[February-11-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report analyzes a surge of 85 distinct cybersecurity incidents recorded on February 11, 2026. The intelligence gathered indicates a highly volatile threat landscape characterized by a diverse array of attack vectors, ranging from the sale of Initial Access (RDP, VPN, Shell) to massive Data Breaches targeting government infrastructure and financial institutions.

The period was marked by three distinct trends:

Targeted Infrastructure Campaigns: A specific focus on Operational Technology (OT) and SCADA systems in Spain, Turkey, Japan, and Ukraine, indicating that threat actors are increasingly moving beyond data theft to physical system control.
Regional Coordination: Highly concentrated campaigns were observed in the Middle East (specifically Iraq) and South America (Brazil and Argentina), driven by specific threat actor groups such as “A K U L A v 2 . 2” and “Pharaohs Team Market.”
High-Profile Financial Data Leaks: Allegations of massive data dumps involving major Western financial institutions (Capital One, Webster Bank) and federal agencies (FBI, SSA), though these remain unverified “alleged” breaches sold on dark web forums.

This document provides a granular analysis of these events, categorized by region, sector, and threat actor, to offer a holistic view of the global cyber posture for this date.

2. Statistical Overview & Threat Landscape

2.1 Incident Categorization

The 85 recorded incidents fall into three primary categories. The dominance of “Initial Access” sales suggests that the cybercriminal economy is currently saturated with brokers selling entry points for ransomware operators to exploit later.

Initial Access Sales: ~45% of incidents.
- Nature: Sale of RDP, VPN, Shell, Domain Admin, and CMS access.
- Implication: Precursor to future ransomware deployment.
Data Breaches / Leaks: ~40% of incidents.
- Nature: SQL dumps, PII leaks, government ID theft, and consumer lead lists.
- Implication: Immediate privacy loss and high risk of identity theft/fraud.
Defacement / Hacktivism: ~15% of incidents.
- Nature: Website vandalism and denial of service.
- Implication: Reputational damage and political signaling.

2.2 Geographic Distribution

The geographical dispersion of attacks confirms a globalized threat environment.

Americas: Heavy concentration in the USA (Corporate access, Federal data) and Brazil/Argentina (Government/Retail data).
EMEA (Europe, Middle East, Africa): Iraq and Israel saw coordinated waves of attacks. Spain and France faced significant infrastructure and e-commerce threats.
APAC (Asia-Pacific): Indonesia remains a primary target for government and education sector leaks. South Korea and Japan faced high-value consumer and medical data breaches.

3. Detailed Regional Analysis

3.1 North America (USA, Canada, Mexico)

The North American theater was characterized by high-stakes allegations against federal entities and the sale of corporate network access.

3.1.1 The Financial & Government Sector Allegations

The most alarming reports from this region involve unverified but critical claims of data theft from major institutions.

Capital One & Webster Bank (USA): Threat actor ResPublica listed datasets allegedly containing banking records, credit scores, and income ranges. If authentic, this represents a catastrophic failure of data privacy for banking customers.+1
Federal Bureau of Investigation (FBI): A threat actor named leon123 claimed to be selling sensitive personal information belonging to the FBI. While often such claims on forums are exaggerated to scam other criminals, the reputational risk requires immediate verification.
Social Security Administration (SSA): The group Hider_Nex claimed to have leaked a database of U.S. citizen data. The volume of data involved makes this a critical privacy concern for the affected population.
Radius Global Solutions: ResPublica also targeted this outsourcing firm, claiming to have exfiltrated employee identity structures and system management data, which could facilitate downstream attacks on the company’s clients.

3.1.2 Corporate Espionage & Access Sales

Initial Access Brokers (IABs) were highly active in the U.S. market, selling “backdoors” into companies.

IT & Business Services: An IT Business Services company in the USA was listed for sale by Saturned33. The offer included Domain Admin (NTLM) privileges across 45 hosts and access to NAS devices with 700GB of data. This is a “keys to the kingdom” scenario.
Infrastructure & Utilities: Infrastructure Destruction Squad claimed access to a VoIP and fiber network testing system in Georgia (Cox Communications). This access exposes network configurations and could allow for service disruption.
Legal & Manufacturing: Pharaohs Team Market sold access to Koch Law and SD Specialty. Meanwhile, Big-Bro listed Sophos VPN access to an unidentified US manufacturing company.+2

3.1.3 Canada & Mexico

Canada: A furniture store with significant revenue ($17k top orders) was targeted by bobby_killa, who sold shop manager access.
Mexico: yukoxploit leaked 186,000 records from Mi Plataforma Escolar, compromising student safety by exposing CURP IDs and residential addresses.

Strategic Assessment (North America): The focus on selling administrative access (Domain Admin, RDP) indicates that North American companies are currently in the “staging” phase of potential ransomware attacks. The alleged federal breaches likely represent recycled data or third-party vendor leaks rather than direct compromises of the FBI or SSA, but the exposure of citizen data remains real.

3.2 South America (Brazil, Argentina, El Salvador)

South America faced a dual threat: massive government data exfiltration and widespread website defacements.

3.2.1 The “Brazil & Argentina” Data Hemorrhage

Argentina Driver’s Licenses: ByteHunter offered a 350GB database containing 637,000 driver’s license records, including biometric assets. This poses a severe national security risk regarding identity fraud.
Argentine Government (TAD): sebastianmarset leaked nearly 60,000 citizen photos linked to National IDs (DNI), scraped from the government’s digital services portal.
São Paulo State (PRODESP): A massive leak of 200GB containing 2 million records (facial images, CPF) was claimed by 0x0dayToDay. This targets the core data processing agency of Brazil’s most populous state.
Brazilian Retail: macaroni leaked full payroll records for Atacadão S. Furtado, exposing salary details and tax IDs for thousands of employees.
Corporate Access: Big-Bro sold Domain Admin and FortiGate access to a Brazilian business services firm, further proving that corporate networks in the region are being aggressively probed.

3.2.2 Defacement Campaigns

Z-BL4CX-H4T.ID and similar groups targeted Brazilian industrial sites like Sumek Brasil, indicating a politically motivated or “clout-chasing” vandalism trend in the region.

3.2.3 El Salvador

Pharaohs Team Market targeted media infrastructure, selling access to Radio San Pedro Metapán and Radio Fey Vida. This suggests a campaign specifically aimed at silencing or controlling local broadcast media.+1

Strategic Assessment (South America): The region is suffering from a systemic failure to protect PII (Personally Identifiable Information). The theft of biometric data (facial images) and government IDs allows for irreversible identity theft.

3.3 Europe (UK, France, Spain, Italy, Germany, Poland, Switzerland, Denmark, Ukraine)

Europe saw a mix of “hack-and-leak” operations, critical infrastructure targeting, and e-commerce exploitation.

3.3.1 Critical Infrastructure & OT

Spain (Agriculture): Z-PENTEST ALLIANCE breached a sugarcane irrigation control system. They gained control over Delta Electronics HMIs, pumps, and pressure regulators. This is a kinetic threat; attackers could flood fields or destroy crops physically.
Ukraine (Surveillance): NoName057(16) accessed CCTV systems in a bakery. While low-level, this group also claimed to target Denmark and Ukraine with leaked “Top Secret” directives, suggesting an espionage or disinformation angle.+1
Italy (Government): The Municipality of Nosate confirmed a cyberattack on its IT network, disrupting local administration.

