[February-10-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report details a period of intense and varied cyber activity involving data breaches, initial access sales, defacements, and malware distribution. The dataset reveals a highly active cybercriminal ecosystem where state-sponsored espionage, hacktivist defacements, and financially motivated initial access brokers (IABs) operate simultaneously.

Key observations from this reporting period include:

High-Value Initial Access Sales: A threat actor identified as miyako is aggressively selling root-level Remote Code Execution (RCE) and administrative access to government and critical infrastructure entities in South America (Peru, Colombia) and China.+3
Targeted Sector Exploitation: There is a significant concentration of attacks against the Education sector in Indonesia, alongside a specific focus on French organizations ranging from charities to defense contractors.+2
Geopolitical Conflict via Cyber Means: The Middle East remains a hotbed for hacktivism, with mutual targeting between Israeli and Iranian/Pro-Palestinian actors, involving both data leaks and website defacements.+2
Critical Infrastructure Threats: Operational Technology (OT) and SCADA systems were explicitly targeted, with actors claiming control over agricultural irrigation in Spain and industrial ventilation in Poland.+1

The following sections provide a detailed breakdown of these threats, categorized by region, sector, and attack vector.

2. Statistical Overview and Threat Actor Analysis

2.1. Attack Categories

The incidents are primarily categorized into three distinct types:

Data Breaches: The unauthorized exfiltration and subsequent sale or leaking of databases. This is the most prevalent category, affecting major entities like Safran S.A. and Casio.+1
Initial Access: The sale of unauthorized entry points (RCE, Shell, RDP, Admin Panels) into corporate or government networks. This category poses the most immediate severe risk to operational continuity.+1
Defacement: Vandalism of public-facing websites, often driven by political or ideological motives rather than financial gain.+1

2.2. Prominent Threat Actors

Several actors demonstrated high operational tempo during this window:

Miyako: A highly sophisticated Initial Access Broker (IAB). miyako is distinct for selling high-privilege access (Root RCE, Shell) rather than just data. Their targets include a Peruvian Regional Government, a Colombian Emergency Response Agency, and a U.S. Defense Contractor. The consistent description of “root-level RCE” suggests miyako may be exploiting a specific, unpatched vulnerability in Linux-based administrative panels across different organizations.+2
A K U L A v 2: This actor focused heavily on credential theft and leaks, specifically targeting Middle Eastern infrastructure and government bodies. Their victims include the Atomic Energy Organization of Iran and the UAE’s Federal Authority for Identity.+1
BABAYO EROR SYSTEM: A prolific defacement and initial access group focusing on Indonesian targets and webshell leaks. They appear to be opportunistic, hitting educational institutions and small businesses.+3
Z-BL4CX-H4T: Active in the defacement space, targeting diverse entities from engineering consultants in the UAE to travel sites in India.+1
404 CREW CYBER TEAM: A hacktivist group engaging in both defacement and SCADA system targeting, specifically active against Thailand and US municipal targets.+2

3. Regional Threat Analysis

3.1. The Americas

The Americas faced a mix of high-level government compromises and corporate data breaches.

South America: The region is currently suffering from a wave of high-severity intrusions.

Government & Emergency Services: In Colombia, the miyako actor claimed unauthorized internal access to a government emergency response agency, offering root-level RCE. Additionally, the Colombian education evaluation institute (ICFES) saw its database of student and university records put up for sale by CryptoDead.+1
Peru: A similar high-level intrusion was reported against a regional government portal in Peru’s capital, again involving root RCE and firewall access.
Brazil: The political organization Partido dos Trabalhadores had a database of 537,000 members put up for sale. Concurrently, a massive breach of Vivo (telecom) allegedly exposed over 60 million customer records, including residential addresses.+1
Chile & El Salvador: Automotive data from Aventura Motors in Chile and judiciary records from the Corte Suprema de Justicia in El Salvador were also traded.+1

North America:

United States:
- Defense & Military: A critical incident involves the alleged sale of access to a U.S. military simulation defense contractor. The access includes root-level RCE and a hijacked admin panel.
- Government: The Town of Brunswick suffered a data breach claimed by 404 CREW CYBER TEAM.
- Healthcare & Identity: A massive leak of “American People Identity Data” and a bulk dataset from APC Home Health Service containing HIPAA documents were reported.+1
- Infrastructure: An alleged leak of FBI & DHS employee data was posted on Telegram.

3.2. Europe

Europe faced a sophisticated array of data breaches, particularly impacting France.

France: French organizations were disproportionately targeted during this period.

Charity Sector: The Les Restos du Cœur charity suffered a breach affecting 70,000 donors and volunteers.
Defense & Aerospace: Safran S.A., a major defense and aerospace group, allegedly had a database of customer, ERP, and shipping records put up for sale by Spirigatito.
Corporate: Breaches were also reported at Les Burgers de Papa (242k records) , Ciffréo Bona (70k records with plaintext passwords) , and ATALIAN (4.1 million records).+2
Identity Data: A dataset of French “verified identities” obtained via age-verification systems was offered for sale, highlighting the risks of third-party verification plugins.

Other European Incidents:

Switzerland: Unauthorized admin access to the Global Blue Agent portal was sold, potentially compromising financial refund data.
Poland: Industrial systems were targeted, with claims of access to a ventilation control system allowing manipulation of fan parameters and voltages.
Spain: Similar to Poland, an agricultural irrigation control system was breached, granting attackers control over pumps and fertilizer consumption.
Germany: Access to 150 hosts via Forti and Domain User access was sold , alongside a “Leads Database” from the motorcycle sector.+1

3.3. Asia-Pacific (APAC)

The APAC region saw the highest volume of individual incidents, particularly in the education sector.

Indonesia: Indonesia experienced a flood of cyber incidents, primarily focused on government and education.

Government: A massive breach of the Directorate General of Agricultural Infrastructure was claimed, involving 22 million records related to farmers and fertilizer distribution. Additionally, the Kartu Indonesia Pintar (KIP) education program database was leaked.+1
Education: A distinct campaign targeted Islamic boarding schools and academies. Victims included Madrasah Aliyah Negeri 16 Jakarta, Madrasah Tsanawiyah Sirojul Huda, and Madina Bright Academy. These attacks typically involved the sale or leak of initial access credentials.+2
Defacement: Hacktivist groups like UNDERGROUND-NET and BABAYO EROR SYSTEM actively defaced various Indonesian subdomains.+1

China:

AI Sector: A highly significant claim involved the sale of unauthorized access to an unidentified “Agentic AI Company.” The access purportedly includes root RCE and full admin permissions, targeting the emerging AI-Edge-as-a-Service sector.

Singapore:

Telecommunications: A report highlighted a breach of Singapore’s four largest telcos (Singtel, StarHub, M1, Simba) by a Chinese-linked espionage group UNC3886. Unlike the financial breaches elsewhere, this was characterized as a targeted espionage campaign.

Thailand:

SCADA & Health: 404 CREW CYBER TEAM claimed access to an unidentified SCADA server and defaced the Action on Smoking and Health Foundation website.+1

3.4. Middle East

Cyber activity in this region was heavily influenced by geopolitical tensions.

Israel:

Academic & Corporate: The Hebrew University suffered a 40GB data leak. Real estate firms and the Israel Planners Association were also targeted by hexa-anonymous.+2
Government: The City4U Portal saw login credentials leaked by A K U L A v 2.

Iran:

Critical Infrastructure: The Atomic Energy Organization of Iran was targeted with a credential leak.
Telecommunications: Credential leaks were reported for Irancell and its mail subdomains.+1
Social: The Committee of Working Women of Qom Province website was defaced by Krypr Team.

4. Detailed Incident Analysis by Attack Vector

4.1. Initial Access Brokerage (IAB)

The marketplace for initial access is thriving. The data indicates that actors are moving beyond simple credential stuffing to offering deep, persistent access.

Root RCE on Linux Systems: The actor miyako repeatedly lists “root-level RCE” and “shell access” on Linux-based systems for government and defense targets. This consistency suggests the actor may be weaponizing a specific 0-day or N-day vulnerability in a widely used enterprise Linux management tool.+2
Industrial Control Systems (ICS/SCADA): The claims regarding the Spanish irrigation system and Polish ventilation system are particularly alarming. The attackers claim the ability to manipulate physical parameters (pressure, voltage), which transcends data theft and enters the realm of physical sabotage.+1
Domain Admin Access: In Saudi Arabia, samy01 offered RDWeb domain user access across an environment of 1,000 systems, impacting airports and transportation. This type of access allows for lateral movement and potentially catastrophic ransomware deployment.

4.2. Data Breaches and Privacy

The scale of Personal Identifiable Information (PII) leaked is substantial.

Verified Identity Data: The leak of French “Verified Identity” datasets is notable because it compromises data that has ostensibly been vetted for security (age verification), essentially bypassing the anonymity of the internet for the victims.
Plaintext Passwords: Several breaches, such as the Ciffréo Bona incident and the Universidad de Panamá breach, explicitly mention the exposure of passwords stored in plain text. This indicates a fundamental failure in basic security hygiene by the victim organizations.+1
Sensitive Government Data: The Indonesian agricultural breach exposed National ID numbers (NIK) and detailed crop planning data, which could be used for identity theft or economic analysis by rivals.

4.3. Hacktivism and Defacement

While financially less damaging, the volume of defacements indicates a crowded landscape of low-tier actors seeking notoriety.

