[February-12-2026] Daily Cybersecurity Threat Report

1. Executive Summary

On February 12, 2026, the global cybersecurity landscape experienced a significant surge in activity, characterized by a diverse array of threat vectors. A total of 96 individual incidents were recorded within this 24-hour window, highlighting a volatile environment for both public and private sectors.

The data indicates a bifurcated threat environment. On one hand, sophisticated actors are executing massive data breaches against government and educational institutions—most notably the alleged exfiltration of 50 million records from the Brazilian Army and the compromise of donor data from Harvard University. On the other hand, a highly aggressive and less sophisticated campaign of website defacements is being waged by the “HellR00ters Team,” primarily targeting small-to-medium enterprises (SMEs) in the United Arab Emirates and India.+4

The incidents can be broadly categorized into Data Breaches (compromising Personal Identifiable Information (PII) and financial data), Initial Access sales (unauthorized entry into corporate networks), Defacements (political or reputational vandalism), and Malware distribution. Geographically, the attacks spanned the globe, with significant concentrations in the UAE, India, Europe (specifically Germany, Spain, and the UK), and the Americas.

2. Statistical Overview and Threat Actor Analysis

2.1 Threat Categories

The analyzed data reveals the following distribution of incident types:

Defacement: A dominant category in terms of volume, driven almost exclusively by the HellR00ters Team. These attacks focus on reputational damage rather than financial gain.
Data Breach: The most consequential category in terms of impact. Incidents involved the leakage of millions of records, including citizen data, credit card information, and student registries.
Initial Access: A thriving underground economy was observed where threat actors sold administrative access, RDP credentials, and webshells to compromised networks, acting as precursors to ransomware or deeper espionage.
Malware & Vulnerabilities: The sale of zero-day exploits (e.g., OpenSea) and specific malware logs (stealer logs) highlights the technical sophistication of certain market segments.

2.2 Prolific Threat Actors

HellR00ters Team: This group was responsible for a massive percentage of the day’s volume, executing over 30 separate defacement attacks within hours. Their targeting is indiscriminate regarding industry but highly focused geographically on the UAE and India.
Z-SH4DOWSPEECH: A highly active group responsible for diverse data breaches across the UAE, Brazil, Peru, Italy, and the UK, targeting sectors ranging from automotive to government municipalities.
JustAnon69 & ParanoiaDe: Key players in the “Initial Access” market, facilitating the sale of credit card records and administrative access to e-commerce platforms.

3. Regional Threat Analysis

3.1 The Middle East: A Surge in Defacement Campaigns

The Middle East, particularly the United Arab Emirates (UAE), faced an unprecedented wave of cyber vandalism. The “HellR00ters Team” launched a coordinated campaign targeting a wide variety of businesses.

Commercial and Luxury Sectors: The group targeted high-value retail and luxury entities. They claimed to have defaced the website of Abrar Al Jannah Gold and Diamond (aajgold.com) and Alphabets Jewellery (aajalphabets.com).+1
Corporate and Facilities Management: The attacks extended to corporate infrastructure. AAJ Group and its subsidiary AAJ Facility Management were both targeted.+1
Healthcare and Services: The Al Asifah Veterinary Clinic in the UAE was also victimized by the HellR00ters Team.
Construction and Logistics: The construction sector was hit with attacks on Bait Al Saadah Bldg. Cont and Al Mezan. Logistics were targeted via IQZON Freight LLC.+2
Marketing and Media: Multiple advertising firms were targeted, including V3 Advertising LLC and Binsina Advertising LLC.+1

Implications: While these attacks are classified as defacements—often considered low-tier—the sheer volume suggests a potential automated vulnerability scanner or a newly discovered exploit in a common web framework used by these regional businesses.

Other Regional Incidents: Beyond defacement, the UAE saw serious data breaches. The group Z-SH4DOWSPEECH claimed to have breached DRIVEN Digital AutoCentral, compromising sensitive tables including admins, users, and card details. Additionally, Jumeira Consultants in Dubai suffered a data breach where internal documents were leaked by an unknown actor. In Saudi Arabia, the maulnism1337 group targeted WF Crowd Management and Delegation Escort.+2

3.2 The Americas: High-Value Government and Education Targets

The Americas region witnessed some of the most severe data breaches in the reporting period, with a focus on government infrastructure and elite educational institutions.

South America:

Brazil: A critical incident involved the alleged sale of a Brazilian Army government database. The threat actor Elmarub claimed to possess a 30 GB JSONL file containing approximately 50 million records. In the commercial sector, Z-SH4DOWSPEECH claimed a breach of Brásia Comercial e Importação LTDA, leaking user IDs, passwords, and emails. Another actor, Real, breached Repediu, an e-commerce platform.+2
Venezuela: The financial sector was targeted with the sale of 65,000 records from Bancrecer Venezuela, including account numbers and balances.
Peru: Z-SH4DOWSPEECH targeted the Ocongate District Municipality, leaking user logins and emails.

North America (USA):

Education: A highly concerning breach targeted Harvard University. The actor FiveEyesSpook claimed to be selling VIP donor profiles, including donation amounts and personal details, allegedly collected in November 2025.
Government: The Borough of State College, Pennsylvania, confirmed a cyberattack that disrupted public services.
Commercial & Media: Saiwer claimed to sell admin access to an unidentified News website in the USA. The Indiana Auto Auction was breached by the Worldleaks group. PhineasFisher listed a high-stakes item: an OpenSea Zero-Day exploit for $100,000, capable of draining NFT assets. Treddur, an automotive platform, also suffered a database leak containing passwords and tokens.+3

3.3 Europe: E-commerce Espionage and Citizen Data Leaks

Europe faced a mix of large-scale personal data leaks and targeted access sales against retail infrastructure.

Germany: A massive breach involving SuperVista AG (operating brillen.de) was reported, with 1.5 million user rows leaked. Another actor, Goldstones, claimed to sell a database of 1.5 million German personal records. A separate leak targeted a motorcycle site, exposing 75,000 banking records including IBANs and transaction history.+2
Italy: A marketing database containing 1.1 million leads (names, phones, emails) was put up for sale. Big-Bro sold unauthorized domain and Forti access to an Italian energy company. DroidSat, a software firm, was breached by Z-SH4DOWSPEECH.+2
Spain: Infrastructure was a key target. The Z-PENTEST ALLIANCE claimed access to irrigation systems controlling pumps and valves. Retail was also hit, with bullmin selling network access to a major consumer electronics retailer , and JustAnon69 selling access to a Magento store.+2
United Kingdom: JustAnon69 was active here as well, selling access to a Magento store processing 400 orders a month. Z-SH4DOWSPEECH breached HalliSoftUK, leaking gamer profiles and statistics. HellR00ters Team defaced the website of Larkinz and MSO Cleaning Services Limited.+3
France: BugsBunny404 sold 433 accounts for the Gendarmerie Nationale SSO portal, posing a significant national security risk. zoozkooz claimed to leak a Coinbase France user database.+1
Netherlands & Poland: ParanoiaDe sold admin access to a Dutch WordPress shop , while rezon4ns sold access to a PrestaShop store in Poland.+3

3.4 Asia-Pacific: Defacement and Infrastructure Targeting

India: The HellR00ters Team was extremely active in India, mirroring their UAE campaign. They targeted media outlets like Shoshit Vanchit Media Network , hospitality sites like Sorriso Nest , and IT firms like Canrone Software LLP. More critically, zanko sold SQL injection and webshell access to an Indian payroll server.+3
Vietnam: TeaMp0isooN leaked data from 4,500 real estate clients and HUST student registrations. Merlin sold a “Vietnam Shopping Customer Database” containing order histories.+1
Japan: NoName057(16) claimed unauthorized access to a Spa center in Sendai City, compromising surveillance cameras in private areas like locker rooms and bathhouses.
Indonesia: TikusXploit leaked the BunuHampu City student database. maulnism1337 defaced the ITC Business School website.+1
Iran: A massive leak of 1.6 million citizen phone numbers and names was reported by actor 641a3.
Afghanistan: The group STGHO3T announced they were actively targeting Taliban cyber and communication infrastructure.