3.3.2 Financial & Corporate Data

UK (Finance): samy01 sold RDWeb access to multiple UK industries, including access to 4 domain controllers. Additionally, ken6k and kimald claimed to have leaked 10,000 Binance account verified phone numbers from the UK and Poland.+2
Spain (Business): A business association was breached by boto, losing 6,000 contact emails and member tax documents. Ric1986 also sold a Spanish banking database with IBAN details.+1
France (Energy & Government): wwxxcc leaked data from Boostheat Group (Energy), including employee info. Mayz0xxx reposted leaked data on French National Assembly members.+1
Switzerland & Germany: Big-Bro sold VPN access to a Swiss manufacturer , and CY8ER N4TI0N defaced the site of German industrial firm Thorsten Otto.+1

Strategic Assessment (Europe): The attack on Spanish irrigation systems is the most technically significant event, highlighting the vulnerability of “Smart Agriculture.” The widespread sale of VPN/RDP access (Switzerland, UK) suggests European manufacturing and service sectors are prime targets for imminent ransomware deployment.

3.4 Middle East (Iraq, Iran, Israel, UAE, Kuwait, Lebanon, Turkey)

The Middle East theater is currently dominated by two narratives: the “A K U L A” campaign against Iraq and the Iran/Israel cyber conflict.

3.4.1 The “A K U L A v 2 . 2” Campaign (Iraq)

A single threat actor, A K U L A v 2 . 2, executed a sustained campaign against Iraqi state and commercial infrastructure, leaking credentials for:

Al-Baghdadia Creativity Company (IT Services)
General Company for Electronic Systems (Software)
Taeen (Recruiting)
Iraq International Trade Point (Trade)
Northern Technical University (Education) This represents a systemic compromise of Iraqi digital infrastructure, likely utilizing credential stuffing or a shared vulnerability across these platforms.

3.4.2 Regional Tensions (Iran, Israel, UAE)

Iran: laher36105 offered a trade of major banking databases (Mellat, Melli, Sepah Bank), indicating a massive breach of the Iranian financial sector is currently in circulation.
Israel: A K U L A v 2 . 2 also targeted Israeli firms HQserv and MyHeritage. Additionally, Z-BL4CX-H4T defaced the medical site Diana-B.+2
UAE: rythem sold full access to the Emirates Towers database (2016-2025), a significant breach of hospitality data including guest records and floor plans.
Kuwait: KashPatel sold 11.3GB of data from Zain Kuwait (Telecom), affecting 3.8 million records.
Turkey: 404 CREW CYBER TEAM claimed access to a SCADA system, continuing the global trend of OT targeting.

Strategic Assessment (Middle East): The volume of credential leaks in Iraq suggests a weak password posture or a compromised common service provider. The trade of Iranian banking data suggests deep penetration of the sanctioned country’s financial intranet.

3.5 Asia Pacific (Indonesia, India, South Korea, Japan, Taiwan, China, Australia)

APAC witnessed the highest volume of distinct incidents, particularly in the education and government sectors.

3.5.1 Indonesia: The Primary Target

Indonesia faced a barrage of attacks:

Government: ShadowNex and bujanglapuk leaked population data from Kotawaringin Barat and Mojokerto City, exposing National IDs (NIK) and family cards.+1
Education: Gugugaga leaked student portal credentials for Gunadarma University, and 404 CREW CYBER TEAM defaced Kelasi Education domains.+1
E-Commerce: yukoxploit breached Kimia Market.

3.5.2 East Asia (China, Japan, Korea, Taiwan)

South Korea: betway sold 3.1 million “high-end” consumer leads (yacht/luxury car owners), a goldmine for spear-phishing.
Japan: NetRunnerPR breached Nippon Medical School Musashi Kosugi Hospital, stealing 131,000 patient records. NoName057(16) accessed a microclimate control system (TNCS-500) at an industrial facility, capable of altering temperature and humidity.+1
China: qaz893946 claimed to have the source code for Kuaishou, a major social media platform.
Taiwan: k0rb3nd4ll4s leaked data on 12,000 customers of APGO Taiwan.

3.5.3 India & Australia

India: Pharaohs Team Market targeted Aarvee (Civil Engineering) , Perfect Meta Print , and Digital Funnel Global.+2
Australia: samy01 sold access to a law firm with 275 computers. Big-Bro sold VPN access to a retailer. Z-BL4CX-H4T defaced Germonizer Australia.+2

Strategic Assessment (APAC): Indonesia’s digital infrastructure appears highly porous, with frequent leaks of government data. The Japanese hospital breach and industrial control system access highlight a dangerous escalation in threats to physical safety and health privacy in advanced economies.

4. Threat Actor Profile & Attribution

Analysis of the 85 incidents reveals several distinct actor typologies active on February 11, 2026.

Threat Actor	Motivation	TTPs (Tactics, Techniques, Procedures)	Targets
A K U L A v 2 . 2	Political / Disruption	Credential leaking, likely via compromised database or phished accounts.	Iraq (Gov/Edu), Israel (Tech).
Big-Bro	Financial (IAB)	Selling Initial Access (VPN, Domain Admin). Specializes in Fortinet/Sophos VPNs.	USA, Brazil, Switzerland, Morocco, Australia.
Pharaohs Team Market	Financial / Access	Selling unauthorized access (RDP/Web). Rapid-fire targeting of diverse SMEs.	USA, El Salvador, India (Media, Legal, Manufacturing).
ResPublica	Financial / High-Profile	Selling massive datasets from major corporations. Focus on PII and financial records.	USA (Capital One, Webster Bank, Radius Global).
Z-BL4CX-H4T	Hacktivism / Defacement	Web defacement, vandalism. Political signaling against Israel/Western allies.	Israel, Brazil, Australia, Singapore.
NoName057(16)	Sabotage / Espionage	Targeting OT/SCADA systems (CCTV, Climate Control). Political messaging.	Ukraine, Japan.
Korbibian	Financial (Bulk)	Selling bulk credentials (GitLab, WHMCS, ADFS) in the thousands.	Global (DevOps/Admin interfaces).

Key Observation: The distinction between “Access Brokers” (Big-Bro, Pharaohs) and “Data Brokers” (ResPublica, betway) is sharp. Access brokers facilitate future attacks, while data brokers monetize past attacks.

5. Sector-Specific Analysis

5.1 Government & Public Sector

Incident Count: High.
Key Events: SSA (USA), FBI (USA), Argentine Driver’s Licenses, PRODESP (Brazil), French National Assembly.
Analysis: Public sector entities are leaking massive amounts of citizen PII. The focus on “Identity Assets” (Driver’s licenses, facial photos, tax IDs) is critical because unlike credit card numbers, these identifiers cannot be easily changed by victims.

5.2 Industrial & Critical Infrastructure (ICS/SCADA)

Incident Count: Moderate but High Impact.
Key Events: Spanish Irrigation System, Turkish SCADA, Japanese Microclimate Control, Ukrainian CCTV.
Analysis: The access to Delta Electronics DOP-100 HMIs in Spain and TNCS-500 systems in Japan is alarming. These are not IT breaches; they are OT (Operational Technology) breaches. The attackers demonstrated the ability to modify physical processes (pressure, temperature, water levels). This indicates a shift towards kinetic cyberwarfare capabilities where digital intrusions cause physical damage.+1

5.3 Financial Services

Incident Count: High.
Key Events: Capital One, Webster Bank, Iranian Banks, Binance (Crypto).
Analysis: Traditional banks are facing large-scale data dump allegations, while the crypto sector (Binance, Learn Crypto) involves targeted leaks of “verified” user lists, which are highly valuable for “pig butchering” scams and social engineering.