Groups: HaxChipper and Z-BL4CX-H4T were responsible for a high volume of defacements across India, Turkey, and Nigeria.+2
Methodology: These attacks often exploit known vulnerabilities in CMS platforms (like WordPress or Joomla) or unpatched web servers to replace the index page.

5. Sector-Specific Impact Assessment

5.1. Government and Public Administration

Government entities were the primary targets for high-privilege access sales.

Risk: The sale of RCE access to emergency response agencies (Colombia) and regional portals (Peru) suggests that nation-state actors or ransomware gangs could purchase this access to disrupt governance or launch wiper attacks.
Incident Highlights:
- Peru Capital Regional Government: Root RCE.
- Federal Authority For Identity (UAE): Credential leak.
- Republic of Cyprus: Beneficiary database breach.

5.2. Education and Research

The education sector, particularly in Indonesia, is under sustained assault.

Risk: Schools often lack dedicated cybersecurity budgets. The breaches here include student PII, academic records, and portal access.
Incident Highlights:
- Madrasah Aliyah Negeri 16 Jakarta: Access leak.
- The Hebrew University (Israel): 40GB data leak.
- GDQuest (E-Learning): 37,000 user records leaked.

5.3. Financial Services

Risk: Direct financial theft and fraud.
Incident Highlights:
- Global Blue: Admin credentials cracked.
- Binance: Claim of leaked access.
- Digital Tax Free (Lithuania): Webshell access.

5.4. Defense and Critical Infrastructure

Risk: National security compromise and physical damage.
Incident Highlights:
- U.S. Military Simulation Contractor: Root RCE access sold.
- Atomic Energy Organization of Iran: Credential leak.
- Safran S.A. (France): Business record breach.

6. Incident Register (Selected Significant Events)

The following list highlights the most critical incidents from the reporting period, selected based on the severity of access or the volume of data involved.

6.1. High-Severity Infrastructure Compromises

Unknown China Agentic AI Company (Feb 10, 22:30 Z): Actor miyako listed unauthorized full admin panel access with root RCE for a Chinese AI Edge-as-a-Service corporation. This could allow for the theft of proprietary AI models or the corruption of AI training data.
Colombian Emergency Response Agency (Feb 10, 22:30 Z): Another miyako listing offering root-level RCE on a Linux system. Compromise of emergency systems poses a direct threat to public safety.
Spanish Agricultural Irrigation System (Feb 10, 14:57 Z): The group Z-PENTEST ALLIANCE claimed control over pumps, valves, and fertilizer consumption. This is a direct OT (Operational Technology) attack.

6.2. Massive Data Leaks

Directorate General of Agricultural Infrastructure, Indonesia (Feb 10, 21:52 Z): CinCauGhas claimed a breach of 22 million records including National ID numbers and fertilizer distribution data.
203 Million Password Database (Feb 10, 16:40 Z): Actor PeachesNCream released a massive combo list of over 203 million records. While likely a compilation of previous breaches, it poses a high risk of credential stuffing.
Vivo Brazil (Feb 10, 03:30 Z): A claim by Kirigaya of 60 million records including residential addresses and activation dates. This represents a significant privacy catastrophe for Brazilian citizens.

6.3. Notable Malware & Tooling Sales

Native Shellcode Loader (Feb 10, 08:18 Z): Actor work159 is selling a private C/C++ shellcode loader designed to bypass EDR (Endpoint Detection and Response) and AV protections. This indicates the continued commercialization of advanced evasion tools.
Phishing Panel “ph1shy” (Feb 10, 21:36 Z): The sale of a dedicated phishing toolkit highlights the low barrier to entry for cybercriminals wishing to launch credential harvesting campaigns.

7. Strategic Recommendations

Based on the analysis of the 114 incidents, the following recommendations are critical for organizations operating in the targeted sectors.

7.1. For Government and Critical Infrastructure

Patch Management & Network Segmentation: The prevalence of “root RCE” and “Linux-based admin panel” exploits suggests unpatched web-facing management interfaces. Organizations must audit their external attack surface immediately.
OT Security: For industrial targets (water, ventilation), it is imperative to segregate SCADA networks from the public internet. The incidents in Spain and Poland demonstrate that these systems are discoverable and exploitable.
Credential Hygiene: The cracking of the Global Blue admin panel and the numerous credential leaks suggest weak password policies. Implement mandatory Multi-Factor Authentication (MFA), preferably hardware-based (FIDO2).

7.2. For the Education Sector

Basic Hardening: The wave of Indonesian school breaches suggests vulnerable CMS installations (e.g., Moodle, WordPress). Schools should disable unused plugins, enforce strong passwords for admin accounts, and keep platforms updated.
Data Minimization: Educational institutions should review why they are storing plain text passwords (as seen in the Panama university breach) and move to strong hashing algorithms (e.g., Argon2, bcrypt).

7.3. General Corporate Security

Third-Party Risk Management: The breach of “Verified Identity” data and various “agent” portals highlights the risk of third-party vendors. Companies must audit the security posture of their software suppliers and integration partners.+1
Defense Against IABs: Initial Access Brokers are active. Monitor dark web forums for mentions of your organization’s domain or IP ranges. Early detection of an “access sale” listing can provide time to remediate the vulnerability before a ransomware gang purchases the access.

8. Conclusion

The 24-hour period analyzed in this report depicts a volatile and dangerous cyber environment. The data shows a clear bifurcation in the threat landscape: on one side, highly technical actors like miyako are selling persistent, high-privilege access to critical government and defense systems, likely utilizing specific unpatched vulnerabilities. On the other side, a swarm of lower-sophistication actors and hacktivists are engaging in mass data scraping, defacement, and the exploitation of weak academic infrastructure.

The specific targeting of OT systems (Spain, Poland) and defense contractors (USA, France) is the most concerning trend, indicating that cyber threat actors are increasingly comfortable crossing the line from data theft to potential physical disruption and national security threats. Organizations must pivot from reactive security postures to proactive threat hunting and rigorous attack surface reduction to withstand this onslaught.