4. Detailed Incident Analysis by Threat Vector

4.1 Data Breaches: The Quantification of Exposure

The reporting period saw the exposure of tens of millions of records.

Government & Military: The alleged Brazilian Army breach (50M records) is the most significant. In Russia, ProxyBurning leaked 164,000 records from VK Pay.+1
Cryptocurrency: A database of 527,000 worldwide crypto records was sold by Pijush507. XXXL offered a massive aggregation of seed phrases and API keys collected over a decade.+1
Gaming: Mayz0xxx shared a database of 28,621 Steam accounts.
Global Aggregations: JustAnon69 sold batches of credit card records , and samy01 sold UK credit card data.+1

4.2 Initial Access and Vulnerabilities: The Precursors to Attack

The market for “access” is thriving.

Zero-Day Exploits: The offer of an OpenSea Zero-Day for $100,000 indicates a high-stakes market for financial exploits.
E-commerce Access: Actors like TreeWater, UnitT, and rezon4ns are selling “Admin Access” to WordPress and PrestaShop sites. This suggests automated scanning for CMS vulnerabilities.+2
Corporate Network Access: The sale of access to a Spanish electronics retailer with €150M revenue and French Gendarmerie accounts highlights the risk of credential theft leading to lateral movement.+1

4.3 Defacement: The HellR00ters Phenomenon

The HellR00ters Team campaign is notable for its velocity. In a single day, they struck targets across:

Furniture/Interiors: Artisto Interiors , Wood Maker Furniture , Fabdec Interiors.+2
Retail: Poya , Fainbay , Golden Horca , Go Green Fruits Trading.+3
Service Providers: Canaura , RPL Digital , Grace Globe Consultants. The operational tempo suggests an automated tool exploiting a specific, unpatched vulnerability common to these SMEs.+2

5. Emerging Trends and Tooling

5.1 The Rise of “Doxing-as-a-Service”

The threat actor mojitos listed “Mojitos Autodoxer” for sale at $1,500. This tool allegedly aggregates personal data on US individuals from OSINT and paid sources. This commoditization of privacy intrusion tools lowers the barrier to entry for harassment and identity theft.

5.2 Stealer Logs and Session Hijacking

Hichioo shared logs containing stolen cookies for ChatGPT, Grok, and Kick , as well as a “Combo Log” for AWS and Binance. This indicates a continued reliance on infostealer malware to bypass 2FA via session cookie theft.+1

6. Conclusion

The intelligence gathered on February 12, 2026, depicts a cybersecurity environment under significant stress from multiple directions.

First, the sheer scale of government data leakage—from the Brazilian Army to the French Gendarmerie and US municipal systems—suggests that public sector infrastructure remains a primary, vulnerable target for both financially motivated actors and hacktivists.

Second, the “HellR00ters Team” campaign serves as a stark reminder that Small and Medium Enterprises (SMEs) are the “soft underbelly” of the internet. While individual defacements may seem minor, the aggregate economic and reputational damage is substantial, and these compromised sites often serve as testing grounds or botnet nodes for larger attacks.

Third, the commercialization of cybercrime is maturing. The presence of clearly priced “products”—from $1,500 doxing tools to $100,000 exploits and segmented credit card databases—demonstrates a robust, tiered criminal economy.

Recommendation: Organizations must prioritize the patching of CMS platforms (WordPress, Magento) given the prevalence of “Admin Access” sales. Furthermore, the extensive leakage of credentials highlights the critical need for phishing-resistant Multi-Factor Authentication (MFA) to mitigate the impact of stealer logs and credential stuffing.