5.4 E-Commerce & Retail

Incident Count: Very High.
Key Events: Magento/PrestaShop vulnerabilities.
Analysis: Actors like duffyduck11 are selling lists of vulnerable PrestaShop sites (800+), while others sell admin access to Magento stores. This suggests automated scanning for CMS vulnerabilities (likely SQL Injection or unpatched plugins) is a primary vector for retail compromises.+1

6. Technical Vectors & Vulnerabilities

Based on the “Content” descriptions in the source data, the following technical vectors were prominent:

SQL Injection (SQLi): Explicitly mentioned in the PrestaShop sales and the Italian shop access. This remains a top vector for e-commerce data theft.+1
RDP / VPN Compromise: The “Initial Access” sales frequently cite RDP, FortiVPN , and Sophos VPN. This implies either brute-forcing, credential stuffing, or exploitation of unpatched VPN concentrators.+1
Credential Stuffing/Logs: The bulk sales of ADFS , GitLab , and WHMCS credentials suggest the use of “stealer logs” (malware that steals saved browser passwords) to harvest thousands of administrative logins at once.+2
Default/Weak OT Credentials: The detailed access descriptions for the SCADA systems (viewing specific pump names and alarm logs) suggest attackers may be using default passwords on internet-facing industrial controllers.

7. Conclusion & Strategic Outlook

The intelligence report for February 11, 2026, depicts a digital ecosystem under siege from three sides: state-affiliated sabotage (OT attacks in Europe/Asia), criminal commercialization (Access Brokers selling corporate backdoors), and systemic data negligence (massive government leaks).

Key Takeaways:

The “Physical” Cyber Threat is Real: The successful compromise of irrigation and climate control systems moves the threat needle from “data loss” to “physical sabotage.” Organizations with industrial assets must immediately segregate OT networks from the IT internet.
South America & Indonesia are Data Sieves: The volume of PII leaking from Brazil, Argentina, and Indonesia suggests a regional crisis in government data handling. Citizens in these regions are at extreme risk of identity fraud.
The Rise of “Big-Bro” & “Pharaoh”: The emergence of highly prolific Initial Access Brokers targeting manufacturing and legal firms indicates that a wave of ransomware attacks against these specific clients is likely imminent (within 30-90 days). The access has been sold; the payload comes next.
Verification of “Mega-Breaches”: The allegations against Capital One, the FBI, and the SSA are unverified but follow a pattern of “repackaged” old data being sold as new. However, security teams must treat them as credible until proven otherwise due to the potential fallout.

Recommendations:

For Corporate Entities: Immediately audit all external VPN (Sophos/Fortinet) accounts and enforce MFA. Review RDP exposure.
For Government Agencies: Investigate third-party contractors who may have access to citizen databases (TAD, PRODESP systems).
For OT Operators: Disconnect HMIs (like Delta Electronics DOP series) from the public internet immediately and place them behind strict firewalls.

