarized contracts, and electronic signatures. The dataset is described as primarily related to individuals and entities based in Belgrade, including real estate owners and law firms.
Date: 2026-03-21T08:39:20Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-2-15GB-Serbia-Business-Registry-2026-%E2%80%94-Scanned-IDs-Passports-JMBG-Bank-Statements
Screenshots:
None
Threat Actors: Zeus_kos
Victim Country: Serbia
Victim Industry: Government Administration
Victim Organization: business registers agency
Victim Site: apr.gov.rs
Alleged leak of contact data of individuals and organizations in the Environmental and Sustainability Sector
Category: Data Leak
Content: The threat actor claims to have leaked a database allegedly containing sensitive contact information of over 4,000 individuals and organizations in the environmental and sustainability sector, including academics, researchers, government officials, corporate professionals, NGOs, and consultants across multiple countries.
Date: 2026-03-21T08:34:36Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-Contact-List-Address-Book-of-individuals-and-orgaanizations-in-the-field-of-Environm
Screenshots:
None
Threat Actors: XZeeoneOfc
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized cctv access to an unidentified shop in Israel
Category: Initial Access
Content: The group claims to have unauthorized cctv access to an unidentified organization
Date: 2026-03-21T08:15:16Z
Network: telegram
Published URL: https://t.me/thetfa/522
Screenshots:
None
Threat Actors: TFA Team
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of multiple cryptocurrency and financial platforms
Category: Data Leak
Content: The threat actor claims to be selling a database containing millions of user records allegedly obtained from multiple cryptocurrency and financial platforms, including Gemini, Coinbase, Robinhood, Twitter, Ledger, Cointracker, CoinMarketCap, Gatehub, Hitfinex, and Paxful. The compromised data reportedly includes names, email addresses, phone numbers, country details, and source platform information, totaling over 4 million records.
Date: 2026-03-21T08:01:18Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-Multiple-platforms-crypto-package-here
Screenshots:
None
Threat Actors: HiddenHq
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials
Category: Combo List
Content: Threat actor shared a link to allegedly fresh and valid Hotmail credentials containing over 913,000 records. The credentials are being distributed for free via a file hosting service.
Date: 2026-03-21T07:50:39Z
Network: openweb
Published URL: https://crackingx.com/threads/69347/
Screenshots:
None
Threat Actors: williams001
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of Hotmail credentials
Category: Combo List
Content: A forum user shared a combolist containing 14,000 unique Hotmail email and password combinations on a cracking forum.
Date: 2026-03-21T07:50:12Z
Network: openweb
Published URL: https://crackingx.com/threads/69348/
Screenshots:
None
Threat Actors: UniqueCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged distribution of mixed corporate credential combolist
Category: Combo List
Content: Threat actor CODER is distributing a combolist containing 12 million unique corporate credentials through Telegram channels. The actor operates multiple Telegram groups offering free credential lists and programs to potential users.
Date: 2026-03-21T07:27:03Z
Network: openweb
Published URL: https://crackingx.com/threads/69346/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credentials on CrackingX forum
Category: Combo List
Content: A threat actor allegedly shared a combolist containing 41,000 Hotmail credentials on a cybercriminal forum. The post indicates the credentials are valid and sourced from forums.
Date: 2026-03-21T07:01:42Z
Network: openweb
Published URL: https://crackingx.com/threads/69344/
Screenshots:
None
Threat Actors: ValidMail
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged leak of Hotmail credentials combolist
Category: Combo List
Content: A threat actor shared a combolist containing approximately 1.9 million Hotmail email and password combinations, claiming the credentials are from fresh leaks. The data is being distributed for free via a file hosting service.
Date: 2026-03-21T06:54:17Z
Network: openweb
Published URL: https://crackingx.com/threads/69343/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged Sale of Preferred Hotels Reservation Data
Category: Data Breach
Content: The threat actor claims to be selling a dataset allegedly related to hotel reservation systems used by Preferred Hotels & Resorts. The dataset contains sensitive PII, travel and financial metadatas.
Date: 2026-03-21T06:28:23Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-preferredhotels-com-HNWI-450k-Luxury-hotel
Screenshots:
None
Threat Actors: golovey_team
Victim Country: USA
Victim Industry: Hospitality & Tourism
Victim Organization: preferred hotels & resorts
Victim Site: preferredhotels.com
Website defacement of Marcenaria Tony Arte by ecologyc (LarpBoys team)
Category: Defacement
Content: The LarpBoys team member ecologyc defaced the website of Marcenaria Tony Arte, a Brazilian woodworking/carpentry business, on March 21, 2026. The defaced site was running on a Linux server and the incident was archived for documentation purposes.