Detected Incidents Draft Data

Alleged sale of admin access to unidentified News website
Category: Initial Access
Content: Threat actor claims to be selling unauthorized admin access to an unidentified wordpress News website in USA.
Date: 2026-02-12T23:49:54Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275864/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/64ec479d-124d-4c95-bf2a-3b8c6e6f550d.png
Threat Actors: Saiwer
Victim Country: USA
Victim Industry: Newspapers & Journalism
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of 260 credit card records
Category: Data Breach
Content: Threat actor claims to be selling 260 credit card records.
Date: 2026-02-12T23:31:24Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275874/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/04307865-45bc-4c4f-9667-c9c2cd972ede.png
Threat Actors: JustAnon69
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of 1.1 million private marketing leads database from Italy
Category: Data Breach
Content: The threat actor claims to be selling a private marketing leads database from Italy containing approximately 1.1 million records. The dataset includes civility, full name, phone number, mobile number, and email address.
Date: 2026-02-12T22:45:34Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275897/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/029f59ac-772b-4e89-a39e-38c91f2556fb.png
Threat Actors: betway
Victim Country: Italy
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of OpenSea Zero-Day Exploit Enabling NFT Asset Drain
Category: Vulnerability
Content: A seller is offering an alleged OpenSea zero-day exploit that reportedly allows bypassing order validation and draining NFTs from listings. The exploit is claimed to affect Ethereum Mainnet and other supported networks and is being sold for $100,000 under escrow.
Date: 2026-02-12T22:27:39Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-OpenSea-0-Day-Main-Net-Asset-Drain-P1-Critical-100k-MM-Only
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/638a6c72-10cf-4df3-9357-b01b67386aa2.png
Threat Actors: PhineasFisher
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: opensea
Victim Site: opensea.io
Jumeira Consultants Suffers Data Breach by Unknown Threat Actor
Category: Data Breach
Content: An unknown threat actor claims to have gained access and leaked internal documents of the organization, Jumeira Consultants based in Dubai , UAE.
Date: 2026-02-12T21:54:34Z
Network: openweb
Published URL: https://x.com/kabosuae/status/2021883447615111581
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a5b93714-a159-4c30-aae2-42cbfee4cea3.jpeg
Threat Actors: Unknown
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of Shoshit Vanchit Media Network Private Limited
Category: Defacement
Content: The threat actor claims to have defaced the website of Shoshit Vanchit Media Network Private Limited
Date: 2026-02-12T21:38:29Z
Network: telegram
Published URL: https://t.me/c/2758066065/999
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/556ad8cc-4309-44bf-b9cb-47c6a61199d5.jpg
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Newspapers & Journalism
Victim Organization: shoshit vanchit media network private limited
Victim Site: shoshitvanchitmedia.com
Alleged Sale of 1.5 Million Personal Records in Germany
Category: Data Breach
Content: Threat Actor claims to be selling a database containing approximately 1.5 million personal records from Germany, allegedly dated 2026. The dataset reportedly includes first and last names, email addresses, street addresses, city, ZIP code, gender, phone numbers, and dates of birth.
Date: 2026-02-12T20:56:58Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275889/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e7374d7b-020a-42b0-96c9-62769d7e3d6a.png
Threat Actors: Goldstones
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Iran Citizens Phone Numbers
Category: Data Breach
Content: A threat actor leaked a database allegedly containing approximately 1.6 million Iranian individuals’ records. the dataset includes first names, last names, and phone numbers.
Date: 2026-02-12T20:51:58Z
Network: openweb
Published URL: https://breachforums.bf/Thread-IRAN-People-PHONE-NUMBERS-FIRSTNAME-LASTNAME-1-6M
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6e0db7b1-cb35-4066-aa00-bf902c56965e.png
Threat Actors: 641a3
Victim Country: Iran
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized admin access to WordPress shop from Netherlands
Category: Initial Access
Content: The threat actor claims to be selling unauthorized administrative access to a Netherlands-based WordPress online shop. It includes approximately 8,319 total orders, including 1,453 orders in December and 1,763 in January.
Date: 2026-02-12T20:46:46Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275888/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0eee0417-2cb5-4e1c-924b-c5e0a479134e.png
Threat Actors: ParanoiaDe
Victim Country: Netherlands
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of VK Pay
Category: Data Breach
Content: The threat actor claims to have leaked a VK Pay database containing approximately 164,000 records, allegedly exposing user or payment-related information from the Russian digital payment platform.
Date: 2026-02-12T20:12:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-VK-Pay-Russian-Payment-System-164K
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/99255ff6-a711-4d48-a09c-04fd2afa723a.png
https://d34iuop8pidsy8.cloudfront.net/35578966-4ef7-4897-98a9-e58ebf8c606b.png
Threat Actors: ProxyBurning
Victim Country: Russia
Victim Industry: Financial Services
Victim Organization: vk pay
Victim Site: vk.com
STGHO3T claims to target Taliban in Afghanistan
Category: Alert
Content: A recent post by the group indicates that theyre targeting Taliban cyber and communication infrastructure in Afghanistan.
Date: 2026-02-12T18:49:29Z
Network: telegram
Published URL: https://t.me/stgho3tV/242
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/65bfaf9d-54dc-413b-bcd3-0e6eafff4252.png
https://d34iuop8pidsy8.cloudfront.net/3e00494a-e215-4334-b9db-38f584f3aa39.png
Threat Actors: STGHO3T
Victim Country: Afghanistan
Victim Industry: Unknown
Victim Organization: taliban
Victim Site: Unknown
InDoM1nuS Team targets the website of REDOL
Category: Defacement
Content: The group claims to have defaced the website of REDOL
Date: 2026-02-12T18:40:43Z
Network: telegram
Published URL: https://t.me/InDoM1nusTe4m/91
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/52add6c2-5a52-40d4-b5c1-eb6978580c0b.png
Threat Actors: InDoM1nuS Team
Victim Country: Belarus
Victim Industry: Automotive
Victim Organization: sto redol
Victim Site: stovcentre.by
Alleged leak of Steam Accounts Database
Category: Data Breach
Content: The threat actor claims to be sharing a database containing 28,621 Steam gaming platform accounts with usernames and passwords.
Date: 2026-02-12T18:27:19Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-FRESH-x28621-steam-account
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a9005542-cf23-4d09-8285-35273ebcf6e2.png
Threat Actors: Mayz0xxx
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthroized access to Spain Consumer Electronics Retail Company
Category: Initial Access
Content: The threat actor claims to be selling validated corporate network access to a large Spanish consumer electronics retail company, including Outlook (O365) and internal intranet access of a billing/logistics employee, with potential access to supplier invoices, customer databases, and financial/stock management systems.
Date: 2026-02-12T17:54:40Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELL-Network-Access-Spain-Consumer-Electronics-Retail-Revenue-%E2%82%AC150M–187814
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e98b6322-d705-46a5-903a-adbb52dd3d55.png
Threat Actors: bullmin
Victim Country: Spain
Victim Industry: Retail Industry
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Forti and Domain User Access to Multiple Industries in Italy
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized domain user access and forti access to an Italy-based company operating in the electricity and oil & gas sector.
Date: 2026-02-12T17:34:32Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275878/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d1c07f62-37e1-4201-9f85-a8f83752fbb9.png
Threat Actors: Big-Bro
Victim Country: Italy
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Vietnam Real Estate & HUST Student Registration Personal Informations
Category: Data Breach