Detected Incidents Draft Data

Alleged sale of unauthorized access to unidentified Furniture store from Canada
Category: Initial Access
Content: Threat actor claims to be selling shop manager access to a Canada-based furniture store running Magento 1. Access allegedly allows viewing orders, customer details, and account management. The store reportedly has 800+ monthly orders, with a top order over $17,000 CAD.
Date: 2026-02-11T23:58:42Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275823/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/651e8bc1-88e1-4c7d-b1c4-3ad5b5fe1c92.png
Threat Actors: bobby_killa
Victim Country: Canada
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of 3.1 M private leads from South Korea
Category: Data Breach
Content: Threat actor claims to be selling 3.1M South Korea consumer leads allegedly sourced from advertising campaigns. The dataset reportedly includes names, phone/mobile numbers, and personal emails, targeting high-end interests such as luxury cars, yachts, restaurants, and hotels. The data is listed for $2,000, with claimed 2.9M unique phone numbers and 1.5M unique emails.
Date: 2026-02-11T23:09:26Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275820/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/47221ea2-69e1-43a3-b069-922ba35b3b7c.png
Threat Actors: betway
Victim Country: South Korea
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Access and Database of Emirates Towers
Category: Initial Access
Content: Threat Actor claims to be selling full unauthorized access to Emirates Towers along with its database in UAE, allegedly exfiltrated and dumped for the period spanning 2016 to 2025. The dataset reportedly contains the complete database, including multiple tables such as contact information, login records, media files, floor plans, banners, social media data, room availability details, and other website-related content.
Date: 2026-02-11T22:53:10Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275800/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/69c6c207-d479-40dc-8cc3-cf36005b8d67.png
https://d34iuop8pidsy8.cloudfront.net/ac649cb5-a128-48ec-937e-39aa22f56b1a.png
Threat Actors: rythem
Victim Country: UAE
Victim Industry: Hospitality & Tourism
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Admin Access to GrupOnacion
Category: Initial Access
Content: Threat actor claims to be selling or providing administrative access to the website gruponacion.biz.
Date: 2026-02-11T22:51:18Z
Network: openweb
Published URL: https://breachforums.bf/Thread-website-gruponacion-biz-admin-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/56f9d5fc-d393-40b5-88b6-d97ca354d61f.png
Threat Actors: blackwinter99
Victim Country: Spain
Victim Industry: E-commerce & Online Stores
Victim Organization: gruponacion
Victim Site: gruponacion.biz
Alleged Sale of RDP and Domain Admin Access to an IT Business Services Company in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized RDP and shell access to a USA-based company operating in the IT business services sector. The access allegedly includes Domain Admin (NTLM) and SYSTEM-level privileges across more than 45 hosts, including four domain-joined systems, with Windows Defender reportedly deactivated. Also it has three located NAS devices containing approximately 700GB of backups, internal data, and partial client information, along with multiple credentials discovered within internal files.
Date: 2026-02-11T22:47:10Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275821/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/007188df-8ce5-4ee7-9136-ec683ff85f87.png
Threat Actors: Saturned33
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to student portal for Gunadarma University
Category: Initial Access
Content: The group claims to have leaked the login credentials to the student portal for Gunadarma University
Date: 2026-02-11T22:21:42Z
Network: telegram
Published URL: https://t.me/memek1777/179
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b23515e3-af1f-4932-87ff-d31d7af942ac.jpg
Threat Actors: Gugugaga
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: gunadarma university
Victim Site: studentsite.gunadarma.ac.id
Alleged Sale of Unauthorized Admin Access to a WordPress Shop in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin access to a WordPress Shop in USA.
Date: 2026-02-11T22:18:28Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275817/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1d6b079e-7e2f-460f-a429-286bfc571f2e.png
Threat Actors: UnitT
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthroized access to an unidentified SCADA system in Turkey
Category: Initial Access
Content: The group claims to have gained unauthroized access to an unidentified SCADA system in Turkey
Date: 2026-02-11T22:16:38Z
Network: telegram
Published URL: https://t.me/crewcyber/671
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/14fe7749-af1f-4ead-9839-ddc93dd96020.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of cryptocurrency learning platform database
Category: Data Breach
Content: The threat actor claims to be selling a JSON database containing user account details such as usernames, email addresses, registration information, and course progress data.
Date: 2026-02-11T21:58:05Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Learn-Crypto
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d89015cd-724a-41e6-a622-ec0e4f3ce314.png
Threat Actors: 0xKirigaya
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of APGO Taiwan
Category: Data Breach
Content: The threat actor claims to have leaked data from APGO Taiwan, approximately 12,299 customers, including IP addresses, names, gender, email addresses, phone numbers, country, ZIP codes, city and address details, and other personal information.
Date: 2026-02-11T21:54:32Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-APGO-tw-Customer-Database-Leak-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/da725f74-c762-4862-b262-775ecd8f0644.png
Threat Actors: k0rb3nd4ll4s
Victim Country: Taiwan
Victim Industry: E-commerce & Online Stores
Victim Organization: apgo taiwan
Victim Site: apgo.tw
Alleged Sale of Unauthorized Domain Admin and Forti Access to a Business Services Company in Brazil
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized Domain Admin access and forti access to a Brazil-based company operating in the Business Services sector. The access reportedly includes approximately 115 hosts within the network environment, with FortiGate infrastructure referenced and Trend Micro identified as the deployed antivirus solution with domain-level administrative privileges.
Date: 2026-02-11T21:50:04Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275814/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e50caf17-effa-4854-a139-5f84779e7611.png
Threat Actors: Big-Bro
Victim Country: Brazil
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Multiple Access to an Unidentified Shop in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized multiple access to an unidentified shop in USA, including WordPress admin, shell, and database access. The shop allegedly uses a native payment authorization form.
Date: 2026-02-11T21:33:56Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275815/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8a375ef7-de13-4805-8be2-70c8f369b9f4.png
Threat Actors: Reve
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of 100 HBO Accounts
Category: Data Breach
Content: The threat actor claims to have uploaded a database containing 100 HBO accounts for download. The post includes sample login credentials such as email addresses, usernames, and passwords, and offers the full set of accounts to registered forum users.
Date: 2026-02-11T20:35:19Z
Network: openweb
Published URL: https://breachforums.bf/Thread-%E2%AD%90%EF%B8%8F100-HBO-Accounts-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f7573df0-f72d-4e2b-bf22-9cbf1ec4ece1.png
Threat Actors: HackerGod21
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Boostheat Group
Category: Data Breach
Content: The threat actor claims to have leaked the data from Boostheat France. The allegedly leaked files include operational documents, employee and customer information, emails, spreadsheets, images, and other corporate records, with mentions of backup and password-related files.
Date: 2026-02-11T20:14:16Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Bootsheat-group-com-fr-Bootsheat-France
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b927ec5c-00b1-4fb0-b51f-5de70bf61e79.png
Threat Actors: wwxxcc
Victim Country: France
Victim Industry: Energy & Utilities
Victim Organization: boostheat group
Victim Site: boostheat-group.com
404 CREW CYBER TEAM targets multiple subdomains of Kelasi Education.
Category: Defacement
Content: The group claims to have defaced multiple subdomains of Kelasi Education.https://unikin.kelasi.education/https://quiz.kelasi.education/https://futa.kelasi.education/https://elengi.kelasi.education/https://concours.kelasi.education/https://genie.kelasi.education/
Date: 2026-02-11T19:18:45Z
Network: telegram
Published URL: https://t.me/crewcyber/669
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a6dd931-6dbf-4a56-ab09-afe628120c57.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: kelasi education.
Victim Site: unikin.kelasi.education
Alleged data breach of Nippon Medical School Musashi Kosugi Hospital
Category: Data Breach
Content: The threat actor claims to have breached Nippon Medical School Musashi Kosugi Hospital and exfiltrated over 131,000 patient records. The allegedly stolen data includes patient IDs, names, gender, dates of birth, addresses, and contact details.
Date: 2026-02-11T18:36:17Z
Network: openweb
Published URL: https://breachforums.bf/Thread-10k-Available-Nippon-Medical-School-Musashi-Kosugi-Hospital-Breached
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0271d245-e1af-463b-a45e-ad486339b19c.png