Detected Incidents Draft Data

Alleged data breach of Les Restos du Cœur
Category: Data Breach
Content: The threat actor claims the sale of a database containing user and volunteer information associated with the French charity Les Restos du Cœur. The seller alleges access to approximately 70,000 records, including first and last names, nicknames, roles/functions, organizational affiliations, regional departments, email addresses, and phone numbers
Date: 2026-02-10T22:57:09Z
Network: openweb
Published URL: https://breachforums.bf/Thread-FR-Resto-du-coeur
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b4fa5523-552b-4348-8fc5-b30ce2861907.png
https://d34iuop8pidsy8.cloudfront.net/3287d228-03b7-4fb4-bec0-e48a45b47258.png
Threat Actors: CyberNox
Victim Country: France
Victim Industry: Non-profit & Social Organizations
Victim Organization: les restos du cœur
Victim Site: restosducoeur.org
Alleged data breach of Town of Brunswick
Category: Data Breach
Content: The group claims to have breached data of Brunswick
Date: 2026-02-10T22:53:49Z
Network: telegram
Published URL: https://t.me/crewcyber/663
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a2148b41-9e09-4b72-9303-34e324cb9366.png
https://d34iuop8pidsy8.cloudfront.net/3914cdb2-5120-4b11-8362-c7b66d7a6737.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: town of brunswick
Victim Site: brunswickny.gov
Alleged Unauthorized Admin Access to Global Blue Agent
Category: Initial Access
Content: The threat actor claims that the admin panel credentials for the Global Blue Agent portal (refund-globalblue) have been cracked. It includes a purported administrator username and password, as well as a shared user-level password for the platform.
Date: 2026-02-10T22:50:29Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/cracked-globalblue.514/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eb222367-7d06-4b47-b673-98095954eab5.png
Threat Actors: ceshi
Victim Country: Switzerland
Victim Industry: Financial Services
Victim Organization: global blue agent
Victim Site: globalblue-agent.com
Alleged data breach of GDQuest
Category: Data Breach
Content: The threat actor claims that the School.GDQuest.com database was leaked. the allegedly exposed data of over 37,000 users, including email addresses, user IDs (UIDs), customer status, purchase information, course progress data, and related account metadata.
Date: 2026-02-10T22:47:12Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-School-GDQuest-com-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aaa6f549-0050-4abf-8914-ff021da3d801.png
Threat Actors: Sythe
Victim Country: France
Victim Industry: E-Learning
Victim Organization: gdquest
Victim Site: school.gdquest.com
Alleged Unauthorized Access to an Peru Capital Regional Government Portal
Category: Initial Access
Content: The threat claims the sale of unauthorized internal access to a regional government portal associated with Peru’s capital. The alleged access includes root-level RCE, shell access, firewall access, and a network administrative panel on a Linux-based system.
Date: 2026-02-10T22:36:28Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Peru-s-Capital-Regional-Government-Portal
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bb68ffbc-b57f-4b25-ad0b-dc99edeb3b3e.png
Threat Actors: miyako
Victim Country: Peru
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
404 CREW CYBER TEAM targets the website of Action on Smoking and Health Foundation
Category: Defacement
Content: The group claims to have defaced the website of Action on Smoking and Health Foundation (ASH Thailand).
Date: 2026-02-10T22:30:42Z
Network: telegram
Published URL: https://t.me/crewcyber/661
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b8589358-d814-4285-8b5e-ad76bf01b01c.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Thailand
Victim Industry: Non-profit & Social Organizations
Victim Organization: action on smoking and health foundation (ash thailand)
Victim Site: ashthailand.or.th
Alleged Sale of Unauthorized Access to an Unidentified Agentic AI Company from China
Category: Initial Access
Content: Threat actor claims to be selling unauthorized full admin panel access to an unidentified China Agentic AI Edge-as-a-service (EaaS) Corporation. The alleged access reportedly contains root RCE, shell and full admin permissions.
Date: 2026-02-10T22:30:33Z
Network: openweb
Published URL: https://breachforums.bf/Thread-China-Agentic-AI-Edge-as-a-service-EaaS-Corp
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f6c967b8-f829-4452-8ba1-6389ee218423.png
Threat Actors: miyako
Victim Country: China
Victim Industry: Information Technology (IT) Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Colombian Government Emergency Response Agency
Category: Initial Access
Content: The threat actor claims the sale of unauthorized internal access to a Colombian government emergency response agency. The alleged access includes root-level RCE, shell access, firewall access, and a network administrative panel on a Linux-based system
Date: 2026-02-10T22:30:10Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Colombian-Government-Emergency-Response-Agency
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/24879c35-4703-4331-9c0a-c42ba5e4e9b6.png
Threat Actors: miyako
Victim Country: Colombia
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized SQL Injection Access to Game Target
Category: Initial Access
Content: The threat actor claims to be selling unauthorized SQL injection access to a game-related target, the compromised target contains 32 databases.
Date: 2026-02-10T21:59:42Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275710/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a10afdc2-3bb8-4532-bf18-f5d87b0d3c29.png
https://d34iuop8pidsy8.cloudfront.net/26321e3d-324a-4af3-998d-0a16dd574fdf.png
Threat Actors: pollins05
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Directorate General of Agricultural Infrastructure and Facilities
Category: Data Breach
Content: Threat Actor claims to have breached the database of the Directorate General of Agricultural Infrastructure and Facilities in Indonesia, alleging the exposure of approximately 22,010,000 records related to Tulang Bawang Province, with the breach reportedly occurring during 2023–2024. The compromised data reportedly includes personal and agricultural information such as names, national ID numbers (NIK/KTP), village codes, extension officer names, farmer group details, kiosks, PIHC data, commodity subsectors, crop planning information, and fertilizer types including Urea and NPK.
Date: 2026-02-10T21:52:17Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-DATA-BASE-PUPUKBERSUBSIDI-PERTANIAN-GO-ID-PROV-TULANG-BAWANG-22-010-K
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/378dd023-6f02-4a2e-887b-93385b4926a6.png
https://d34iuop8pidsy8.cloudfront.net/4cb5b0a8-a54b-47ff-bb62-1d645db43e4c.png
Threat Actors: CinCauGhas
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: directorate general of agricultural infrastructure and facilities
Victim Site: pupukbersubsidi.pertanian.go.id
Alleged Unauthorized Access to South American Manufacturing Company
Category: Initial Access
Content: The threat actor claims the sale of unauthorized internal access to a South American manufacturing organization. The alleged access includes root-level RCE, shell access, firewall access, and a full administrative panel on a Linux-based system.
Date: 2026-02-10T21:46:49Z
Network: openweb
Published URL: https://breachforums.bf/Thread-South-American-Manufacturing
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c405254-4a42-4a83-80a5-070cc8cea1cd.png
Threat Actors: miyako
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to an unidentified SCADA server in Thailand
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified SCADA server in Thailand
Date: 2026-02-10T21:46:05Z
Network: telegram
Published URL: https://t.me/crewcyber/662
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1dd06664-fa18-42c1-a439-6871660e1472.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Thailand
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Admin Access to Modesy
Category: Initial Access
Content: The threat actor claims to offer unauthorized administrative access to the website modesy.codingest.com, a marketplace platform associated with the Modesy software.
Date: 2026-02-10T21:46:03Z
Network: openweb
Published URL: https://breachforums.bf/Thread-%E2%AD%90USA%E2%AD%90-website-modesy-codingest-com-ADMIN-ACCESS
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f8c083b5-48c4-4601-8cd2-39007b267c32.png
Threat Actors: blackwinter99
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: modesy
Victim Site: modesy.codingest.com
Alleged sale of phishing panel and malicious toolkit
Category: Malware
Content: The threat actor selling a phishing panel and malicious toolkit. It is promoted as malware designed to create and manage phishing campaigns, including fake login pages, credential harvesting, redirection, and remote control of phishing servers. T
Date: 2026-02-10T21:36:09Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-ph1shy-v2-0-0-1-phishing-panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b8abb354-f205-405e-a83f-2bb95813f957.png
https://d34iuop8pidsy8.cloudfront.net/a395c160-5ba3-442a-8b1f-a14dd175dfc9.png
Threat Actors: ph1shyfam
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Nepal Government Website Bolpatra Portal
Category: Initial Access
Content: The threat actor claims to provide unauthorized access to the official Nepal government website bolpatra.gov.np, which is associated with public procurement services.
Date: 2026-02-10T21:35:21Z
Network: openweb
Published URL: https://breachforums.bf/Thread-%E2%AD%90NEPAL%E2%AD%90-Access-to-the-government-website-bolpatra-gov-np–187565
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e87b9b0-6fd5-462d-a301-5dc12214d05b.png
Threat Actors: blackwinter99
Victim Country: Nepal
Victim Industry: Government & Public Sector
Victim Organization: government of nepal
Victim Site: bolpatra.gov.np
Alleged Unauthorized Access to U.S. Military Simulation Defense Contractor Access to U.S. Military Simulation Defense Contractor
Category: Initial Access
Content: The threat actor claims the sale of unauthorized internal access to a U.S.-based military aerospace and defense simulation contractor. The alleged access includes root-level RCE, shell access, firewall device access, and a hijacked admin panel session on a Linux-based system.
Date: 2026-02-10T21:28:37Z
Network: openweb
Published URL: https://breachforums.bf/Thread-USA-Military-Simulations-Defense-Contractor
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b368a77e-0bdf-4b67-bb05-f840fd3cc12a.png
Threat Actors: miyako
Victim Country: USA
Victim Industry: Defense & Space
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Admin Access to Indian Website (oriox.in)
Category: Initial Access