Content: The threat actor claims to have leaked personal information of approximately 4,500 real estate clients in Vietnam along with student registration data from the Hanoi University of Science and Technology (HUST) platform.
Date: 2026-02-12T16:31:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-COLLECTION-Vietnam-Vietnam-Real-Estate-Mua-nh%C3%A0-Home-Purchase-Registration-Personal-Information
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1fceed15-b1ff-4219-8abb-6f2ccf7bdc9a.png
Threat Actors: TeaMp0isooN
Victim Country: Vietnam
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of multi-base cryptocurrency API keys, seed phrases and credential database
Category: Data Breach
Content: The threat actor claims to be selling a large aggregated database containing cryptocurrency seed phrases, private keys, API keys, and URL login/password records collected between 2016–2026. The dataset allegedly includes millions of wallet seeds and private keys across multiple blockchain networks, API credentials for exchanges and cloud services, and billions of credential pairs compiled from various public and archived sources.
Date: 2026-02-12T16:28:53Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275868/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c71c2281-41f2-4f61-81c9-6b8b9dd19593.png
https://d34iuop8pidsy8.cloudfront.net/5a7c92b9-9e7f-4382-b129-9a5eb835258c.png
https://d34iuop8pidsy8.cloudfront.net/960ff635-3ff7-4190-a41a-01d17eb68911.png
Threat Actors: XXXL
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of HIT_TXT AWS Apple Binance Combo Logs
Category: Malware
Content: The threat actor claims to be sharing a large TXT combo/stealer log containing credentials and data related to multiple platforms such as AWS, Apple, Binance, and other services.
Date: 2026-02-12T16:27:16Z
Network: openweb
Published URL: https://breachforums.bf/Thread-HIT-TXT-aws-2Capple-binance-more
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/387f6883-444e-4bec-9617-3f38e2b41a65.png
Threat Actors: Hichioo
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of Abrar Al Jannah Gold and Diamond
Category: Defacement
Content: The group claims to have defaced the website of Abrar Al Jannah Gold and Diamond.
Date: 2026-02-12T16:08:36Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6eb7b5bf-3d9e-4b09-bdc9-07a0d2ee1b44.png
https://d34iuop8pidsy8.cloudfront.net/27de0787-35d9-4b37-95b7-1b7421b16765.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Luxury Goods & Jewelry
Victim Organization: abrar al jannah gold and diamond
Victim Site: aajgold.com
Alleged sale of ChatGPT, Grok, Kick & Seznam Cookies Logs
Category: Malware
Content: The threat actor claims to be sharing stolen browser cookie/session logs related to platforms including ChatGPT, Grok, Kick, and Seznam.
Date: 2026-02-12T16:07:40Z
Network: openweb
Published URL: https://breachforums.bf/Thread-cookies-chatGTP-GROK-KICK-SEZNAM
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c04e9ec1-d97a-4fd5-ae09-f19d535eb87d.png
Threat Actors: Hichioo
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Admin Access to Gendarmerie Nationale
Category: Initial Access
Content: The threat actor claims to be selling 433 accounts related to the French Gendarmerie SSO authentication portal (auth.sso.gendarmerie.interieur.gouv.fr).
Date: 2026-02-12T16:05:00Z
Network: openweb
Published URL: https://breachforums.bf/Thread-433-accounts-auth-sso-gendarmerie-interieur-gouv-fr-No-Check
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2a40ee49-cb81-46c8-9a2a-3b120496c26f.png
Threat Actors: BugsBunny404
Victim Country: France
Victim Industry: Government & Public Sector
Victim Organization: gendarmerie nationale
Victim Site: gendarmerie.interieur.gouv.fr
HellR00ters Team targets the website of AAJ Group
Category: Defacement
Content: The group claims to have defaced the website of AAJ Group.
Date: 2026-02-12T16:01:33Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d40a0237-2022-4321-b567-447080f31de4.png
https://d34iuop8pidsy8.cloudfront.net/7711b8fa-34cf-4a0c-bbec-3f3412127535.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Business and Economic Development
Victim Organization: aaj group
Victim Site: aajgroup.ae
HellR00ters Team targets the website of AAJ Facility Management
Category: Defacement
Content: The group claims to have defaced the website of AAJ Facility Management.
Date: 2026-02-12T15:58:33Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/443122b8-716f-4f62-b24d-68b40f9b657e.png
https://d34iuop8pidsy8.cloudfront.net/61497867-98fc-4f77-aba7-07fb45795d1d.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Facilities Services
Victim Organization: aaj facility management
Victim Site: aaj-fm.com
Alleged data breach of Indiana Auto Auction
Category: Data Breach
Content: The group claims to have breached the data of Indiana Auto Auction. NB: Indiana Auto Auction operates under the parent company, Stanley Autenrieth Auction Group.
Date: 2026-02-12T15:55:59Z
Network: tor
Published URL: https://worldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onion/companies/4629108421/storage
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6aecb273-5d00-403c-b7a1-1c0c231b6af2.png
Threat Actors: Worldleaks
Victim Country: USA
Victim Industry: Automotive
Victim Organization: indiana auto auction
Victim Site: indianaautoauction.net
HellR00ters Team targets the website of Alphabets Jewellery
Category: Defacement
Content: The group claims to have defaced the website of Alphabets Jewellery.
Date: 2026-02-12T15:36:50Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d3938ec6-8fde-4dbd-bec5-fd4627991c69.png
https://d34iuop8pidsy8.cloudfront.net/e6fb7ce0-3e9e-4649-9f19-d37308121ddc.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Luxury Goods & Jewelry
Victim Organization: alphabets jewellery
Victim Site: aajalphabets.com
HellR00ters Team targets the website of Al Asifah Veterinary Clinic
Category: Defacement
Content: The group claims to have defaced the website of Al Asifah Veterinary Clinic.
Date: 2026-02-12T15:27:09Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dbb8acca-4dae-4523-ad95-9e682ef02dde.png
https://d34iuop8pidsy8.cloudfront.net/2e4f64c8-7fb1-483d-b790-c030d36bc4d5.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Veterinary
Victim Organization: al asifah veterinary clinic
Victim Site: alasifahvet.ae
HellR00ters Team targets the website of Precious Standard FZCO
Category: Defacement
Content: The group claims to have defaced the website of Precious Standard FZCO.
Date: 2026-02-12T15:13:53Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee4c9097-26e9-415c-8e37-3c1704231a4b.png
https://d34iuop8pidsy8.cloudfront.net/a5a2a536-5912-4787-83f2-eb2028bc418d.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Mining/Metals
Victim Organization: precious standard fzco
Victim Site: precious-standard.com
Alleged data breach of Thami Kabbaj
Category: Data Breach
Content: The threat actor claims to have leaked the trading training/course materials of Thami Kabbaj.
Date: 2026-02-12T15:09:59Z
Network: openweb
Published URL: https://breachforums.bf/Thread-formation-Trading-thami-kabbaj
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0314c0c0-190a-47e0-9131-86a099315458.png
Threat Actors: gfdhgfh
Victim Country: Morocco
Victim Industry: Financial Services
Victim Organization: thami kabbaj
Victim Site: thamikabbaj.com
HellR00ters Team targets the website of Bait Al Saadah Bldg. Cont
Category: Defacement
Content: The group claims to have defaced the website of Bait Al Saadah Bldg. Cont.
Date: 2026-02-12T15:04:05Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/71ddf68c-2d41-4f0c-a736-1ef4fb13ea67.png
https://d34iuop8pidsy8.cloudfront.net/bda853dc-adf6-4942-a995-e2f904f753ed.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Building and construction
Victim Organization: bait al saadah bldg. cont
Victim Site: baitalsaadah.com
HellR00ters Team targets the website of Canaura
Category: Defacement
Content: The group claims to have defaced the website of Canaura.
Date: 2026-02-12T14:49:32Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/172521ef-0337-4058-8f38-0943d40bd86c.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Computer & Network Security
Victim Organization: canaura
Victim Site: canaura.ae
HellR00ters Team targets the website of V3 Advertising LLC
Category: Defacement
Content: The group claims to have defaced the website of V3 Advertising LLC.
Date: 2026-02-12T14:48:20Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d9e512d1-2785-41ee-959c-7870c286cc30.png