Threat Actors: NetRunnerPR
Victim Country: Japan
Victim Industry: Hospital & Health Care
Victim Organization: nippon medical school musashi kosugi hospital
Victim Site: nms.ac.jp/musashikosugi-h
Alleged Sale of Unauthorized Access and Data from a Spain-Based Business Association
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access and extracted data from a Spain-based business association. It allegedly includes foothold access to the internal office network, email credentials of a primary organizational account containing over 6,000 contacts, employee email access, an email marketing account with more than 3,000 contacts, cloud storage access, and various social media and miscellaneous accounts. The dataset contains extracted member documents, scans, and CSV/ODF files including personal and business information such as names, DNI/ID numbers, tax identifiers (NIF), addresses, emails, phone numbers, business names, registry details, and IBAN information.
Date: 2026-02-11T18:33:17Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275790/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dfb68c91-87d0-4d62-9b2d-bc6656093cc1.png
Threat Actors: boto
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Capital One
Category: Data Breach
Content: The threat actor claims to be selling customer banking records allegedly linked to Capital One. The allegedly breached dataset reportedly contains full names, dates of birth, residential addresses, email addresses, phone numbers, estimated income ranges, credit score ranges, bank account and routing numbers, and in some cases government-issued identification details.
Date: 2026-02-11T18:16:25Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-Webster-Bank-and-Capital-One-Bank-Accounts
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/55b9fd28-3ee6-405d-a696-91e4551300e7.png
Threat Actors: ResPublica
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: capital one
Victim Site: capitalone.com
Alleged data breach of Webster Bank
Category: Data Breach
Content: The threat actor claims to be selling customer banking records allegedly associated with Webster Bank. The allegedly breached dataset contains full names, dates of birth, residential addresses, email addresses, phone numbers, estimated income ranges, credit score ranges, bank account and routing numbers, and in some cases government-issued identification details.
Date: 2026-02-11T18:12:49Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-Webster-Bank-and-Capital-One-Bank-Accounts
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/671adebc-c2be-455b-80cc-e9730c61287b.png
Threat Actors: ResPublica
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: webster bank
Victim Site: websterbank.com
Alleged Sale of Unauthorized Admin Panel Access with SQL Injection to an Unidentified Shop in Italy
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin panel access with SQL injection to an unidentified shop in Italy.
Date: 2026-02-11T18:06:15Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275791/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/26bb02da-c370-4a29-be77-3baa4569206a.png
Threat Actors: pollins05
Victim Country: Italy
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of 600 Illinois Driver’s License Records
Category: Data Breach
Content: Threat Actor claims to be selling a dataset containing approximately 600 Illinois driver’s license (DL) records.
Date: 2026-02-11T18:04:46Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275794/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/13846b6c-cc46-40fd-880c-5328e87d8ce4.png
Threat Actors: Auking
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized RDWeb and Domain User Access to Multiple Industries in UK
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized RDWeb and domain user access to multiple industries in UK, including Business Services, Hospitality, Software Testing, and Restaurant Reservations, reportedly providing access to four domain controllers and approximately 148 domain-connected computers, with ESET identified as the deployed antivirus solution.
Date: 2026-02-11T17:50:47Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275783/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1382cd83-7554-42d0-b12f-01545d4da7be.png
Threat Actors: samy01
Victim Country: UK
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to unidentified Sugarcane Irrigation Control System in Spain
Category: Initial Access
Content: The group claims to have gained unauthorized access to unidentified the sugarcane irrigation control system in Spain. They have reportedly obtained access to a Delta Electronics DOP-107WV industrial HMI (DOP-100 series), allowing control over pump units (Bomba Principal, Apoyo 1 and 2), pressure regulation, irrigation operations (riego), and real-time monitoring of water levels, pressure readings, alarm systems, and section operating timings.
Date: 2026-02-11T17:47:55Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1064
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/db6f3c50-1c86-4b73-a0d6-af850ce840b0.png
https://d34iuop8pidsy8.cloudfront.net/46519265-c49f-4d2b-8286-06f74a633239.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Vulnerable PrestaShop Websites
Category: Initial Access
Content: Threat Actor claims to be selling access to more than 800 PrestaShop-based e-commerce websites allegedly vulnerable to SQL injection, reportedly spanning multiple European countries, with only a small portion tested and removed from the list.
Date: 2026-02-11T17:39:04Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275772/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7f50c594-4647-4986-9428-afda0f8ac95a.png
Threat Actors: duffyduck11
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Forex & Crypto Recovery Leads Database
Category: Data Breach
Content: The threat actor is offering for sale a database of approximately 5,000 Forex and cryptocurrency recovery leads for $5,000.The advertised database allegedly contains extensive personal and financial-related information such as names, emails, phone numbers, country data, investment and trading details, cryptocurrency activity, recovery status, and social media profiles.
Date: 2026-02-11T17:09:48Z
Network: openweb
Published URL: https://xss.pro/threads/145873/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/633a4d7b-e931-4a92-9a82-f6c75de22057.png
Threat Actors: aisdata
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized RDWeb and Domain User Access to a Law Firm in Australia
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized RDWeb and domain user access to an Australia-based law firm, reportedly including one domain controller and approximately 275 domain-connected computers, with Webroot deployed as the antivirus solution. The access allegedly provides domain user privileges and potential exposure to extensive data stored on local network shares.
Date: 2026-02-11T17:04:11Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275781/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0fb91b07-3efd-4bd8-acb8-350914382779.png
Threat Actors: samy01
Victim Country: Australia
Victim Industry: Law Practice & Law Firms
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Argentine Government
Category: Data Breach
Content: The threat actor claims to have scraped and leaked Argentine government data from the TAD (Trámites a Distancia) system. The alleged leak reportedly contains around 58,680 unidentified PNG images of citizens, with filenames linked to DNI (national identity document) numbers.
Date: 2026-02-11T17:02:17Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Government-Official-Leak-Argentina-Chief-of-Cabinet-DNI-Photos
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/72f01c8c-38b5-4200-a58e-2dd3b564d6fc.png
Threat Actors: sebastianmarset
Victim Country: Argentina
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of USAs social security administration (SSA) citizen data
Category: Data Breach
Content: The group claims to have leaked a large database associated with the U.S. Social Security Administration (SSA). The exposed dataset reportedly contains sensitive personal information of U.S. citizens.
Date: 2026-02-11T16:46:11Z
Network: telegram
Published URL: https://t.me/Hider_Nex_Attacks/339
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/76bb048d-064c-4a5c-ae0a-2c50665557bd.png
Threat Actors: Hider_Nex
Victim Country: USA
Victim Industry: Government & Public Sector
Victim Organization: social security administration (ssa)
Victim Site: ssa.gov
Alleged Sale of Unauthorized Multiple Access to an International WordPress Shop
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access to an international WordPress-based online shop, allegedly including WP admin panel access, shell access, and database access.
Date: 2026-02-11T16:27:34Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275779/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c9ed899d-ef72-459b-adb3-6cebaa1efef2.png
Threat Actors: Reve
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Kotawaringin Barat
Category: Data Breach
Content: The threat actor claims to have leaked 2,930 records of complete population data from West Kotawaringin, Indonesia. The alleged dataset reportedly includes sensitive personal information such as national ID numbers (NIK), full names, places of birth, village details, and family card numbers.
Date: 2026-02-11T16:24:51Z
Network: openweb
Published URL: https://breachforums.bf/Thread-2930-DATA-PENDUDUK-KOTAWARINGIN-BARAT
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/76690bb4-7acc-4ba5-b388-69c80c18690e.png
Threat Actors: ShadowNex
Victim Country: Indonesia
Victim Industry: Government & Public Sector
Victim Organization: kotawaringin barat
Victim Site: kotawaringinbaratkab.go.id
Z-BL4CX-H4T.ID targets the website of Sumek Brasil
Category: Defacement
Content: The group claims to have defaced the website of Sumek Brasil