Content: The threat actor claims to offer unauthorized administrative access to an Indian website (oriox.in).
Date: 2026-02-10T21:20:36Z
Network: openweb
Published URL: https://breachforums.bf/Thread-INDIAN-website-oriox-in-admin-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a775cfd0-2e72-4145-9952-48eb2051ddbc.png
Threat Actors: blackwinter99
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Admin Access to an Aavaz
Category: Initial Access
Content: The threat actor claims to offer unauthorized access to the store administration panel of the website aavaz.biz.
Date: 2026-02-10T21:13:41Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Access-to-the-store-panel-on-the-website-aavaz-biz
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d65b8f42-659d-4308-8bca-35597f1f24fc.png
Threat Actors: blackwinter99
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: aavaz
Victim Site: aavaz.biz
Krypr Team targets the website of the Committee of Working Women of Qom Province
Category: Defacement
Content: The group claims to have defaced the website of the Committee of Working Women of Qom Province in Iran.
Date: 2026-02-10T20:54:58Z
Network: telegram
Published URL: https://t.me/KryprTeam/40
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/45ee6827-8fa5-4fd8-b2b0-9151707661fc.png
Threat Actors: Krypr Team
Victim Country: Iran
Victim Industry: Non-profit & Social Organizations
Victim Organization: committee of working women of qom province
Victim Site: avaye-kargar.ir
Alleged data breach of Les Burgers de Papa
Category: Data Breach
Content: The threat actor claims to be offering an alleged dataset related to Les Burgers de Papa customers, described as containing approximately 242,706 records. which includes customer names, email addresses, phone numbers, birth dates, loyalty details, order history, and related account metadata.
Date: 2026-02-10T20:48:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-lesburgersdepapa-fr-242k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0be7c79f-4ea4-45ca-bbda-340e673feee3.png
https://d34iuop8pidsy8.cloudfront.net/749fa679-7069-4eb4-8cfc-12eba5d1e0f6.png
Threat Actors: Angel_Batista
Victim Country: France
Victim Industry: Food & Beverages
Victim Organization: les burgers de papa
Victim Site: lesburgersdepapa.fr
Alleged sale of Forex HQ Depositor Recovery Hot Leads
Category: Data Breach
Content: The seller claims to offer Forex depositor recovery leads containing personal contact details, deposit amounts, broker names, and account-related information.
Date: 2026-02-10T19:13:08Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Forex-HQ-Depositor-Recovery-Hot-Leads–187559
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/12f8f334-1a14-4be9-8204-7b11b199ae4c.png
Threat Actors: livingstone
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized RDP Access to Australia-Based Machinery & Equipment Company
Category: Initial Access
Content: The threat Actor claims to be selling unauthorized RDP Access to Australia-Based Machinery & Equipment Company, which includes user rights.
Date: 2026-02-10T18:57:43Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275698/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a1d70bc7-9351-4bc1-82fe-3527bd5c5fea.png
Threat Actors: sudo
Victim Country: Australia
Victim Industry: Machinery
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Admin, phpMyAdmin, and SSH Access to an Unidentified Shop in Korea
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized administrative, phpMyAdmin, and SSH access to an unidentified shop in Korea, reportedly running Gnuboard 4.
Date: 2026-02-10T18:34:43Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275700/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a8b2cee2-8ced-4352-a596-e24399b9e99b.png
Threat Actors: apps
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Safran S.A.
Category: Data Breach
Content: The threat actor claims to be selling a Safran-group database containing customer, order, ERP, pricing, and shipping-related business records.
Date: 2026-02-10T18:34:17Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Safran-group-com-718k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/76efe92a-2fff-4a55-9716-d506fffbd611.png
https://d34iuop8pidsy8.cloudfront.net/1421d1f1-021a-4e1b-84f1-3384bbcf6930.png
https://d34iuop8pidsy8.cloudfront.net/11e439cb-e99a-4cee-8fbf-819b7377a141.png
Threat Actors: Spirigatito
Victim Country: France
Victim Industry: Defense & Space
Victim Organization: safran s.a.
Victim Site: safran-group.com
Alleged data breach of A. D. Cohen Group
Category: Data Breach
Content: The group claims to have exfiltrated the data of A. D. Cohen Group in Israel.
Date: 2026-02-10T18:29:26Z
Network: telegram
Published URL: https://t.me/Gaza_Children_Hackers/454
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b45b3f75-2ecd-425c-a467-38511c54740d.png
https://d34iuop8pidsy8.cloudfront.net/3e7ec870-82fd-4a6d-8efb-9a5b6a307a9b.png
Threat Actors: Gaza Childrens Group
Victim Country: Israel
Victim Industry: Building and construction
Victim Organization: a. d. cohen group
Victim Site: adcohen.co.il
Alleged data leak of APC Home Health Service
Category: Data Breach
Content: A threat actor claims to be selling a bulk dataset allegedly belonging to APC Home Health Service. the data includes patient records, billing information, insurance data, HIPAA documents, employee files, and PII.
Date: 2026-02-10T18:20:58Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-APC-Home-Health-Service-company-whole-bulk-data-1TB
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a1cb0489-e98a-47fe-ad54-8d7d878243eb.png
Threat Actors: Emb3rSp1rIt
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Aventura Motors
Category: Data Breach
Content: The threat actor claims to be selling the aventuramotors.cl database.The data allegedly includes full names, national ID numbers (RUT), email addresses, phone numbers, regions, communes, vehicle models of interest, branch locations, customer messages, and registration dates.
Date: 2026-02-10T18:05:48Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-CL-aventuramotors-cl
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b421bd45-ec24-4829-8356-62426c65819b.png
Threat Actors: yukoxploit
Victim Country: Chile
Victim Industry: Automotive
Victim Organization: aventura motors
Victim Site: aventuramotors.cl
Alleged data breach of Universidad de Panamá
Category: Data Breach
Content: The threat actor claims that systems associated with the Universidad de Panamá store user passwords in plain text. They allege exposure of student and staff data, including full names, institutional email addresses, ID numbers (cédula), and passwords.
Date: 2026-02-10T17:53:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Universidad-Nacional-de-Panama-The-future-stored-in-plain-text
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/70032947-f236-4894-8b4c-5598d0808473.png
https://d34iuop8pidsy8.cloudfront.net/d6f76f6e-7b5b-49c5-abfb-bb3a9d865da4.png
Threat Actors: RicardoMartinelli
Victim Country: Panama
Victim Industry: Higher Education/Acadamia
Victim Organization: universidad de panamá
Victim Site: up.ac.pa
Alleged data breach of Telemon SRL
Category: Data Breach
Content: A threat actor claims a data leak involving Telemon SRL, affecting more than 42,000 user records.The data alleges exposure of customer names, national ID numbers (cédula), phone numbers, email addresses, home addresses, contract status, debt amounts, and GPS coordinates.
Date: 2026-02-10T17:46:04Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Telemon-SRL-ISP-data-scrape
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b90a1fe3-6469-4243-83f6-b6da895ba0f7.png
Threat Actors: NopName
Victim Country: Dominican Republic
Victim Industry: Network & Telecommunications
Victim Organization: telemon srl
Victim Site: telemontv.com
Alleged Sale of Unauthorized Germany-Based Forti and Domain User Access
Category: Initial Access
Content: The threat actor claims to be selling unauthorized Germany-based Forti and Domain User Access. The listing claims access to around 150 hosts.
Date: 2026-02-10T17:12:15Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275694/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fec67830-7a8e-43d1-b574-e17a905f356d.png
Threat Actors: Big-Bro
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Leak of 203 Million Password Database
Category: Data Breach
Content: The threat actor claims to have leaked a massive password database containing approximately 203,657,489 records.
Date: 2026-02-10T16:40:04Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275678/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4eafdf82-c11d-451f-b66f-a51844fc4685.png
Threat Actors: PeachesNCream
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized RDWeb Domain User Access to Multiple Industries in Saudi Arabia
Category: Initial Access
Content: Threat Actor claims to be selling RDWeb domain user access to multiple industries in Saudi Arabia, including Airports & Air Services and Transportation. The access reportedly includes domain user privileges within an environment consisting of approximately four domain controllers and around 1,000 domain-joined systems.
Date: 2026-02-10T16:33:37Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275692/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/504c01a1-4fa4-4733-b331-2e900fe7c09f.png
Threat Actors: samy01
Victim Country: Saudi Arabia
Victim Industry: Airlines & Aviation
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of French Verified Identity Dataset via Age-Verification Systems
Category: Data Breach
Content: The threat actor claims to be selling a French identity dataset allegedly obtained through misconfigured third-party age-verification workflows used by social platforms. The data reportedly includes verified personal details such as names, dates of birth, locations, phone numbers, and identity-verification status, with city-level filtering available.
Date: 2026-02-10T16:25:43Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-FR-Verified-identity-Dataset-Age-Verified-Accounts-City-Filter-MAING
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/83fc57a3-9de5-44d3-a2d0-89fc04262bfa.png
Threat Actors: thomasvalmorin2828
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized admin access to a Poland-Based Prestashop Store
Category: Initial Access
Content: The threat actor claims to be selling Admin Access to Poland-Based Prestashop Store.
Date: 2026-02-10T16:05:00Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275684/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f6f9b2de-7922-4c21-8218-02a467497209.png
Threat Actors: duffyduck11
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of E3mel Business Academy
Category: Data Breach
Content: The threat actor claims a breach of E3mel Business Academy, a leading Egyptian online professional training platform with significant operations in Saudi Arabia. The leaked data reportedly includes around 1.4 million user records.