https://d34iuop8pidsy8.cloudfront.net/c999087e-3216-4889-84cf-21f402f9e68e.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Marketing, Advertising & Sales
Victim Organization: v3 advertising llc
Victim Site: v3advertisingllc.com
Alleged leak of German motorcycle data
Category: Data Breach
Content: The threat actor claims to have breached the organisations data, allegedly including 75,394 records of full customer IBANs, BICs, names, amounts, mandate references, dates, 97,104 records sender names, old German bank account numbers (Kontonummer/BLZ), amounts in EUR, transaction purposes, dates going back to 2010, 6,694 records of PayPal order IDs, statuses, capture request/response JSON and more
Date: 2026-02-12T14:47:50Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Germany-Motorcycle-Site-Live-Access-MySQL-Bank-Data-Full-source-Everything
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ba3af4e4-b192-4540-9e7e-87dec17e7455.JPG
Threat Actors: OpenBullet
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of gotgroup.ae
Category: Defacement
Content: The group claims to have defaced the website of gotgroup.ae.
Date: 2026-02-12T14:43:50Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8b8c76c5-d786-4c86-8d53-de46ab63750d.jpg
https://d34iuop8pidsy8.cloudfront.net/f6d94abb-6556-4a9c-8349-867954faee00.jpg
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: gotgroup.ae
HellR00ters Team targets the website of Artisto Interiors
Category: Defacement
Content: The group claims to have defaced the website of Artisto Interiors.
Date: 2026-02-12T14:36:46Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fe4e4357-f5be-4453-aa82-816a6bdd0ea7.png
https://d34iuop8pidsy8.cloudfront.net/fb2c57b3-0a93-4532-bd4e-9db23d6ea643.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Architecture & Planning
Victim Organization: artisto interiors
Victim Site: artistointeriors.ae
Alleged unauthorized Access to an unidentified irrigation systems in Spain
Category: Initial Access
Content: The group claims to have gained alleged unauthorized access to an unidentified irrigation systems in Spain. The compromised system reportedly controls pumps, valves, automatic irrigation systems, as well as parameters and irrigation mode settings.
Date: 2026-02-12T14:35:42Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1070
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9b596ee1-b889-4ed7-8f7f-38ac5d48d38e.JPG
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of Wood Maker Furniture
Category: Defacement
Content: HellR00ters Team targets the website of Wood Maker Furniture.
Date: 2026-02-12T14:30:24Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4c025d29-3aed-404d-8bdf-249efc10cee3.png
https://d34iuop8pidsy8.cloudfront.net/50ab310b-8ce8-40b8-892d-234e65ef160c.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Furniture
Victim Organization: wood maker furniture
Victim Site: woodmakerfurniture.com
HellR00ters Team targets the website of Al Mezan
Category: Defacement
Content: The group claims to have defaced the website of Al Mezan.
Date: 2026-02-12T14:20:24Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cd0f9964-1523-45d6-b795-a0e134ea4397.jpg
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Building and construction
Victim Organization: al mezan
Victim Site: mezanuae.com
HellR00ters Team targets the website of IQZON Freight LLC
Category: Defacement
Content: The group claims to have defaced the website of IQZON Freight LLC.
Date: 2026-02-12T14:16:57Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e9efd1f5-3592-4280-90b9-9113f503742c.png
https://d34iuop8pidsy8.cloudfront.net/23ffeaba-0717-4844-b6be-20f35d1c6fd9.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Transportation & Logistics
Victim Organization: iqzon freight llc
Victim Site: iqzonfreight.com
HellR00ters Team targets the website of Binsina Advertising LLC
Category: Defacement
Content: The group claims to have defaced the website of Binsina Advertising LLC.
Date: 2026-02-12T14:15:28Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0d3f74bd-0c5b-4510-8df8-20cc361faf2c.png
https://d34iuop8pidsy8.cloudfront.net/a477d4b7-2d41-49e5-b063-cdb05d789f28.png
Threat Actors: HellR00ters Team
Victim Country: UAE
Victim Industry: Printing
Victim Organization: binsina advertising llc
Victim Site: binsinaadvertising.com
Alleged access to Nixo Finance
Category: Initial Access
Content: The group claims to have leaked access to Nixo Finance.
Date: 2026-02-12T14:13:35Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3691
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ed5f8d03-3b5b-41c9-8cc8-b90e1c6877d5.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: Algeria
Victim Industry: Financial Services
Victim Organization: nixo finance
Victim Site: nixo.top
HellR00ters Team targets the website of SORRISO NEST
Category: Defacement
Content: The group claims to have defaced the website of SORRISO NEST.
Date: 2026-02-12T14:08:22Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e57b9a56-62d9-489a-9ff6-3d6d6e0dbf6b.png
https://d34iuop8pidsy8.cloudfront.net/d8d3b938-b547-402e-b2de-873a09d3e8ba.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: sorriso nest
Victim Site: sorrisonest.in
Alleged data breach of BitView
Category: Data Breach
Content: The threat actor claims to have breached the data of 64,614 users and about 63,291 unique emails of BitView, allegedly including usernames, emails, bcrypt passwords hashes, IPs, and other data like private messages sent on the siteThe breach took place in December 2024
Date: 2026-02-12T13:58:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-BitView-2024-64-614
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/639e0938-428a-4ddc-8f70-107bf3558e7e.JPG
Threat Actors: closemyeyes
Victim Country: Unknown
Victim Industry: Online Publishing
Victim Organization: bitview
Victim Site: bitview.net
Cyber Attack hits Borough of State College
Category: Cyber Attack
Content: The local government of State College Borough, Pennsylvania suffered a cyberattack that disrupted services and computer systems. Borough officials confirmed the incident and are working to investigate the breach and restore systems safely. Residents may experience delays or interruptions in some public services while recovery efforts continue.
Date: 2026-02-12T13:57:19Z
Network: openweb
Published URL: https://www.statecollege.com/articles/local-news/state-college-borough-government-hit-by-cyberattack/
Screenshots:
None
Threat Actors: Unknown
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: borough of state college
Victim Site: statecollegepa.us
HellR00ters Team targets the website of MyDearGroup
Category: Defacement
Content: The group claims to have defaced the website of MyDearGroup.
Date: 2026-02-12T13:57:11Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9166560b-2c74-4040-a32b-da106b86252b.png
https://d34iuop8pidsy8.cloudfront.net/34b5bbc8-2163-47bc-aa5a-3dc70dff992f.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Architecture & Planning
Victim Organization: mydeargroup
Victim Site: mydeargroup.com
Alleged Sale of Unauthorized Admin Access to PrestaShop Store in Poland
Category: Initial Access
Content: The threat actor claims to be selling unauthorized admin panel access to a Poland-based PrestaShop store.
Date: 2026-02-12T13:56:22Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275855/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0b272151-59b0-45a8-aaa6-1a705bb90a80.png
Threat Actors: rezon4ns
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
HellR00ters Team targets the website of mounjnatural.pt
Category: Defacement
Content: The group claims to have defaced the website of mounjnatural.pt
Date: 2026-02-12T13:52:44Z
Network: telegram
Published URL: https://t.me/c/2875163062/593
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/63f9dc4d-a58b-4ae8-ba54-081e8a8f5357.png
https://d34iuop8pidsy8.cloudfront.net/8332475b-e2c4-4c6c-bc4e-8058baa9325d.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: mounjnatural.pt
HellR00ters Team targets the website of lavieprofessione.pt
Category: Defacement
Content: The group claims to have defaced the website of lavieprofessione.pt
Date: 2026-02-12T13:48:26Z
Network: telegram
Published URL: https://t.me/c/2875163062/593
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/38292ba2-52a3-4802-89c3-57309d04c662.png
https://d34iuop8pidsy8.cloudfront.net/b2d33103-289d-45fe-ad4e-d01ecbca1541.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: lavieprofessione.pt
HellR00ters Team targets the website of ifelinedoc-srgroup.com
Category: Defacement
Content: The group claims to have defaced the website of ifelinedoc-srgroup.com