Date: 2026-02-11T16:15:00Z
Network: telegram
Published URL: https://t.me/z_bl4cx_h4t_id/69
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2dcf3037-ef4b-4855-9531-52e6203ff7ed.jpg
Threat Actors: Z-BL4CX-H4T.ID
Victim Country: Brazil
Victim Industry: Manufacturing & Industrial Products
Victim Organization: sumek brasil
Victim Site: sumek.com.br
Alleged sale of unauthorized access to Radio San Pedro Metapán
Category: Initial Access
Content: Group claims to be selling unauthorized access to Radio San Pedro Metapán.
Date: 2026-02-11T15:29:54Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e4f15d89-2f08-4636-9b95-054cf231b2fb.png
Threat Actors: Pharaohs Team market
Victim Country: El Salvador
Victim Industry: Broadcast Media
Victim Organization: radio san pedro metapán
Victim Site: radiosanpedrometapan.net
Alleged sale of unauthorized access to SD Specialty
Category: Initial Access
Content: Group claims to be selling unauthorized access to SD Specialty.
Date: 2026-02-11T15:16:45Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2d21c40e-5aff-4f3d-92cf-1a3ee6d8cc4c.png
Threat Actors: Pharaohs Team market
Victim Country: USA
Victim Industry: Business Supplies & Equipment
Victim Organization: sd specialty
Victim Site: sdspecialty.com
Alleged unauthorized access to an unidentified microclimate control system in japan
Category: Initial Access
Content: The group claims to have gained unauthorized access to the TNCS-500 microclimate control system deployed at an industrial facility in Japan. They have reportedly obtained administrator-level access, allowing control over ventilation systems, CO₂ supply regulation, temperature and humidity settings, and automated shutters/blinds, as well as the ability to monitor system logs and critical environmental parameters in real time.
Date: 2026-02-11T15:15:25Z
Network: telegram
Published URL: https://t.me/c/2787466017/2204
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0419328e-1006-485c-9842-1605059857fc.png
https://d34iuop8pidsy8.cloudfront.net/102a7468-b204-4223-abb9-d8a9008615df.png
Threat Actors: NoName057(16)
Victim Country: Japan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to Radio Fey Vida
Category: Initial Access
Content: Group claims to be selling unauthorized access to Radio Fey Vida.
Date: 2026-02-11T15:03:52Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3ad05fdc-b3ad-42d2-b6f1-ec378866b294.png
Threat Actors: Pharaohs Team market
Victim Country: El Salvador
Victim Industry: Broadcast Media
Victim Organization: radio fey vida
Victim Site: radiofeyvida.net
Alleged unauthorized access to Aarvee
Category: Initial Access
Content: Group claims to have gained unauthorized access to Aarvee.
Date: 2026-02-11T14:55:07Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/156ef5ca-695d-422f-80d5-8c1d1adec523.png
Threat Actors: Pharaohs Team market
Victim Country: India
Victim Industry: Civil Engineering
Victim Organization: aarvee
Victim Site: aarvee.net
Alleged unauthorized access to Perfect Meta Print Industries
Category: Initial Access
Content: Group claims to have gained unauthorized access to Perfect Meta Print Industries.
Date: 2026-02-11T14:54:36Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f26e29e1-82d4-4b22-934e-2b25e54f7869.png
Threat Actors: Pharaohs Team market
Victim Country: India
Victim Industry: Manufacturing
Victim Organization: perfect meta print industries
Victim Site: perfectmetaprint.com
Alleged unauthorized access to US INDIA SECURITY COUNCIL, INC.
Category: Initial Access
Content: Group claims to have gained unauthorized access to US INDIA SECURITY COUNCIL, INC.
Date: 2026-02-11T14:41:10Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0f602efc-a410-44e3-9651-cdc664ea7026.png
Threat Actors: Pharaohs Team market
Victim Country: USA
Victim Industry: Non-profit & Social Organizations
Victim Organization: us india security council, inc.
Victim Site: usiscouncil.org
Alleged unauthorized access to Digital Funnel Global Inc
Category: Initial Access
Content: Group claims to have gained unauthorized access to Digital Funnel Global Inc.
Date: 2026-02-11T14:40:24Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e096af65-fac9-4892-ba57-df0e28d77c32.png
Threat Actors: Pharaohs Team market
Victim Country: India
Victim Industry: Marketing, Advertising & Sales
Victim Organization: digital funnel global inc
Victim Site: digitalfunnel.in
Alleged sale of unauthorized access to Koch Law
Category: Initial Access
Content: Group claims to be selling unauthorized access to Koch Law.
Date: 2026-02-11T14:39:57Z
Network: telegram
Published URL: https://t.me/phteammarket/241
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/08d674d3-c42f-4c47-b50b-a1a81b1f4c81.png
Threat Actors: Pharaohs Team market
Victim Country: USA
Victim Industry: Legal Services
Victim Organization: koch law
Victim Site: koch-law.com
Alleged Unauthorized Access to a VoIP and Fiber Network Testing System in Georgia, USA
Category: Initial Access
Content: The group claims to have accessed a VoIP and fiber network testing system linked to Cox Communications in Gainesville, Georgia, reportedly exposing configuration settings, historical test records, and network monitoring data.
Date: 2026-02-11T14:37:02Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3680
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c0898eee-df2a-4203-b3c5-1b4d4f1d6df6.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of unauthorized access to an unidentified Online Gambling website
Category: Initial Access
Content: Group claims to be selling unauthorized access to an unidentified online gambling website.
Date: 2026-02-11T14:31:04Z
Network: telegram
Published URL: https://t.me/mmkanjkontl/1476?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2d9c14b1-cda8-4583-8bfb-38d5448b27c8.png
Threat Actors: VinzXmodz
Victim Country: Unknown
Victim Industry: Gambling & Casinos
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized GitLab Access Credentials
Category: Initial Access
Content: The threat actor claims to be selling 748 allegedly valid GitLab access credentials across unique domains.
Date: 2026-02-11T14:27:57Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275766/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d10b42e3-1459-4e89-8132-aef4dc3d1d39.png
Threat Actors: Korbibian
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized WHMCS Access Credentials
Category: Initial Access
Content: The threat actor claims to be selling 1,957 allegedly valid WHMCS access credentials across unique domains.
Date: 2026-02-11T14:27:54Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275765/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/32f5fe9f-0219-414f-be58-34bd6df091ad.png
Threat Actors: Korbibian
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cardinal claims to have target Denmark and Ukraine
Category: Alert
Content: A recent post by the group indicates that they are targeting Denmark and Ukraine. They claimed to be a leaked “Top Secret” joint cyber directive allegedly issued by Denmark and Ukraine.
Date: 2026-02-11T14:22:33Z
Network: telegram
Published URL: https://t.me/c/2182428249/5994
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/36cd9763-6798-44e4-b9f2-18728797d93c.jpg
https://d34iuop8pidsy8.cloudfront.net/5bb7df5c-fc39-4135-8cd2-7ee01316fbb1.jpg
Threat Actors: Cardinal
Victim Country: Denmark
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cyber Attack hits Municipality of Nosate
Category: Cyber Attack
Content: The municipal IT network of the Municipality of Nosate, located in the Milan area, was recently targeted in a cyberattack, as confirmed by Mayor Roberto Cattaneo. Authorities are currently investigating the scope of the incident and evaluating any potential data exposure. Residents have been advised not to trust or respond to suspicious messages claiming to be from the municipality unless they are officially verified.
Date: 2026-02-11T14:22:00Z
Network: openweb
Published URL: https://www.ilgiorno.it/legnano/cronaca/attacco-hacker-comune-di-nosate-tpm6at40
Screenshots:
None
Threat Actors: Unknown
Victim Country: Italy
Victim Industry: Government Administration
Victim Organization: municipality of nosate
Victim Site: comune.nosate.mi.it
Alleged Sale of 742 Unauthorized ADFS Access Credentials
Category: Initial Access
Content: The threat actor claims to be selling 742 allegedly valid ADFS access credentials across multiple unique domains.
Date: 2026-02-11T14:14:21Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275764/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2cbd3bb6-63bf-47f2-999c-80e16a515f74.png
Threat Actors: Korbibian
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
CY8ER N4TI0N targets the website of Thorsten Otto
Category: Defacement
Content: The group claims to have defaced the website of Thorsten Otto.
Date: 2026-02-11T13:44:46Z
Network: telegram
Published URL: https://t.me/Cy8er_N4ti0n_IND/112
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fa663f79-f751-408f-96de-b2b75265c793.png
Threat Actors: CY8ER N4TI0N
Victim Country: Germany
Victim Industry: Manufacturing & Industrial Products
Victim Organization: thorsten otto
Victim Site: tho-otto.de
Alleged data breach of Radius Global Solutions LLC
Category: Data Breach
Content: The threat actor claims to have breached data from Radius Global Solutions LLC, allegedly containing core employee identity structures, stored personnel documents, and endpoint and system management data.
Date: 2026-02-11T13:36:45Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-Radius-Global-Solutions-LLC%C2%A0Breached-Data
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c6ac5f3d-5ddd-4361-a6b3-e5e088a31eae.png
https://d34iuop8pidsy8.cloudfront.net/e1101957-56c6-4ee2-9eb3-06bf9ae3d0ca.png
https://d34iuop8pidsy8.cloudfront.net/6fce0505-3b9a-42b8-8160-0a7288913deb.png
Threat Actors: ResPublica
Victim Country: USA
Victim Industry: Outsourcing & Offshoring
Victim Organization: radius global solutions llc