Date: 2026-02-10T15:49:15Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-A3MEL-BUSINESS-EGYPTIAN-COMPANY-SAUDI
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/185db0b8-3d2e-4527-842e-a4fac8180d3a.png
Threat Actors: swipe899
Victim Country: Egypt
Victim Industry: E-Learning
Victim Organization: e3mel business academy
Victim Site: e3melbusiness.com
Alleged data breach of Kartu Indonesia Pintar (KIP)
Category: Data Breach
Content: A threat actor claims to possess a database related to Kartu Indonesia Pintar (KIP), an Indonesian government education assistance program.
Date: 2026-02-10T15:42:29Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-KARTU-INDONESIA-PINTAR
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef8fb23e-6f79-4d90-a8ee-7a6c7b17e09c.png
Threat Actors: 1LH4MZXSEC
Victim Country: Indonesia
Victim Industry: Government & Public Sector
Victim Organization: kartu indonesia pintar (kip)
Victim Site: kip.kemdikbud.go.id
Alleged sale of unauthorized access to an v2powerpos
Category: Initial Access
Content: The threat actor claims to have access to the store/admin panel of the website v2powerpos.com, which appears to be a POS and retail management platform.
Date: 2026-02-10T15:34:53Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Access-to-the-store-panel-on-the-website-v2powerpos-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5fe3f804-e02b-461c-95a1-6046ba483b9b.png
Threat Actors: blackwinter99
Victim Country: Unknown
Victim Industry: Retail Industry
Victim Organization: v2powerpos
Victim Site: v2powerpos.com
Alleged leak of login credentials to Dragon2.ae
Category: Data Breach
Content: The group claims to have leaked login credentials to Dragon2.ae.
Date: 2026-02-10T15:27:23Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065977
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c9963b17-8dc9-4a65-a6a8-0d3305871248.png
Threat Actors: A K U L A v 2 . 2
Victim Country: UAE
Victim Industry: Gaming
Victim Organization: dragon2.ae
Victim Site: dragon2.ae
Alleged data breach of Casansaar
Category: Data Breach
Content: A threat actor claims to have leaked the Casansaar website, which is described as an Indian accounting-related platform. the leaked database is being shared for free and allegedly contains user records with fields such as user ID, name, city, email address, mobile number, username, and password.
Date: 2026-02-10T15:27:01Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-india-Top-Accounting-Firms
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6eb367c6-e205-45bf-882d-c22b97992f61.png
Threat Actors: xghacker
Victim Country: India
Victim Industry: Accounting
Victim Organization: casansaar
Victim Site: casansaar.com
Z-BL4CX-H4T targets the website of Al Liwan engineering consultant
Category: Defacement
Content: The Group claims to have defaced the website of Al Liwan engineering consultant.
Date: 2026-02-10T15:21:04Z
Network: telegram
Published URL: https://t.me/c/3027611821/384
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/55aa6faa-d725-4ffb-bd7a-8ca68c563e50.png
Threat Actors: Z-BL4CX-H4T
Victim Country: UAE
Victim Industry: Architecture & Planning
Victim Organization: al liwan engineering consultant
Victim Site: liwanco.com
Alleged unauthorized access to an unidentified agricultural irrigation control system in Spain
Category: Initial Access
Content: The Group claims to have gained unauthorized access to an industrial agricultural irrigation control system in Spain. They have gained control over controllers, pump settings, valves, filters, and critical parameters – operating time, pressure, fertilizer consumption.
Date: 2026-02-10T14:57:28Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1060
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a36fff0-8966-41c2-8b84-56e2208e6943.jpg
https://d34iuop8pidsy8.cloudfront.net/d24dc391-bd5a-474d-ac80-19d0d3739b9e.jpg
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Russian Legion claims to have target the Denmark
Category: Alert
Content: A recent post by the group indicates that they are targeting Denmark. They plan to test its cyber defenses in the coming week while warning they already have visibility inside national services.
Date: 2026-02-10T14:54:07Z
Network: telegram
Published URL: https://t.me/ruLegionn/99
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/865498d8-5f85-4b02-8608-9de888220612.png
Threat Actors: Russian Legion
Victim Country: Denmark
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Casio
Category: Data Breach
Content: The threat actor claims to have breached over 2 million records from Casio. The compromised data reportedly includes full name, city, address, phone number, and country
Date: 2026-02-10T14:47:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-casio-ru-Data-Breach
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0fab2db7-b040-4a43-96f7-035d588215bc.png
Threat Actors: Jaded
Victim Country: Japan
Victim Industry: Electrical & Electronic Manufacturing
Victim Organization: casio
Victim Site: casio.ru
Alleged leak of login credentials to Irancell
Category: Data Breach
Content: The group claims to have leaked login credentials to Irancell.
Date: 2026-02-10T14:41:41Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065856
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cc27eaba-49a4-4af1-a852-67cabeac0e2b.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Network & Telecommunications
Victim Organization: irancell
Victim Site: irancell.ir
Alleged data breach of fruitcolin.com
Category: Data Breach
Content: The group claims to have breached database from fruitcolin.com, also they leaked admin credentials from the organization.
Date: 2026-02-10T14:38:22Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1060
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6ffe437d-e339-4860-8268-ea2321b909e6.jpg
https://d34iuop8pidsy8.cloudfront.net/636dfbc8-92c5-4093-ad75-858d5612c17a.jpg
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: fruitcolin.com
Alleged leak of login credentials to BALY
Category: Data Breach
Content: The group claims to have leaked login credentials to BALY.
Date: 2026-02-10T14:32:18Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065852
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2f95469c-0c0c-41d1-9daa-faa94247a48f.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Information Technology (IT) Services
Victim Organization: baly
Victim Site: baly.iq
Alleged leak of login credentials to mail.mtnirancell.ir
Category: Data Breach
Content: The group claims to have leaked login credentials to mail.mtnirancell.ir.
Date: 2026-02-10T14:04:48Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065850
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5332a636-4fff-4f0f-83bf-e75b5e5c0665.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: mail.mtnirancell.ir
Alleged data sale of VISUALEZ
Category: Data Breach
Content: The threat actor claims to be selling 2 million records from VISUALEZ, allegedly containing unique data entries such as names (1,865,255) and phone numbers (2,084,663). The data was reportedly leaked on 2026-02-07.
Date: 2026-02-10T13:55:58Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-India-2M-Name-Phone-3D-Visualization-visualez-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ca66e2ca-99db-4665-838c-df297b6b7a62.png
Threat Actors: faoced
Victim Country: India
Victim Industry: Software Development
Victim Organization: visualez
Victim Site: visualez.com
Alleged data breach of The Hebrew University
Category: Data Breach
Content: The Group claims to have leaked data from The Hebrew University. The compromised data reportedly contain 40GB of information including student and staff names, emails, IDs, and academic records.
Date: 2026-02-10T13:47:01Z
Network: telegram
Published URL: https://t.me/c/3610838349/10
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a730bc54-7bf1-447f-90fd-e2519937831e.png
https://d34iuop8pidsy8.cloudfront.net/98fa92d7-e264-4808-85d0-9b018d1e9ae0.png
Threat Actors: Cyber His-eyes
Victim Country: Israel
Victim Industry: Education
Victim Organization: the hebrew university
Victim Site: huji.ac.il
Z-BL4CX-H4T targets the website of Of Indian Origin
Category: Defacement
Content: The Group claims to have defaced the website of Of Indian Origin
Date: 2026-02-10T13:45:18Z
Network: telegram
Published URL: https://t.me/c/3027611821/388
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e38d0838-5238-4b23-a95d-d9db885853ca.jpg
Threat Actors: Z-BL4CX-H4T
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: of indian origin
Victim Site: ofindianorigin.com
Alleged leak of webshell access to cashflow.flagexpress.ma
Category: Initial Access
Content: The group claims to have leaked webshell access to cashflow.flagexpress.ma.
Date: 2026-02-10T13:41:35Z
Network: telegram
Published URL: https://t.me/c/3664625363/214
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/910f4cf5-92a2-4882-96ca-16808ee665b5.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: cashflow.flagexpress.ma
Alleged data breach of Ciffréo Bona
Category: Data Breach
Content: The threat actor claims to have breached 70,000 records from Ciffréo Bona, allegedly containing names, first names, email addresses, plaintext passwords, addresses, and more.
Date: 2026-02-10T13:21:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-FRANCE-Site-ciffrebona-fr-70k-pass-decript%C3%A9
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2de43acd-fea6-4458-989f-383e51265136.png
Threat Actors: celluk
Victim Country: France
Victim Industry: Wholesale
Victim Organization: ciffréo bona
Victim Site: ciffreobona.fr
Alleged data breach of TOMOBUV
Category: Data Breach
Content: The group claims to have leaked the database of TOMOBUV. The compromised data reportedly includes SC_customers, customerID, login, cust_password, email, first_name, last_name, subscribed4news, custgroupID, addressID, reg_datetime, CID, affiliateID, affiliateEmailOrders, affiliateEmailPayments, ActivationCode, and vkontakte_id.
Date: 2026-02-10T13:11:43Z
Network: telegram
Published URL: https://t.me/c/2552217515/289
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9cc89a35-4ae5-4a74-a6c7-bdfe905df1bd.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Ukraine
Victim Industry: Retail Industry
Victim Organization: tomobuv
Victim Site: tomobuv.com.ua
Alleged data leak of Birdee (investment)
Category: Data Breach
Content: The threat actor claims to have leaked a database allegedly containing sensitive personal and financial data related to Birdee (investment), including names, contact details, IBANs, and transaction amounts.
Date: 2026-02-10T13:10:38Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-FR-BIrdee-investment
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/59c7b08b-0fdb-45d0-b169-e2fda74261f7.png
Threat Actors: slvsh3r
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach DCEmu