Date: 2026-02-12T13:42:08Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4f55977b-05ef-4fb5-a8bb-ffbee02545b5.png
https://d34iuop8pidsy8.cloudfront.net/56d9ee00-f129-4d94-be7f-f757a91336a8.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: Leisure & Travel
Victim Organization: Unknown
Victim Site: ifelinedoc-srgroup.com
HellR00ters Team targets the website of naarajorge.rpldigital.pt
Category: Defacement
Content: The group claims to have defaced the website of naarajorge.rpldigital.pt
Date: 2026-02-12T13:39:41Z
Network: telegram
Published URL: https://t.me/c/2875163062/593
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7def551-a9e5-4ef4-b969-86eb91f823d5.png
Threat Actors: HellR00ters Team
Victim Country: Portugal
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: naarajorge.rpldigital.pt
HellR00ters Team targets the website of riseagency.pt
Category: Defacement
Content: The group claims to have defaced the website of riseagency.pt
Date: 2026-02-12T13:37:16Z
Network: telegram
Published URL: https://t.me/c/2875163062/593
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/75e113ca-0c87-4b26-a5c8-0b3931890c82.png
https://d34iuop8pidsy8.cloudfront.net/cffd0fd0-5e40-4691-b9f6-bd7b6593f252.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: riseagency.pt
HellR00ters Team targets the website of Larkinz
Category: Defacement
Content: The group claims to have defaced the website of Larkinz.
Date: 2026-02-12T13:35:42Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f087fe0a-90cc-4553-a7d4-54aac6815af6.png
Threat Actors: HellR00ters Team
Victim Country: UK
Victim Industry: Hospital & Health Care
Victim Organization: larkinz.
Victim Site: larkinz.com
HellR00ters Team targets the website of clinic.canronesoftware.com
Category: Defacement
Content: The group claims to have defaced the website of clinic.canronesoftware.com
Date: 2026-02-12T13:33:12Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2856167c-cada-4699-b78c-2ca6678a009f.png
https://d34iuop8pidsy8.cloudfront.net/0ccf1c17-a704-425e-95d5-93211909b76e.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: clinic.canronesoftware.com
HellR00ters Team targets the website of Fabdec interiors
Category: Defacement
Content: The threat actor claims to have defaced the website of Fabdec interiors
Date: 2026-02-12T13:33:05Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cf0e586e-6dc5-4ba8-b0bb-afd5ec378d46.JPG
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Architecture & Planning
Victim Organization: fabdec interiors
Victim Site: fabdecinteriors.com
HellR00ters Team targets the website of Poya
Category: Defacement
Content: The threat actor claims to have defaced the website of Poya
Date: 2026-02-12T13:25:39Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/23e262e6-5985-4890-949d-aca407617187.JPG
Threat Actors: HellR00ters Team
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: poya
Victim Site: poya.in
HellR00ters Team targets the website of Canrone Software LLP
Category: Defacement
Content: The group claims to have defaced the website of Canrone Software LLP.
Date: 2026-02-12T13:24:38Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/76104538-3ebc-47b0-ba7b-345c50c9415b.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: canrone software llp
Victim Site: billar.canrone.com
HellR00ters Team targets the website of Fainbay
Category: Defacement
Content: The group claims to have defaced the website of Fainbay.
Date: 2026-02-12T13:22:01Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b833d869-bf0c-473a-945b-c36388904f31.png
https://d34iuop8pidsy8.cloudfront.net/5aef83e2-c7a7-4425-8c99-cb32ad16fb3d.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Consumer Goods
Victim Organization: fainbay
Victim Site: fainbay.com
HellR00ters Team targets the website of Go Green Fruits Trading
Category: Defacement
Content: The group claims to have defaced the website of Go Green Fruits Trading
Date: 2026-02-12T13:20:56Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/234b83ea-03fc-442c-bca3-c9075dd71b8a.png
Threat Actors: HellR00ters Team
Victim Country: Malaysia
Victim Industry: Wholesale
Victim Organization: go green fruits trading
Victim Site: gogreenfruits.com
HellR00ters Team targets the website of Golden Horca
Category: Defacement
Content: The group claims to have defaced the website of Golden Horca.
Date: 2026-02-12T13:15:31Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/92fd068f-6e84-47d6-b650-d7b8271f34e5.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Events Services
Victim Organization: golden horca
Victim Site: goldenhorca.co.in
HellR00ters Team targets the website of RPL Digital
Category: Defacement
Content: The threat actor claims to have defaced the website of RPL Digital
Date: 2026-02-12T13:02:39Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ea288c0d-bd1c-45f0-94af-d2c57ec68bd9.JPG
Threat Actors: HellR00ters Team
Victim Country: Portugal
Victim Industry: Marketing, Advertising & Sales
Victim Organization: rpl digital
Victim Site: agencia.rpldigital.pt
HellR00ters Team targets the website of MSO Cleaning Services Limited
Category: Defacement
Content: The group claims to have defaced the website of MSO Cleaning Services Limited.
Date: 2026-02-12T13:00:51Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8150e4fa-028d-4e69-ab8a-f90504633f41.png
Threat Actors: HellR00ters Team
Victim Country: UK
Victim Industry: Legal Services
Victim Organization: mso cleaning services limited
Victim Site: msocleaningservices.co.uk
HellR00ters Team targets the website of Watermate
Category: Defacement
Content: The group claims to have defaced the website of Watermate.
Date: 2026-02-12T12:58:22Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/12fc4930-eb02-4815-94ea-c32e26ec4f78.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Professional Services
Victim Organization: watermate
Victim Site: watermatekerala.com
HellR00ters Team targets the website of Grace Globe Consultants
Category: Defacement
Content: The threat actor claims to have defaced the website of Grace Globe Consultants
Date: 2026-02-12T12:52:36Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/39775425-4e39-4332-a691-ecd258d3dd81.JPG
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Staffing/Recruiting
Victim Organization: grace globe consultants
Victim Site: graceglobeconsultants.com
HellR00ters Team targets the website of Cascade Electricals
Category: Defacement
Content: The group claims to have defaced the website of Cascade Electricals.
Date: 2026-02-12T12:48:43Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/50b04028-8127-417a-b614-d5d395830399.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Mechanical or Industrial Engineering
Victim Organization: cascade electricals
Victim Site: cascadeelectric.in
HellR00ters Team targets the website of javadirani.com
Category: Defacement
Content: The group claims to have defaced the website of javadirani.com
Date: 2026-02-12T12:47:08Z
Network: telegram
Published URL: https://t.me/c/2758066065/998
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/95fbd098-b282-4eb9-b300-e9e8a22cb638.png
Threat Actors: HellR00ters Team
Victim Country: Unknown
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: javadirani.com
Alleged Sale of Worldwide Crypto Database
Category: Data Breach
Content: The threat actor claims to be selling a database allegedly containing approximately 527,000 worldwide cryptocurrency-related records.
Date: 2026-02-12T12:05:57Z
Network: openweb
Published URL: https://leakbase.la/threads/527k-world-wide-crypto-database.48744/#post-271762
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f499c7e2-b8cb-4d39-85af-13113c2ccfa3.png
Threat Actors: Pijush507
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
maulnism1337 targets the website of WF Crowd Management and Delegation Escort
Category: Defacement
Content: The group claims to have defaced the website of WF Crowd Management and Delegation Escort.
Date: 2026-02-12T11:03:09Z
Network: telegram
Published URL: https://t.me/maul1337anon/833
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5a1ae15e-0cc6-4edf-ad1f-5e40979860c0.jpg
Threat Actors: maulnism1337
Victim Country: Saudi Arabia
Victim Industry: Professional Services
Victim Organization: wf crowd management and delegation escort
Victim Site: wf-saudi.com
Alleged Sale of Unauthorized Admin and Shell Access to Magento Store in Spain
Category: Data Breach
Content: The threat actor claims to be selling unauthorized admin and shell access to a Spain-based Magento 2 store, including database control and daily credit card transactions via Redsys.