Victim Site: radiusgs.com
Alleged Unauthorized Access to a Bakery CCTV System in Ukraine
Category: Initial Access
Content: The group claims to have accessed the CCTV system of a bakery in the Chernivtsi region of Ukraine, reportedly enabling remote monitoring of staff and customers within the premises.
Date: 2026-02-11T13:28:22Z
Network: telegram
Published URL: https://t.me/c/2787466017/2199
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/69c2d9b0-57c6-4852-8a25-05942e09b2ef.png
Threat Actors: NoName057(16)
Victim Country: Ukraine
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data sale of Federal Bureau of Investigation (FBI)
Category: Data Breach
Content: Threat actor claims to be selling data reportedly belonging to the Federal Bureau of Investigation (FBI). The compromised data reportedly contains highly sensitive personal information.Note: The authenticity of this breach has not been verified.
Date: 2026-02-11T12:27:53Z
Network: openweb
Published URL: https://breachforums.bf/Thread-fbi-data–187657
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1f69403d-4fe9-4033-af91-206682fbf88d.jpeg
Threat Actors: leon123
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: federal bureau of investigation
Victim Site: fbi.gov
Alleged sale of Argentina driver license data
Category: Data Breach
Content: The threat actor claims to be selling 350GB of data allegedly containing 637,000 records from the Argentina driver license system. The compromised data reportedly includes identity details, location information, technical data, and biometric assets.
Date: 2026-02-11T12:22:43Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Argentina-Driver-License-Database-637k-Records-Biometric-Assets
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6470f6d0-1f66-4619-91c8-e88c680ed636.png
Threat Actors: ByteHunter
Victim Country: Argentina
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized sophos vpn access to an unidentified Manufacturing company in US
Category: Initial Access
Content: Threat actor claims to be selling unauthorized sophos vpn access to an unidentified Manufacturing company in US
Date: 2026-02-11T12:12:57Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275750/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f1840bd9-f39c-4d74-8855-14a8fef30b19.png
Threat Actors: Big-Bro
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data sale of Kuaishou
Category: Data Breach
Content: The threat actor claims to have breached and obtained the source code of Kuaishou.
Date: 2026-02-11T12:05:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-China-Kuaishou-social-media-information-data
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7badb3af-cc80-4c94-be8e-b28b52c2e3ad.png
Threat Actors: qaz893946
Victim Country: China
Victim Industry: Software Development
Victim Organization: kuaishou
Victim Site: kuaishou.com
Alleged data leak of ToolRise
Category: Data Breach
Content: The threat actor claims to have leaked 21K records from ToolRise, allegedly a privately leaked Minecraft Project 2024 release dated 06-07-2025. The compromised data reportedly includes names, hashes, IP addresses, login details, and more.
Date: 2026-02-11T12:01:20Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-RU-21K-ToolRise-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/efb2c335-387b-47d6-bc40-193af35f8688.png
https://d34iuop8pidsy8.cloudfront.net/2456c536-3718-4599-af8f-d14dfaffe55d.png
Threat Actors: leftcheekofpg
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Zain
Category: Data Breach
Content: The threat actor claims to be selling 11.3 GB of data from Zain Kuwait, allegedly including 3,849,601 records.
Date: 2026-02-11T11:58:53Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Zain-Kuwait-Database-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ac5e0bac-9a71-4c05-8660-619d14e453be.JPG
https://d34iuop8pidsy8.cloudfront.net/5ecddec0-513e-47f4-a283-77f984593d86.JPG
Threat Actors: KashPatel
Victim Country: Kuwait
Victim Industry: Network & Telecommunications
Victim Organization: zain
Victim Site: kw.zain.com
Alleged Sale of Unauthorized Domain User and sophos vpn to a Manufacturing Company in Switzerland
Category: Initial Access
Content: Threat Actor claims to be selling Unauthorized Domain User and sophos vpn to a Manufacturing Company in Switzerland.
Date: 2026-02-11T11:44:29Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275751/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9674947d-c586-48e3-aff2-e03c2170a8b9.png
Threat Actors: Big-Bro
Victim Country: Switzerland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized sophos vpn access to an unidentified Retail company in Australia
Category: Initial Access
Content: Threat actor claims to be selling unauthorized sophos vpn access to an unidentified Retail company in Australia.
Date: 2026-02-11T11:37:42Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275752/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d9cfd25b-9ddb-4586-92d7-fc2f1e4f8007.png
Threat Actors: Big-Bro
Victim Country: Australia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized FortiVPN access to an unidentified Manufacturing company in Morocco
Category: Initial Access
Content: Threat actor claims to be selling unauthorized FortiVPN access to an unidentified Manufacturing company in Morocco.
Date: 2026-02-11T11:06:48Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275749/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6934ee25-eae0-4712-a142-86c6c132d1f5.png
Threat Actors: Big-Bro
Victim Country: Morocco
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Binance
Category: Data Breach
Content: The threat actor claims to have breached 10k Binance verified phones from Poland and UK
Date: 2026-02-11T09:51:19Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-10k-Binance-Verified-Phones-Poland-and-UK
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dea89cae-67fa-40c2-b617-4f0654f837be.JPG
Threat Actors: ken6k
Victim Country: UK
Victim Industry: Financial Services
Victim Organization: binance
Victim Site: binance.com
Alleged Sale of Poland & UK Binance Account Data
Category: Data Breach
Content: The threat actor claims to have leaked data from 10,000 Binance crypto accounts belonging to users in Poland and the UK.
Date: 2026-02-11T09:35:04Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275740/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/851d3415-335c-4626-a7fb-aa755da5dc24.png
Threat Actors: kimald
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: binance
Victim Site: binance.com
Alleged Leak of WormGPT AI Database
Category: Data Breach
Content: The threat actor claims to have leaked data from WormGPT AI.
Date: 2026-02-11T09:19:24Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275742/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f2533d8-ef20-4993-95b0-d65ad9137750.png
Threat Actors: phase1
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Spain Banking Database with IBAN Details
Category: Data Breach
Content: The threat actor claims to be selling a Spanish banking database allegedly linked to IBAN and related banking information.
Date: 2026-02-11T09:13:34Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275741/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e373a301-a59d-4944-ab66-af28467620d6.png
Threat Actors: Ric1986
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to HQserv
Category: Data Breach
Content: The group claims to have leaked login credentials to HQserv.
Date: 2026-02-11T09:10:16Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067915
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/274b8d9d-f062-4799-aba1-66c6a02a6f77.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Network & Telecommunications
Victim Organization: hqserv
Victim Site: hqserv.co.il
Alleged leak of login credentials to MyHeritage
Category: Data Breach
Content: The group claims to have leaked login credentials to MyHeritage.
Date: 2026-02-11T08:48:27Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067878
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5ed9f1a8-3b2b-4d85-9995-7b4d850078d1.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Information Services
Victim Organization: myheritage
Victim Site: myheritage.co.il
Z-BL4CX-H4T targets the website of Diana-B
Category: Defacement
Content: The Group claims to have defaced the website of Diana-B.
Date: 2026-02-11T08:28:36Z
Network: telegram
Published URL: https://t.me/c/3027611821/391
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a93eade9-0891-4ba7-8127-d1a321d7b6f9.jpg
Threat Actors: Z-BL4CX-H4T
Victim Country: Israel
Victim Industry: Hospital & Health Care
Victim Organization: diana-b
Victim Site: diana-b.co.il
Alleged data breach of French National Assembly
Category: Data Breach
Content: The threat actor claims to have breached more than 100 lines of informations about French National Assembly Members, allegedly including number, prenom, adresse, ville, postal code, telephone and mail.Note: it was previously breached by the threat actor KromSec on Sun Nov 19 2023.
Date: 2026-02-11T08:01:32Z
Network: openweb
Published URL: https://breachforums.bf/Thread-French-National-Assembly-Members
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d1efc15e-b6e1-436b-8e29-fc529ca82435.JPG
Threat Actors: Mayz0xxx
Victim Country: France
Victim Industry: Government Administration
Victim Organization: french national assembly
Victim Site: assemblee-nationale.fr
Z-BL4CX-H4T targets the website of LinktoAsia.org
Category: Defacement
Content: The group claims to have defaced the website of LinktoAsia.org
Date: 2026-02-11T07:56:04Z
Network: telegram
Published URL: https://t.me/c/3027611821/390
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/86f1b3b6-d127-4a23-80d1-9d1532e25e80.png
Threat Actors: Z-BL4CX-H4T
Victim Country: Unknown
Victim Industry: Information Services
Victim Organization: linktoasia.org
Victim Site: linktoasia.org