Category: Data Breach
Content: The threat actor claims to have breached data from DCEmu, allegedly containing email addresses and passwords.
Date: 2026-02-10T13:04:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DCEmu-co-uk
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6e4873a8-4a22-4cea-abe1-009e5e20d8e0.png
Threat Actors: lefsha
Victim Country: UK
Victim Industry: Online Publishing
Victim Organization: dcemu
Victim Site: dcemu.co.uk
Z-BL4CX-H4T targets the website of pickourtrip.com
Category: Defacement
Content: The Group claims to have defaced the website of pickourtrip.com
Date: 2026-02-10T12:59:06Z
Network: telegram
Published URL: https://t.me/c/3027611821/386
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a6ebad62-e222-48c7-bc63-f8f240de67c6.jpg
Threat Actors: Z-BL4CX-H4T
Victim Country: India
Victim Industry: Leisure & Travel
Victim Organization: Unknown
Victim Site: pickourtrip.com
HaxChipper targets the website of Piss Off Boss
Category: Defacement
Content: The group claims to have defaced the website of Piss Off Boss.
Date: 2026-02-10T12:50:18Z
Network: telegram
Published URL: https://t.me/HaxChipper/117
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5e936ead-32f6-4700-886f-17b406f67ba0.png
Threat Actors: HaxChipper
Victim Country: Unknown
Victim Industry: Other Industry
Victim Organization: piss off boss
Victim Site: pissoffboss.com
Alleged data breach of EBAgency Sri
Category: Data Breach
Content: The group claims to have leaked the database of EBAgency Sri
Date: 2026-02-10T12:49:22Z
Network: telegram
Published URL: https://t.me/c/2552217515/291
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3f067ab8-46df-4c3a-8c13-93c9ad914bd1.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Italy
Victim Industry: Events Services
Victim Organization: ebagency sri
Victim Site: ebagency.it
BABAYO EROR SYSTEM targets the website of MyCampus
Category: Defacement
Content: The group claims to have defaced the website of MyCampus.Mirror Url : https://defacer.id/mirror/id/237901
Date: 2026-02-10T12:46:41Z
Network: telegram
Published URL: https://t.me/c/3664625363/219
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1ff6976a-f07e-4f30-85cf-e33032308227.png
https://d34iuop8pidsy8.cloudfront.net/66f96b8b-d3e7-481e-a260-379450ee30aa.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: mycampus
Victim Site: main.mycampus.id
Alleged data breach of Sanoviv Medical Institute
Category: Data Breach
Content: The group claims to have breached the organisation data of Interplan AG. They intent to publish it within 1-2 days.
Date: 2026-02-10T12:23:59Z
Network: tor
Published URL: https://worldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4f53a542-3eff-4e40-bb07-e5c1558d6344.jpeg
Threat Actors: Worldleaks
Victim Country: Mexico
Victim Industry: Hospital & Health Care
Victim Organization: sanoviv medical institute
Victim Site: sanoviv.com
HaxChipper targets the website of checkmyadviser.com
Category: Defacement
Content: The group claims to have defaced the website of checkmyadviser.com.
Date: 2026-02-10T12:15:43Z
Network: telegram
Published URL: https://t.me/HaxChipper/117
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ec3e5a9c-4a7c-478a-97af-78a4328ef7d6.jpg
Threat Actors: HaxChipper
Victim Country: Unknown
Victim Industry: Information Technology (IT) Services
Victim Organization: Unknown
Victim Site: checkmyadviser.com
HaxChipper targets the website of Meem Continental Logistics
Category: Defacement
Content: The Group claims to have defaced the website of Meem Continental Logistics.
Date: 2026-02-10T12:10:46Z
Network: telegram
Published URL: https://t.me/HaxChipper/117
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1e39f477-3801-4bfa-a330-fb8adbdb3f76.png
Threat Actors: HaxChipper
Victim Country: India
Victim Industry: Transportation & Logistics
Victim Organization: meem continental logistics
Victim Site: meemcontinental.com
HaxChipper targets the website of Bilgi Information Systems
Category: Defacement
Content: The group claims to have defaced the website of Bilgi Information Systems.
Date: 2026-02-10T12:04:25Z
Network: telegram
Published URL: https://t.me/HaxChipper/117
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c76093ee-f269-423f-9ed6-e0da1ced512a.png
Threat Actors: HaxChipper
Victim Country: Turkey
Victim Industry: Information Technology (IT) Services
Victim Organization: bilgi information systems
Victim Site: bilgisys.com
Alleged unauthorized access to Digital Tax Free
Category: Initial Access
Content: The Group claims to have gained unauthorized webshell access to Digital Tax Free.
Date: 2026-02-10T12:00:38Z
Network: telegram
Published URL: https://t.me/Cy8er_N4ti0n_IND/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6ab2d63f-70bc-4a34-90b4-aff4a22eb850.png
Threat Actors: CY8ER N4TION
Victim Country: Lithuania
Victim Industry: Financial Services
Victim Organization: digital tax free
Victim Site: taxfreeretirementsimplified.com
UNDERGROUND-NET targets the website of demo.osis-mpk.my.id
Category: Defacement
Content: Group claims to have defaced the website of demo.osis-mpk.my.idMirror url :https://haxor.id/archive/mirror/244088
Date: 2026-02-10T11:51:00Z
Network: telegram
Published URL: https://t.me/c/2195292966/1290
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fb94200d-a731-4d59-9719-e8c452a1e685.jpg
Threat Actors: UNDERGROUND-NET
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: Unknown
Victim Site: demo.osis-mpk.my.id
Singapore’s four largest telcos suffers data breach
Category: Data Breach
Content: A recent security report revealed that a Chinese-linked cyber-espionage group, UNC3886, breached Singapore’s four largest telecommunications providers Singtel, StarHub, M1, and Simba Telecom during targeted cyber intrusions last year. According to Singapore authorities, the attackers gained limited access to internal systems but did not disrupt services or compromise customer data. The breaches were identified as part of a broader espionage campaign aimed at critical infrastructure, prompting the Cyber Security Agency of Singapore to launch a coordinated response to contain the threat and strengthen national cyber defenses.
Date: 2026-02-10T11:49:32Z
Network: openweb
Published URL: https://www.bleepingcomputer.com/news/security/chinese-cyberspies-breach-singapores-four-largest-telcos/
Screenshots:
None
Threat Actors: Unknown
Victim Country: Singapore
Victim Industry: Network & Telecommunications
Victim Organization: singtel
Victim Site: singtel.com
Alleged data breach of Israel Planners Association
Category: Data Breach
Content: The group claims to have breached data belonging to the Israel Planners Association.
Date: 2026-02-10T11:38:46Z
Network: telegram
Published URL: https://t.me/hex_anonymous/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/92c03425-5ba8-4918-a255-04a0c17c963d.png
Threat Actors: hexa-anonymous
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: israel planners association
Victim Site: aepi.org.il
Alleged data leak of Real estate corporation in Israel
Category: Data Breach
Content: The group claims to have breached data belonging to the Real estate corporation in Israel.
Date: 2026-02-10T11:33:47Z
Network: telegram
Published URL: https://t.me/hex_anonymous/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c8ea3e09-bcf4-401e-9f7b-de3539a201ec.png
Threat Actors: hexa-anonymous
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HaxChipper targets the website of ATWEBPAGES.COM
Category: Defacement
Content: The group claims to have defaced the website of ATWEBPAGES.COM.
Date: 2026-02-10T11:19:46Z
Network: telegram
Published URL: https://t.me/HaxChipper/117
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d15357c8-dc06-48ea-9399-a7d4851bb360.jpg
Threat Actors: HaxChipper
Victim Country: Unknown
Victim Industry: Information Technology (IT) Services
Victim Organization: atwebpages.com
Victim Site: atwebpages.com
Alleged data breach of Aerospace & Defense Meetings Tel Aviv
Category: Data Breach
Content: The group claims to have breached data belonging to the Aerospace & Defense Meetings Tel Aviv.
Date: 2026-02-10T10:56:58Z
Network: telegram
Published URL: https://t.me/hex_anonymous/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fc641783-8f0d-45d2-8a27-d898e4d5b812.png
Threat Actors: hexa-anonymous
Victim Country: Israel
Victim Industry: Aviation & Aerospace
Victim Organization: aerospace & defense meetings tel aviv
Victim Site: tel-aviv.bciaerospace.com
Alleged data breach of Go Fish Alberta
Category: Data Breach
Content: The group claims to have leaked the database of Go Fish Alberta (api.gofishab.ca). The compromised data reportedly includes timestamps such as created_at, updated_at, and expires_at, as well as OAuth-related tables and fields including oauth_clients, id, user_id, name, secret, provider, redirect, personal_access_client, password_client, and revoked.
Date: 2026-02-10T10:51:32Z
Network: telegram
Published URL: https://t.me/c/2552217515/284
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c8606d78-c537-489b-b2f4-bab6e8e760a2.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Canada
Victim Industry: Fishery
Victim Organization: go fish alberta
Victim Site: api.gofishab.ca
Alleged leak of webshell access to kairos1.simda.my.id
Category: Initial Access
Content: The group claims to have leaked webshell access to kairos1.simda.my.id.
Date: 2026-02-10T10:24:18Z
Network: telegram
Published URL: https://t.me/c/3664625363/213
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/db1a6022-68cd-4416-8f30-58a6ffa74a80.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: kairos1.simda.my.id
Alleged leak of webshell access to kopiherbautaqa.shop.herbasihat.shop
Category: Initial Access
Content: The group claims to have leaked webshell access to kopiherbautaqa.shop.herbasihat.shop.
Date: 2026-02-10T10:17:36Z
Network: telegram
Published URL: https://t.me/c/3664625363/213
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9219d71a-7836-478e-bcce-75fa0b665367.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: kopiherbautaqa.shop.herbasihat.shop
Z-BL4CX-H4T targets the website of Naijatracks
Category: Defacement
Content: The Group claims to have defaced the website of Naijatracks.
Date: 2026-02-10T09:55:04Z
Network: telegram
Published URL: https://t.me/c/3027611821/383
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4b4a323c-8315-4c81-a79f-53e0c76a1d2b.png
Threat Actors: Z-BL4CX-H4T
Victim Country: Nigeria
Victim Industry: Music
Victim Organization: naijatastics
Victim Site: naijatracks.com
Alleged leak of login credentials to Atomic Energy Organization of Iran
Category: Data Breach
Content: The group claims to have leaked login credentials to Atomic Energy Organization of Iran.
Date: 2026-02-10T09:05:16Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065798
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d5092e84-4342-4e4b-90ea-693f5edca67b.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Government Administration