Date: 2026-02-12T10:57:28Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275838/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f772718-b6af-4727-bf83-4d6e4cb0f24f.png
https://d34iuop8pidsy8.cloudfront.net/1140cee3-4546-467c-990a-919c01fec583.png
Threat Actors: JustAnon69
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to unidentified Spa center in Japan
Category: Initial Access
Content: The group claims to have gained unauthorized access to unidentified Spa center in Sendai City Japan. They have reportedly obtained access to Camera 5 in Restaurant, Camera 6 in Ganbanyoku Hall (Japanese bathhouse), Camera 11 in Exit gate, Cameras 12 in 15 – Payment terminals, Camera 16 in Reception, Camera 18 in Coin-operated massage, Camera 20 in Drinks counter, Other – Locker room, shoes, stairs, gates, and other rest and service areas.
Date: 2026-02-12T10:32:42Z
Network: telegram
Published URL: https://t.me/c/2787466017/2215
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fbf39d4b-9e21-4727-aacd-a1fdd46d912e.jpg
Threat Actors: NoName057(16)
Victim Country: Japan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to an unidentified WordPress shop in Israel.
Category: Initial Access
Content: The threat actor claims to be selling unauthorized administrator access to an unidentified WordPress-based online shop in Israel.
Date: 2026-02-12T10:23:42Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275843/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0ed8cd33-fd80-49d4-bda0-37247fa20844.png
Threat Actors: TreeWater
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Admin Access to an Unidentified WordPress Shop
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin access to an unidentified WordPress shop.
Date: 2026-02-12T10:16:01Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275844/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/63b730c2-2319-429f-9f77-3fb81ddfa3c8.png
Threat Actors: UnitT
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-SH4DOWSPEECH targets the website of connectpopo.com
Category: Defacement
Content: Group claims to have defaced the website of connectpopo.com.
Date: 2026-02-12T09:49:54Z
Network: telegram
Published URL: https://t.me/c/2552217515/313
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/86f0581c-3e1d-4bc2-ac4d-b60b8504f0a9.jpg
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: connectpopo.com
Alleged data breach of DRIVEN Digital AutoCentral
Category: Data Breach
Content: The group claims to have breached data from DRIVEN Digital AutoCentral, compromising sensitive information across multiple tables, including accounts (with fields like id, name, email, mobile, and password), admins (with fields like id, name, email, and password), cards (with fields like user_id, last_four, and cvv), dispatchers, fleets, oauth_clients, providers (with extensive personal and service-related data), and users (with fields like id, full_name, email, mobile, password, and wallet_balance).
Date: 2026-02-12T09:39:15Z
Network: telegram
Published URL: https://t.me/c/2552217515/308
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d214fe0c-293a-4c37-a8ad-3fac57bd9df6.png
https://d34iuop8pidsy8.cloudfront.net/2c7c1320-78cf-46c6-a645-7727995cd42e.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: UAE
Victim Industry: Machinery Manufacturing
Victim Organization: driven digital autocentral
Victim Site: drivens.co
Alleged data breach of SuperVista AG
Category: Data Breach
Content: The threat actor claims to have breached 1,531,618 rows of user data of SuperVista AG, allegedly including first name, last name, email, contact number and more. The breach took place in September 2025.
Date: 2026-02-12T09:01:31Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Brillen-de-operated-by-SuperVista-AG-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d5500e6b-915a-4331-b5d5-23fbff0826d9.JPG
Threat Actors: Meow
Victim Country: Germany
Victim Industry: Retail Industry
Victim Organization: supervista ag
Victim Site: brillen.de
Alleged data breach of Brásia Comercial e Importação LTDA
Category: Data Breach
Content: The group claims to have breached data from Brásia Comercial e Importação LTDA. The compromised data includes app users, user id, user cover, user name, user last name, user email, user password etc.
Date: 2026-02-12T08:01:47Z
Network: telegram
Published URL: https://t.me/c/2552217515/305
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c27dbc7-fbeb-4961-80f6-34224cfb835c.jpg
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Brazil
Victim Industry: Machinery Manufacturing
Victim Organization: brásia comercial e importação ltda
Victim Site: brasialtda.com.br
Alleged data breach of Ocongate District Municipality
Category: Data Breach
Content: The group claims to have breached data from Ocongate District Municipality, compromised data includes QBY users fields like ID, user login, user pass, user nice name, user email, user URL, user registered date, user activation key, user status, and display name.
Date: 2026-02-12T07:35:04Z
Network: telegram
Published URL: https://t.me/c/2552217515/303
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/14272204-5499-4904-9a88-fc7d23fbc986.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Peru
Victim Industry: Government Administration
Victim Organization: ocongate district municipality
Victim Site: muniocongate.gob.pe
JAKARTA GHOST DIGITAL targets the website of M script Photography
Category: Defacement
Content: The group claims to have defaced the website of M script Photography.
Date: 2026-02-12T06:57:51Z
Network: openweb
Published URL: https://defacer.id/mirror/id/238247
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/379a7ab6-621c-425d-9e69-90c2c311609e.png
Threat Actors: JAKARTA GHOST DIGITAL
Victim Country: Canada
Victim Industry: Photography
Victim Organization: m script photography
Victim Site: mscriptedphotography.com
Alleged sale of unauthorized admin and shell access to Magento store in UK
Category: Data Breach
Content: Threat actor claims to be selling access to a UK-based Magento 2 e-commerce store, allegedly obtained via an iframe payment setup. The access reportedly includes shell, database, and admin panel control, with the store processing around 400 orders per month through Stripe payments.
Date: 2026-02-12T06:53:47Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275834/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ece3df3c-1b62-4c8c-a82e-5c32e5a678e8.png
https://d34iuop8pidsy8.cloudfront.net/d58b5f25-5da4-42fa-81ce-88dd3f424891.png
Threat Actors: JustAnon69
Victim Country: UK
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: Unknown
JAKARTA GHOST DIGITAL targets the website of Tribalzone Service Limited
Category: Defacement
Content: The group claims to have defaced the website of Tribalzone Service Limited.
Date: 2026-02-12T06:36:28Z
Network: openweb
Published URL: https://defacer.id/mirror/id/238252
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8e155eda-7d9f-4c08-a3e3-5c1fc5ad3dd7.png
Threat Actors: JAKARTA GHOST DIGITAL
Victim Country: Nigeria
Victim Industry: Transportation & Logistics
Victim Organization: tribalzone service limited
Victim Site: tribalzoneservices.com
Alleged data breach of HalliSoftUK
Category: Data Breach
Content: The group claims to have leaked the database of HalliSoftUK. The compromised database reportedly contains user account records including user IDs, gamertags, ban status and administrative actions, profile images, email addresses, login attempt records, passwords, session fields, user roles, confirmation data, IP address history, account creation and activity timestamps, managerial and team identifiers, and detailed gameplay performance statistics such as games played, goals, assists, saves, tackles, interceptions, console information, and points.
Date: 2026-02-12T06:14:57Z
Network: telegram
Published URL: https://t.me/c/2552217515/294
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eda096be-2225-4538-b973-6d51a605ca23.png
https://d34iuop8pidsy8.cloudfront.net/a184eb8e-209a-4aae-80f0-0f43f41179f8.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: UK
Victim Industry: Network & Telecommunications
Victim Organization: hallisoftuk
Victim Site: hallisoft.co.uk
JAKARTA GHOST DIGITAL targets the website of Sathuta Group
Category: Defacement
Content: The group claims to have defaced the website of Sathuta Group.
Date: 2026-02-12T05:50:30Z
Network: openweb
Published URL: https://defacer.id/mirror/id/238264
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0abef19e-2557-4c7e-90d1-d2cb15c87029.png