Date: 2026-03-21T06:27:19Z
Network: openweb
Published URL: https://haxor.id/archive/mirror/248058
Screenshots:
None
Threat Actors: ecologyc, LarpBoys
Victim Country: Brazil
Victim Industry: Manufacturing/Woodworking
Victim Organization: Marcenaria Tony Arte
Victim Site: www.marcenariatonyarte.com
Alleged distribution of SMTP credential combolist
Category: Combo List
Content: Threat actor CODER is distributing a combolist containing 21 million SMTP credentials through Telegram channels. The credentials are being shared for free through dedicated Telegram groups.
Date: 2026-03-21T06:23:55Z
Network: openweb
Published URL: https://crackingx.com/threads/69342/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of DSHG Sonic
Category: Data Breach
Content: Threat actor claims to have leaked SQL database of DSHG Sonic. The compromised data reportedly includes users, producers, transactions, and admins.
Date: 2026-03-21T06:10:48Z
Network: openweb
Published URL: https://demonforums.net/Thread-database-of-dshgsonic-com-Full-Dump
Screenshots:
None
Threat Actors: SecKittenMax
Victim Country: USA
Victim Industry: Software
Victim Organization: dshg sonic
Victim Site: dshgsonic.com
Alleged Sale of Registraduría Colombia Database
Category: Data Breach
Content: The threat actor claims to be selling a dataset allegedly associated with Colombia’s national civil registry system. The dataset contains highly sensitive government-issued identity information.
Date: 2026-03-21T06:08:57Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-CO-120K-REGISTRADURIA-GOV-CO
Screenshots:
None
Threat Actors: NyxarGroup
Victim Country: Colombia
Victim Industry: Government Administration
Victim Organization: registraduría nacional del estado civil
Victim Site: registraduria.gov.co
DieNet targets the website of Open University of Israel
Category: Data Breach
Content: Proof of Downtime: https://check-host.net/check-report/3c2d4660kaf3
Date: 2026-03-21T06:08:18Z
Network: telegram
Published URL: https://t.me/dienet3/496
Screenshots:
None
Threat Actors: DieNet
Victim Country: Israel
Victim Industry: Education
Victim Organization: open university of israel
Victim Site: openu.ac.il
Alleged data breach of AstraZeneca
Category: Data Breach
Content: Threat actor claims to be selling leaked data from AstraZeneca, UK. The compromised data reportedly contains full source code Azure, AWS, Terraform and employee datas.
Date: 2026-03-21T06:02:15Z
Network: openweb
Published URL: https://lapsus.by/
Screenshots:
None
Threat Actors: LAPSUS-GROUP
Victim Country: UK
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: astrazeneca
Victim Site: astrazeneca.com
Alleged unauthorized access to multiple systems in Israel
Category: Initial Access
Content: The group claims to have gained unauthorized access to multiple systems and servers associated with Israel, allegedly exfiltrating sensitive data and conducting data wiping operations across targeted infrastructure.
Date: 2026-03-21T05:57:43Z
Network: telegram
Published URL: https://t.me/Anon_Israel35/46
Screenshots:
None
Threat Actors: Anonymous For Justice
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Orange Romania
Category: Data Breach
Content: Threat actor claims to be leaking data associated with Orange Romania, a telecommunications provider. The exposed data is said to include customer records, source code, internal documents, invoices, contracts, project files, support tickets, user data, employee information, messages, credit card details, personally identifiable information (PII), and call logs.
Date: 2026-03-21T05:56:51Z
Network: openweb
Published URL: https://spear.cx/Thread-Database-Orange-ro-leak
Screenshots:
None
Threat Actors: Tanaka
Victim Country: Romania
Victim Industry: Network & Telecommunications
Victim Organization: orange romania
Victim Site: orange.ro
Alleged Sale of Chinese Sports Betting Clients Database
Category: Data Leak
Content: The threat actor claims to be selling a dataset allegedly related to Chinese sports betting platform users. The dataset contains personal details of personal details of users.
Date: 2026-03-21T05:48:17Z
Network: openweb
Published URL: https://darkforums.su/Thread-Selling-Chinese-sports-betting-clients-2500K
Screenshots:
None
Threat Actors: datasource
Victim Country: China
Victim Industry: Gambling & Casinos
Victim Organization: Unknown
Victim Site: Unknown
Alleged distribution of business credentials combolist
Category: Combo List
Content: Threat actor distributes a combolist containing 7 million business credentials through Telegram channels, offering both free access and private distribution methods.
Date: 2026-03-21T05:29:14Z
Network: openweb
Published URL: https://crackingx.com/threads/69340/
Screenshots:
None
Threat Actors: CODER
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Website defacement of MAN 3 Kota Makassar by 4zz_30/JABAR ERROR SYSTEM
Category: Defacement
Content: The website of MAN 3 Kota Makassar, an Indonesian Islamic senior high school, was defaced by attacker 4zz_30 from the JABAR ERROR SYSTEM team on March 21, 2026. The incident targeted a single educational institutions website running on a Linux server.
Date: 2026-03-21T05:28:55Z
Network: openweb
Published URL: https://haxor.id/archive/mirror/248057
Screenshots:
None
Threat Actors: 4zz_30, JABAR ERROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: MAN 3 Kota Makassar