Victim Organization: atomic energy organization of iran
Victim Site: aeoi.org.ir
Alleged breach of Rotten DPR brain database
Category: Data Breach
Content: The threat actor claims to have breached data belonging to the Dewan Perwakilan Rakyat Republik Indonesia. The compromised data reportedly includes fields such as id_laporan, waktu_generasi, sumber_data, klasifikasi, and additional information.Note: The authenticity of this claim has not yet been verified. This organization has reportedly been breached multiple times in the past.
Date: 2026-02-10T08:56:53Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Rotten-DPR-brain-database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c4aaf93f-7b44-4d31-86a5-060cf2564721.png
https://d34iuop8pidsy8.cloudfront.net/c390b966-bcbb-458e-8cca-57e5979a9098.png
https://d34iuop8pidsy8.cloudfront.net/a48c5cb3-3987-4745-a0a0-62373bbbe608.png
Threat Actors: TikusXploit
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: dewan perwakilan rakyat republik indonesia
Victim Site: dpr.go.ig
Alleged leak of login credentials to Federal Authority For Identity, Citizenship, Customs & Port Security
Category: Data Breach
Content: The group claims to have leaked login credentials to Federal Authority For Identity, Citizenship, Customs & Port Security.
Date: 2026-02-10T08:44:34Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065611
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3718b7dd-37e3-44b2-8cdd-c388f2c9d27d.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: UAE
Victim Industry: Government Administration
Victim Organization: federal authority for identity, citizenship, customs & port security
Victim Site: icp.gov.ae
Alleged leak of login credentials to City4U Portal
Category: Data Breach
Content: The group claims to have leaked login credentials to City4U Portal.
Date: 2026-02-10T08:28:57Z
Network: telegram
Published URL: https://t.me/c/1943303299/1065615
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b6cb737c-2636-4029-908c-324cbdd6dfdc.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: city4u portal
Victim Site: city4u.co.il
Alleged Sale of Native Shellcode Loader and EDR Bypass Tool
Category: Malware
Content: The threat actor claims to be selling a private native shellcode loader written in C/C++ and ASM, designed to bypass AV/EDR and sandbox protections using stealth injection and anti-analysis techniques.
Date: 2026-02-10T08:18:56Z
Network: tor
Published URL: https://xssforum7mmh3n56inuf2h73hvhnzobi7h2ytb3gvklrfqm7ut3xdnyd.onion/threads/145839/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7306de07-ef4b-4980-855a-ed6612c87ef9.png
https://d34iuop8pidsy8.cloudfront.net/bf39b5d9-da6f-488f-9945-0f9c07185cee.png
Threat Actors: work159
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to an unidentified industrial ventilation control system in Poland
Category: Initial Access
Content: The Group claims to have gained unauthorized access to an industrial ventilation control system in Poland. They have gained control over operating schedules, fan parameters, voltages, speeds, and the HMI interface settings.
Date: 2026-02-10T08:10:14Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1059
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1990b561-aefa-4725-8594-e1511d04be3c.png
https://d34iuop8pidsy8.cloudfront.net/ffc79a8c-c84d-4015-b7fc-cc2094e81230.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
THE GARUDA EYE claims to target Armenia
Category: Alert
Content: A recent post by the group indicates that they are targeting Armenia.
Date: 2026-02-10T07:37:17Z
Network: telegram
Published URL: https://t.me/GarudaEye/989
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/48139582-7889-4f64-b786-1fb0f3402f6e.jpg
Threat Actors: THE GARUDA EYE
Victim Country: Armenia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of QThrust
Category: Data Breach
Content: Threat actor claims to have leaked data from QThrust. The compromised data reportedly include name, email, password, phone number, image and ip information.
Date: 2026-02-10T06:56:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-qthrust-com-Database-India
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3564b6f2-25cb-4d24-b438-fdc7ce155054.png
Threat Actors: LindaBF
Victim Country: India
Victim Industry: Software Development
Victim Organization: qthrust
Victim Site: qthrust.com
Alleged unauthorized access to CIMON Inc.
Category: Initial Access
Content: The group claims to have gained unauthorized access and have leaked sensitive data belonging to CIMON Inc.
Date: 2026-02-10T06:47:36Z
Network: telegram
Published URL: https://t.me/c/2875163062/585
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/986a80fb-205e-493e-8c48-fff7ebceeca5.png
Threat Actors: RipperSec
Victim Country: South Korea
Victim Industry: Industrial Automation
Victim Organization: cimon inc.
Victim Site: cimon.com
Alleged data breach of ATALIAN
Category: Data Breach
Content: Threat actor claims to be leaked the database from ATALIAN, France. The compromised data reportedly contains 4,198,129 records including name, email, address, phone number information.
Date: 2026-02-10T06:44:52Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DOCUMENTS-ATALIAN-FR
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/12eca974-0d41-4a05-ae0b-4abaa550babc.png
Threat Actors: Shenron
Victim Country: France
Victim Industry: Recreational Facilities & Services
Victim Organization: atalian global services
Victim Site: atalian.com
Alleged sale of unauthorized access to unidentified French Company
Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to unidentified French Company.
Date: 2026-02-10T06:41:24Z
Network: openweb
Published URL: https://breachforums.bf/Thread-French-Company-1B%E2%82%AC-Server-access-as-NT-System
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/55bfa32f-5793-4f08-a1ac-7b557893c172.png
Threat Actors: NotJeffreyEpstein
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of FBI & DHS Database
Category: Data Breach
Content: The group claims to have leaked data of FBI & DHS Database of employee
Date: 2026-02-10T06:33:57Z
Network: telegram
Published URL: https://t.me/hex_anonymous/251
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/42112a04-caf1-4097-a9ba-c0e2ed88a8c8.png
Threat Actors: Mrhackbuddy
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Mega Database Collection Leak
Category: Data Breach
Content: The threat actor claims to be sharing massive collection of leaked databases; the dataset consists of 21,279 files with a combined size of 595.32 GB.
Date: 2026-02-10T06:31:36Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-%E2%9B%81-MEGA-DATABASE-COLLECTION-LEAK-595-32GB-21-279-FILES
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9309731c-14e6-4b09-8128-fad8f19c9185.png
Threat Actors: henrich
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Leak of Indonesian Internet Service Provider
Category: Data Breach
Content: The threat actor claims to have leaked the database of Indonesian Internet Service Provider, the dataset contains subscriber and network device information, including identifiers, firmware details, operational status, and power metrics.
Date: 2026-02-10T06:25:58Z
Network: openweb
Published URL: https://breachforums.bf/Thread-COLLECTION-INDONESIA-INTERNET-SERVICE-PROVIDER%C2%A0-Subscribers-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6c4e08b1-e2f0-4dc9-a705-8d27310cb5c8.png
Threat Actors: anim3
Victim Country: Indonesia
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of an Israeli database
Category: Data Breach
Content: The group claims to have leaked Israeli database.
Date: 2026-02-10T06:22:12Z
Network: telegram
Published URL: https://t.me/hex_anonymous/249
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3a73daf5-cb96-43b3-8ac2-5cbda180ad99.png
Threat Actors: Mrhackbuddy
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Neotel
Category: Data Breach
Content: Threat actor claims to be leaked the database from Neotel, Argentina. The compromised data reportedly contains 773,757 records including name, email, address, phone number, IDs and Country information.
Date: 2026-02-10T06:17:07Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DOCUMENTS-NEOTEL-US
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8dcfb876-0ae6-493a-9b53-6ee07576550b.png
https://d34iuop8pidsy8.cloudfront.net/b1b76cc3-01dc-4f33-bd85-f6583d70399e.png
Threat Actors: Shenron
Victim Country: Argentina
Victim Industry: Software Development
Victim Organization: neotel
Victim Site: neotel.us
Alleged Leak Of American People Identity Data
Category: Data Breach
Content: The threat actor claims to be leaked American People Identity Data. he compromised data reportedly includes Full names, Phone numbers, Full residential addresses, Occupations, Email addresses
Date: 2026-02-10T06:07:07Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-AMERIKA-PEOPLE-DATA-hacked-by-Rizkynoreste
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2a1caac9-2e47-4514-b637-14a842429dda.png
Threat Actors: RizexeNazi
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Leak of Login Credentials for Global Blue Platform
Category: Data Breach
Content: The threat actor claims to have leaked the login credentials to Global Blue Platform
Date: 2026-02-10T05:45:02Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/cracked-globalblue.514/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a8887f09-52f5-49a3-8477-9abcba577b78.png
Threat Actors: ceshi
Victim Country: Switzerland
Victim Industry: Financial Services
Victim Organization: global blue
Victim Site: globalblue-agent.com
Alleged sale of ICFES database
Category: Data Breach
Content: Threat actor claims to be selling the database of ICFES (Instituto Colombiano para la Evaluación de la Educación), the dataset contains the educational records tied to students, universities, colleges, legal entities, and organizations connected to ICFES evaluation and consulting services.
Date: 2026-02-10T05:28:28Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-ICFES-COLOMBIA-DATABASE
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ab4a8075-4890-478e-8a62-b17f41cdac5a.png
https://d34iuop8pidsy8.cloudfront.net/b1ef1292-1388-4e0e-879a-768ed1941435.png
Threat Actors: CryptoDead
Victim Country: Colombia
Victim Industry: Higher Education/Acadamia
Victim Organization: instituto colombiano para la evaluación de la educación (icfes)
Victim Site: icfes.gov.co
Alleged leak of login credentials to MOEYS
Category: Initial Access
Content: The group claims to have leaked the login credentials to MOEYS.
Date: 2026-02-10T05:24:46Z
Network: telegram
Published URL: https://t.me/nxbbsec/5002
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5a06fd2e-f079-4daf-b11b-50a2822936ec.png
Threat Actors: NXBB.SEC
Victim Country: Cambodia
Victim Industry: Education
Victim Organization: moeys
Victim Site: exam1.moeys.gov.kh
BABAYO EROR SYSTEM targets the website of mail.liore.top