Z-BL4CX-H4T targets the website of Chop-A-Chop
Category: Defacement
Content: The Group claims to have defaced the website of Chop-A-Chop.
Date: 2026-02-11T07:32:45Z
Network: telegram
Published URL: https://t.me/c/3027611821/390
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cb4ec79f-b9ca-40e7-abbc-00fdaf6b22b8.jpg
Threat Actors: Z-BL4CX-H4T
Victim Country: Singapore
Victim Industry: Hospital & Health Care
Victim Organization: chop-a-chop
Victim Site: chopachop.com
Z-BL4CX-H4T targets the website of Germonizer Australia Pty Ltd
Category: Defacement
Content: The group claims to have defaced the website of Germonizer Australia Pty Ltd.
Date: 2026-02-11T07:24:51Z
Network: telegram
Published URL: https://t.me/c/3027611821/390
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/172e53d0-7ee3-4181-9b97-215ecdf9bfee.png
Threat Actors: Z-BL4CX-H4T
Victim Country: Australia
Victim Industry: Manufacturing & Industrial Products
Victim Organization: germonizer australia pty ltd
Victim Site: germonizer.au
Alleged Data Breach of Atacadão S. Furtado
Category: Data Breach
Content: What is this?Full payroll records from S. FURTADO DA SILVA E CIA LTDA (CNPJ: 41.793.050/0001-50), a Brazilian supermarket chain based in Ipanema, Minas Gerais.Data includes 3,644 employees with complete eSocial-compliant payroll entries from September 2024.What’s inside?Each record contains:- Full name (e.g., JOAO VITOR ATANASIO DA SILVA)- CPF (Brazilian individual tax ID)- NIS/PIS (social security number)- Gross & net salary (R$1,515.00 → R$793.00)- INSS deductions, FGTS contributions- Employer CNPJ, payment dates, rubric codesVerified via Receita Federal:- Company: Atacadao s. Furtado- Capital: R$2,000,000.00- Active since 1992
Date: 2026-02-11T06:50:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Brazilian-Supermarket-Payroll-Dataset-%E2%80%93-3-644-Full-Employee-Records
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b2db1669-67ad-4c36-8f0a-f2c7b97eeaf2.png
Threat Actors: macaroni
Victim Country: Brazil
Victim Industry: Retail Industry
Victim Organization: atacadão s. furtado
Victim Site: sfurtado.com
Alleged leak of login credentials to Al-Baghdadia Creativity Company
Category: Data Breach
Content: The group claims to have leaked login credentials to Al-Baghdadia Creativity Company
Date: 2026-02-11T06:22:11Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067639
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fceb6c09-fbf3-4b0c-8334-985306df7e7d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Information Technology (IT) Services
Victim Organization: al-baghdadia creativity company
Victim Site: albaghdadiyait.iq
Alleged Data Brach of Mojokerto City Government
Category: Data Breach
Content: The threat actor claims to be leaked 29.3 GB of data from Mojokerto City Government. The compromised data reportedly includes Employee Identification Number (NIP), official letters, civil servant recordsNote: This organization was previously breached on February 2025
Date: 2026-02-11T06:01:36Z
Network: openweb
Published URL: https://breachforums.bf/Thread-MOJOKERTO-CITY-DB-LEAKS
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c9e6545-8325-4547-89b4-b7ae8229e141.png
https://d34iuop8pidsy8.cloudfront.net/e76dac3f-d30a-4df8-8ab2-673e28e3d66d.png
Threat Actors: bujanglapuk
Victim Country: Indonesia
Victim Industry: Government & Public Sector
Victim Organization: mojokerto city government
Victim Site: mojokertokota.go.id
Alleged Sale of Multiple Iranian Banks Data
Category: Data Breach
Content: The threat actor claims to be offering a trade involving databases from major Iranian banks. The actor is prepared to provide either a Mellat Bank or Melli Bank database in exchange for a Sepah Bank database, or alternatively, data from another financial institution.
Date: 2026-02-11T05:51:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-trade-iran-mellat-bank-or-melli-bank-database-with-sepah-bank-iran
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a471a64-a8ee-4c8b-840b-5f17b9c86fbf.png
Threat Actors: laher36105
Victim Country: Iran
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to General Company for Electronic Systems
Category: Data Breach
Content: The group claims to have leaked login credentials to General Company for Electronic Systems
Date: 2026-02-11T05:29:10Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067574
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/32b28a2a-4dce-4862-b3f9-5418529f367b.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Software Development
Victim Organization: general company for electronic systems
Victim Site: gces.industry.gov.iq
Alleged leak of login credentials to Taeen
Category: Data Breach
Content: The group claims to have leaked login credentials to Taeen
Date: 2026-02-11T04:59:40Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067548
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c6919d69-761f-4a1f-84f7-3d9c53c32df4.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Staffing/Recruiting
Victim Organization: taeen
Victim Site: taeen.iq
Alleged Sale Of Crypto Data From Multiple Websites
Category: Data Breach
Content: The threat actor claims to be selling Crypto Data From Multiple Websites
Date: 2026-02-11T04:52:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-crypto-data-from-many-websites
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c044be2-a8ea-4f5a-819e-72f801daad5e.png
Threat Actors: luzsec
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach Of PRODESP (São Paulo State Data Processing Company)
Category: Data Breach
Content: The threat actor claims to be leaked 200 GB of data from PRODESP. The compromised data reportedly contain 2 million records includes CPF (Brazilian tax ID numbers), Full names, Facial images, Personal identification records
Date: 2026-02-11T04:31:02Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-BRAZIL-FACIAL-%E2%80%93-S%C3%83O-PAULO-%E2%80%93-2M-DATA–187611
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7f1df07-6db5-4933-999f-97e56fcc3aa9.png
Threat Actors: 0x0dayToDay
Victim Country: Brazil
Victim Industry: Government & Public Sector
Victim Organization: prodesp
Victim Site: prodesp.sp.gov.br
Alleged sale of shell and database access to Lebanese e-commerce platform
Category: Initial Access
Content: Threat actor claims to be selling unauthorized shell and database access to an unidentified e-commerce platform in Lebanon.
Date: 2026-02-11T04:07:39Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275732/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d3547530-7b96-4612-9053-f49661abc406.png
Threat Actors: r57
Victim Country: Lebanon
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to Iraq International Trade Point
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraq International Trade Point
Date: 2026-02-11T03:54:35Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067497
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7ceb3191-b6e8-48fc-b94a-d2791686c313.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: International Trade & Development
Victim Organization: iraq international trade point
Victim Site: iitp.mot.gov.iq
Alleged sale of unauthroized access to CMS PrestaShop in Poland
Category: Initial Access
Content: Threat actor claims to be selling unauthorized access to CMS PrestaShop .The access includes both admin permission and Module access.
Date: 2026-02-11T02:55:20Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275665/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/45fa05ff-4985-40c3-a695-3ca88a10dbb1.png
Threat Actors: marcomouly
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of admin access to unidentified store in France
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to an unidentified online store in France.
Date: 2026-02-11T02:14:50Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275725/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3527f585-4d21-463d-a567-9b684b007e90.png
Threat Actors: Malwareboy
Victim Country: France
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Mi Plataforma Escolar
Category: Data Breach
Content: The threat actor claims to be leaked data from Mi Plataforma Escolar. The compromised data reportedly contain 186k records includes Internal record IDs, Full names, Dates of birth, Gender, Mexican CURP identifiers, Personal and reference phone numbers, Full residential addresses and more
Date: 2026-02-11T01:48:36Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-MX-miplataformaescolar-com-186k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a99df71a-bf3c-4bbe-9435-b8884119f90e.png
Threat Actors: yukoxploit
Victim Country: Mexico
Victim Industry: Education
Victim Organization: mi plataforma escolar
Victim Site: miplataformaescolar.com
Alleged Data Breach of Kimia Market
Category: Data Breach
Content: The threat actor claims to have breached the database of Kimia market, the dataset contains request identifiers, timestamps, order descriptions, user identifiers, transaction states, and operational metadata.
Date: 2026-02-11T00:53:08Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-ID-kimiamarket-co-id
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/da070a3a-8229-4a8d-9148-8d4eb9ba11f7.png
https://d34iuop8pidsy8.cloudfront.net/bd96e7b7-debf-438a-8614-708126695c3b.png
Threat Actors: yukoxploit
Victim Country: Indonesia
Victim Industry: E-commerce & Online Stores
Victim Organization: kimia market
Victim Site: kimiamarket.co.id
Alleged leak of login credentials to Northern Technical University
Category: Data Breach
Content: The group claims to have leaked login credentials to Northern Technical University
Date: 2026-02-11T00:30:55Z
Network: telegram
Published URL: https://t.me/c/1943303299/1067352
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c9f5a8b2-1130-40f2-b18f-449498da433d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Education
Victim Organization: northern technical university
Victim Site: apps4.ntu.edu.iq