Victim Site: man3kotamakassar.sch.id
Alleged leak of German shopping credentials
Category: Combo List
Content: A combolist containing 242,621 credentials allegedly targeting German shopping websites has been made available for free download on a cybercrime forum.
Date: 2026-03-21T04:45:51Z
Network: openweb
Published URL: https://crackingx.com/threads/69339/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Retail
Victim Organization: Unknown
Victim Site: Unknown
Alleged distribution of Argentina credential combolist
Category: Combo List
Content: Threat actor CODER is distributing an Argentina-focused credential combolist through Telegram channels, offering free access to stolen login credentials.
Date: 2026-03-21T04:21:36Z
Network: openweb
Published URL: https://crackingx.com/threads/69338/
Screenshots:
None
Threat Actors: CODER
Victim Country: Argentina
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Gmail credentials combolist
Category: Combo List
Content: A threat actor shared a combolist containing over 300,000 Gmail email and password combinations claimed to be unique credentials from 2026.
Date: 2026-03-21T03:28:49Z
Network: openweb
Published URL: https://crackingx.com/threads/69337/
Screenshots:
None
Threat Actors: UniqueCombo
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Google
Victim Site: gmail.com
Alleged distribution of European and US credential combolists
Category: Combo List
Content: Threat actor gsmfix claims to be distributing high-quality credential combolists targeting users from Europe and the United States. The post advertises the credentials as fully valid but provides no specific details about the source, volume, or affected services.
Date: 2026-03-21T03:05:21Z
Network: openweb
Published URL: https://crackingx.com/threads/69333/
Screenshots:
None
Threat Actors: gsmfix
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of 350,000 credential combinations
Category: Combo List
Content: A threat actor shared a combolist containing 350,000 URL, login, and password combinations via a free download link on a criminal forum.
Date: 2026-03-21T03:05:02Z
Network: openweb
Published URL: https://crackingx.com/threads/69334/
Screenshots:
None
Threat Actors: WashingtonDC
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of German shopping website credentials
Category: Combo List
Content: A threat actor shared a combolist containing over 1.1 million credential pairs allegedly targeting German shopping websites. The data is being distributed for free via a file sharing platform.
Date: 2026-03-21T02:41:10Z
Network: openweb
Published URL: https://crackingx.com/threads/69330/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Retail
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Hotmail credential combolist
Category: Combo List
Content: Actor redcloud shared a combolist containing 9.1K Hotmail email credentials via MediaFire download link on a cybercriminal forum.
Date: 2026-03-21T01:29:29Z
Network: openweb
Published URL: https://crackingx.com/threads/69326/
Screenshots:
None
Threat Actors: redcloud
Victim Country: Unknown
Victim Industry: Technology
Victim Organization: Microsoft
Victim Site: hotmail.com
Alleged data leak of emails from Eran Ortal
Category: Data Leak
Content: The group claims to have leaked 100,000 emails belonging to Eran Ortal in Israel, reportedly containing confidential communications, operational plans, strategic discussions, and internal military-related documents.
Date: 2026-03-21T00:48:41Z
Network: openweb
Published URL: https://handala-team.to/architect-of-zionist-warfare-exposed-eran-ortals-hidden-strategies-now-public/
Screenshots:
None
Threat Actors: Handala Hack
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of German credential combolist
Category: Combo List
Content: A credential combolist containing 722,208 lines targeting German users has been made available for free download. The combolist appears to contain mixed credentials from various sources.
Date: 2026-03-21T00:30:26Z
Network: openweb
Published URL: https://crackingx.com/threads/69325/
Screenshots:
None
Threat Actors: HQcomboSpace
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Métropole dAix-Marseille-Provence
Category: Data Breach
Content: The threat actor claims to have breached the database associated with ampmetropole.fr, the dataset contains user account information such as usernames, hashed passwords (WordPress MD5), email addresses, display names, account registration details, and account status data.
Date: 2026-03-21T00:05:26Z
Network: openweb
Published URL: https://darkforums.su/Thread-DATABASE-ampmetropole-fr-M%C3%A9tropole-d-Aix-Marseille-Provence-20k
Screenshots:
None
Threat Actors: ryolait
Victim Country: France
Victim Industry: Government Administration
Victim Organization: métropole daix-marseille-provence
Victim Site: ampmetropole.fr

1. Executive Summary

2. Threat Landscape & Attack Categorization

2.1 Credential Combo Lists (The Dominant Vector)

2.2 High-Impact Data Breaches & Leaks

2.3 Hacktivism and Website Defacement

2.4 Initial Access and Infrastructure Compromise

3. Key Threat Actor Profiles

4. Conclusion and Strategic Assessment

Related Posts

[February-21-2026] Daily Cybersecurity Threat Report

[April-21-2025] Daily Cybersecurity Threat Report

[February-16-2026] Daily Cybersecurity Threat Report