Category: Defacement
Content: The group claims to have defaced the website of mail.liore.top.
Date: 2026-02-10T05:23:54Z
Network: telegram
Published URL: https://t.me/c/3664625363/212
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/38f9f32d-65cb-4005-86d0-ce4720172c35.png
https://d34iuop8pidsy8.cloudfront.net/96b1ab3d-a29f-4ff4-89a9-96602de7bf9b.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: mail.liore.top
Alleged access to Binance
Category: Initial Access
Content: The group claims to have leaked access to Binance
Date: 2026-02-10T05:20:16Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3666
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1edb1d93-9038-46b8-bcae-4ff9753f5a58.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: Unknown
Victim Industry: Financial Services
Victim Organization: binance
Victim Site: binance.com
Alleged Data Sale of Cryptoxscanner
Category: Data Breach
Content: Threat actor claims to be selling the database of Cryptoxscanner,the dataset contains 13000 user informations.
Date: 2026-02-10T05:19:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Cryptoxscanner-com-Crypto-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8f1db2bb-c135-40e7-8e11-e1a0b0c99c29.png
Threat Actors: Sythe
Victim Country: Unknown
Victim Industry: Financial Services
Victim Organization: cryptoxscanner
Victim Site: cryptoxscanner.com
Alleged data breach of Code et Conduite
Category: Data Breach
Content: Threat actor claims to be leaked the database from Code et Conduite, France. The compromised data reportedly contains 182K records including legal name, email, address, phone number, Logins and passwords etc.
Date: 2026-02-10T04:50:49Z
Network: openweb
Published URL: https://darkforums.me/Thread-182k-France-code-et-conduite-fr-User-Database-Names-Emails-Logins-Passwor
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5fb394c3-0ae8-4a79-a00a-0265918eaabe.png
Threat Actors: gtaviispeak
Victim Country: France
Victim Industry: Education
Victim Organization: code et conduite
Victim Site: code-et-conduite.fr
Alleged leak of login credentials to University of Health Sciences
Category: Initial Access
Content: The group claims to have leaked the login credentials to University of Health Sciences.
Date: 2026-02-10T04:50:25Z
Network: telegram
Published URL: https://t.me/nxbbsec/5004
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2d040461-3333-47e6-b7e3-909bbad02246.png
Threat Actors: NXBB.SEC
Victim Country: Cambodia
Victim Industry: Higher Education/Acadamia
Victim Organization: university of health sciences
Victim Site: lms.uhs.edu.kh
Alleged Sale of Partido dos Trabalhadores database
Category: Data Breach
Content: Threat actor claims to be selling the database of Partido dos Trabalhadores, the dataset contains 537,000 members personal data.
Date: 2026-02-10T04:37:50Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-PT-ORG-BR-537K-Partido-dos-Trabalhadores
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ccae97bc-8c0e-4bfd-a2fb-937fe2c0a3c0.png
Threat Actors: Typical_Idiot
Victim Country: Brazil
Victim Industry: Political Organization
Victim Organization: partido dos trabalhadores
Victim Site: pt.org.br
Alleged Sale Of Corte Suprema de Justicia de El Salvador Data
Category: Data Breach
Content: The threat actor claims to be selling data from Corte Suprema de Justicia de El Salvador. The compromised data reportedly contain 25,000 records includes National ID card numbers, Dates of birth, Email addresses, mobile phone numbers, First and last names, Tax identification numbers, Full residential address
Date: 2026-02-10T04:14:59Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-Selling-25k-Records-Images-From-The-Supreme-Court-of-Justice-of-El-Salvador
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/19e1a883-491d-467b-a6ce-69514766b693.png
https://d34iuop8pidsy8.cloudfront.net/513f6f2f-8568-4d25-a6df-289539979edf.png
https://d34iuop8pidsy8.cloudfront.net/ac9f1774-943b-4469-a300-4990d4624040.png
Threat Actors: GordonFreeman
Victim Country: El Salvador
Victim Industry: Judiciary
Victim Organization: corte suprema de justicia de el salvador
Victim Site: csj.gob.sv
Alleged Data Breach of WormGPT.AI
Category: Data Breach
Content: The threat actor claims to have breached the database of WormGPT.AI, the exposed dataset contains over 19,000 unique user records.
Date: 2026-02-10T03:47:55Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-WormGPT-AI-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ff8b0a99-7c2e-4814-b485-f46cc90a0fa3.png
Threat Actors: Sythe
Victim Country: Unknown
Victim Industry: Software
Victim Organization: wormgpt.ai
Victim Site: wormgpt.ai
Alleged data leak of USA Front ID
Category: Data Breach
Content: The threat actor claims to have leaked database allegedly containing USA Front ID records of 78.41 GB of data.
Date: 2026-02-10T03:47:37Z
Network: openweb
Published URL: https://darkforums.me/Thread-USA-Front-ID-DL-Sample
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/54dbbbb2-c43e-49ad-b413-186310c5d775.png
Threat Actors: Kirigaya
Victim Country: USA
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of German Leads Database
Category: Data Breach
Content: The threat actor claims to have selling the German Leads Database, the dataset set contains 56,000 leads associated with the motorcycle and travel sector.
Date: 2026-02-10T03:40:16Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-GERMANY-LEADS-Motorcycle-Travel-Sector-50K
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/94e2815f-0075-4276-8352-53dbbbb5a0b0.png
Threat Actors: OpenBullet
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged access to Universitas Pelita Bangsa
Category: Initial Access
Content: The group claims to have leaked access to Universitas Pelita Bangsa
Date: 2026-02-10T03:37:40Z
Network: telegram
Published URL: https://t.me/z_bl4cx_h4t_id/60
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef0c4dc0-9ee4-42fb-aa9a-642470da8bc0.png
Threat Actors: Z-BL4CX-H4T.ID
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: universitas pelita bangsa
Victim Site: pelitabangsa.ac.id
Alleged Data Breach of Vivo
Category: Data Breach
Content: The threat actor claims to be leaked Vivo Customer Data From Vivo. The compromised data reportedly contain 60,618,090 records including Phone numbers, Activation and withdrawal dates, Line and product status, Customer names and customer type, Full residential addresses, Contact phone numbers and email addresses
Date: 2026-02-10T03:30:07Z
Network: openweb
Published URL: https://darkforums.me/Thread-Vivo-Brazil
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/edee5e6c-1444-49c8-a701-22092da847fc.png
Threat Actors: Kirigaya
Victim Country: Brazil
Victim Industry: Network & Telecommunications
Victim Organization: vivo
Victim Site: vivo.com.br
Alleged Data Breach of Inter Rapidísimo
Category: Data Breach
Content: The threat actor claims to have breached the database of Inter Rapidísimo, the dataset contains detailed user account records for over 661,000 customers, including authentication data, contact information, and system metadata.
Date: 2026-02-10T03:15:44Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Interrapidisimo-com-Colombia-661K
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/87faf787-f00a-47ba-8642-70ecb7895064.png
Threat Actors: Typical_Idiot
Victim Country: Colombia
Victim Industry: Transportation & Logistics
Victim Organization: inter rapidísimo
Victim Site: interrapidisimo.com
Alleged access to Madrasah Aliyah Negeri 16 Jakarta
Category: Initial Access
Content: The group claims to have leaked access to Madrasah Aliyah Negeri 16 Jakarta
Date: 2026-02-10T03:05:17Z
Network: telegram
Published URL: https://t.me/c/3421269527/95
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cce7fd50-f767-4966-9832-7f04ef5582d0.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: madrasah aliyah negeri 16 jakarta
Victim Site: man16jakarta.com
Alleged access to Madrasah Aliyah Tahdzibun Nufus
Category: Initial Access
Content: The group claims to have leaked access to Madrasah Aliyah Tahdzibun Nufus
Date: 2026-02-10T02:57:26Z
Network: telegram
Published URL: https://t.me/c/3421269527/95
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7a1ee4f3-dcef-4c06-961c-1d80e6c5d480.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: madrasah aliyah tahdzibun nufus
Victim Site: e-learning-ma-tahdzibunnufus.com
Alleged access to Madrasah Tsanawiyah Sirojul Huda
Category: Initial Access
Content: The group claims to have leaked access to Madrasah Tsanawiyah Sirojul Huda
Date: 2026-02-10T02:56:52Z
Network: telegram
Published URL: https://t.me/c/3421269527/95
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b6967adb-5177-451a-9a48-f6ecc7b47414.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: madrasah tsanawiyah sirojul huda
Victim Site: elearning-mtssirojulhuda.online
Alleged leak of SSN data
Category: Data Breach
Content: Threat actor claims to have leaked SSN data from US, UK, and Canada. The compromised data reportedly contains firstname, lastname, middlename, date of birth, address, city, zip, phone number, altDOB, and ssn.
Date: 2026-02-10T02:55:36Z
Network: openweb
Published URL: https://demonforums.net/Thread-250M-SSN-Breach
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/18f9d849-512b-4558-800e-99199ce708d4.png
Threat Actors: USD
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Republic of Cyprus
Category: Data Breach
Content: The threat actor claims to have breached the database of Republic of Cyprus, the dataset contains thousands of records related to beneficiaries, applications, approvals, payments, and service provisioning details.
Date: 2026-02-10T02:49:55Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-gigavoucher-dmrid-gov-cy-Customer-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/21dac787-e48b-49d2-a1ec-7750a8b66b54.png
Threat Actors: IntelShadow
Victim Country: Cyprus
Victim Industry: Government Administration
Victim Organization: republic of cyprus
Victim Site: gigavoucher.dmrid.gov.cy
CyberOprationCulture targets the website of Madina Bright Academy
Category: Defacement
Content: The group claims to have defaced the website of Madina Bright Academy
Date: 2026-02-10T01:52:06Z
Network: telegram
Published URL: https://t.me/c/3421269527/94
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/91b40ccd-4462-418b-8b76-7224b5ce2664.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: madina bright academy
Victim Site: db.brightacademy.sch.id
Alleged access to Madina Bright Academy
Category: Initial Access
Content: The group claims to have leaked access to Madina Bright Academy
Date: 2026-02-10T01:47:01Z
Network: telegram
Published URL: https://t.me/c/3421269527/94
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/91b40ccd-4462-418b-8b76-7224b5ce2664.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: madina bright academy
Victim Site: db.brightacademy.sch.id