https://d34iuop8pidsy8.cloudfront.net/9235fa44-cf74-49eb-ae0b-781dc3ece09d.png
Threat Actors: JAKARTA GHOST DIGITAL
Victim Country: Sri Lanka
Victim Industry: Transportation & Logistics
Victim Organization: sathuta group
Victim Site: sathutagroup.com
Alleged sale of 65,000 Bancrecer Venezuela customer records
Category: Data Breach
Content: Threat actor claims to be selling 65,000 records allegedly linked to a Venezuelan microfinance bank. The compromised data reportedly includes account numbers, account holder full names, available balances, performed transactions, and added accounts for transfers.
Date: 2026-02-12T05:35:12Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-For-Sale-65k-Bancrecer-Venezuela-Records-%E2%80%93-Bank-Accounts-Phone-Numbers-Full-Names
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a77136e6-4caf-4423-9e93-3162b58ffbea.png
https://d34iuop8pidsy8.cloudfront.net/6e8f3ff9-d2d6-480e-88cf-ab5fd9f0590a.png
https://d34iuop8pidsy8.cloudfront.net/dfc38b85-6af8-494d-b8b7-fc8d41808aad.png
https://d34iuop8pidsy8.cloudfront.net/7a913817-e550-4ea4-9004-7e6c333075bb.png
Threat Actors: GordonFreeman
Victim Country: Venezuela
Victim Industry: Banking & Mortgage
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Brazilian Army Database
Category: Data Breach
Content: Threat actor claims to be selling Brazilian Army government database; the dataset contains 30 GB JSONL file containing records on approximately 50 million individuals.
Date: 2026-02-12T05:00:39Z
Network: openweb
Published URL: https://breachforums.bf/Thread-VERIFIED-Selling-Brazil-Army-Government-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d4491906-0c7b-4088-a06d-88cad1dca77b.png
Threat Actors: Elmarub
Victim Country: Brazil
Victim Industry: Government Administration
Victim Organization: brazilian army
Victim Site: Unknown
Alleged sale of SQLi and webshell access to Indian payroll server
Category: Initial Access
Content: Threat actor claims to be selling SQL injection access, webshell with interactive session, and local administrator credentials for an Indian HR/payroll company server, allegedly including multiple databases.
Date: 2026-02-12T04:31:48Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275746/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d6c39dd6-a465-4e86-b765-1cf2af34329f.png
Threat Actors: zanko
Victim Country: India
Victim Industry: Human Resources
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of credit card records
Category: Data Breach
Content: Threat actor claims to be selling 200 credit card records from UK. The compromised data reportedly includes expiry, cvv, card holder name, city, address, zip, phone number, and date of birth.
Date: 2026-02-12T04:28:53Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275771/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/35792cfe-2dd7-4717-8630-9f7c0ea6971c.png
Threat Actors: samy01
Victim Country: UK
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Repediu
Category: Data Breach
Content: The threat actor claims to have breached the database of Repediu; the dataset contains multiple confidential data of users and customers.
Date: 2026-02-12T04:23:13Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-repediu-com-br-databreach
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1518e722-4ee5-4d4f-8cd0-359f159bee59.png
Threat Actors: Real
Victim Country: Brazil
Victim Industry: E-commerce & Online Stores
Victim Organization: repediu
Victim Site: repediu.com.br
Alleged Data Leak of crypto.com
Category: Data Breach
Content: Threat actor claims to be selling Crypto.com related user data. The dataset reportedly includes names, email addresses, phone numbers, and limited demographic details. Coverage spans multiple regions including the US, EU, Canada, and Australia. The seller states this is not a full Crypto.com database. Pricing starts at $800, with a minimum purchase of 10K records.
Date: 2026-02-12T03:55:28Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275831/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/61e65940-a4d6-4bb6-a24f-704bc0551d2b.png
https://d34iuop8pidsy8.cloudfront.net/0d39076b-07bb-4c3a-82b2-867671b25195.png
Threat Actors: nest0r_BF
Victim Country: Singapore
Victim Industry: Financial Services
Victim Organization: crypto.com
Victim Site: crypto.com
Alleged Data Leak of BunuHampu City Student Database
Category: Data Breach
Content: The threat actor claims to have leaked the database of BunuHampu City Student data; the dataset contains student identity, family, socioeconomic, and educational datas.
Date: 2026-02-12T03:47:41Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-BunuHampu-City-Student-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a1f796ac-5c12-4aba-baaa-d0f2b08e7a2a.png
Threat Actors: TikusXploit
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Vietnam Shopping Customer Database
Category: Data Breach
Content: Threat actor claims to be selling the database of Vietnam Shopping Customer Database, the dataset contains customer identity, contact information, order history, loyalty data, and store location details.
Date: 2026-02-12T03:41:00Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-Vietnam-shopping-database-for-sell
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2eabe9b-b9cf-4b39-b03e-90a3e8497299.png
Threat Actors: Merlin
Victim Country: Vietnam
Victim Industry: Retail Industry
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Treddur
Category: Data Breach
Content: The group claims to have leaked database of Treddur. The Compromised data includes users database containing IDs, names, email addresses, email verification details, passwords, remember tokens, and account timestamps.
Date: 2026-02-12T03:21:50Z
Network: telegram
Published URL: https://t.me/c/2552217515/292
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1987b71f-bbb7-452a-b24e-62a9c9667e8d.png
https://d34iuop8pidsy8.cloudfront.net/556bbec0-5811-4f48-a2c8-a255f75247ee.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: USA
Victim Industry: Automotive
Victim Organization: treddur
Victim Site: treddur.com
Alleged Data Breach of Harvard University
Category: Data Breach
Content: Threat actor claims to be selling Harvard University data. The leaked data allegedly includes VIP donor profiles, names, email addresses, dates of birth, physical addresses, and donation amounts/purposes. The dataset is said to relate to donations and admissions practices, with data reportedly collected around Nov 2025.
Date: 2026-02-12T03:06:43Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275829/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/56ae8589-9a80-41f0-bd4e-120daa14ed48.png
Threat Actors: FiveEyesSpook
Victim Country: USA
Victim Industry: Education
Victim Organization: harvard university
Victim Site: harvard.edu
Alleged data breach of DroidSat
Category: Data Breach
Content: The group claims to have leaked data belonging to DroidSat. The compromised data includes ipaddressinfo, location, password history, userid, token, scheme, session, etc.
Date: 2026-02-12T01:56:04Z
Network: telegram
Published URL: https://t.me/c/2552217515/299
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5e3eebaa-2f0b-484d-b29a-d862b1ff9800.png
https://d34iuop8pidsy8.cloudfront.net/6fd75be4-b196-4641-8d6d-de04776d04e4.png
https://d34iuop8pidsy8.cloudfront.net/666b14e3-100c-4186-be2b-dc3a1d7ce7e6.png
https://d34iuop8pidsy8.cloudfront.net/561a6361-aa35-441c-ad5d-554ea453eeb2.png
Threat Actors: Z-SH4DOWSPEECH
Victim Country: Italy
Victim Industry: Software Development
Victim Organization: droidsat
Victim Site: droidsat.org
Alleged Data Breach of pandabuy
Category: Data Breach
Content: The threat actor claims to have breached the database of Pandabuy, the dataset contains total size of 2.77 GB, containing approximately 7,322,781 records.
Date: 2026-02-12T00:59:34Z
Network: openweb
Published URL: https://darkforums.me/Thread-pandabuy-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee63af8d-bcba-4ecb-b31e-32beaf9ee4bf.png
Threat Actors: Kirigaya
Victim Country: UK
Victim Industry: E-commerce & Online Stores
Victim Organization: pandabuy
Victim Site: pandabuy.com
maulnism1337 targets the website of ITC Business School
Category: Defacement
Content: The group claims to have defaced the website of ITC Business School
Date: 2026-02-12T00:37:48Z
Network: telegram
Published URL: https://t.me/maul1337anon/831
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/951244c8-9da2-49b3-9e9a-319198ab7ebb.png
Threat Actors: maulnism1337
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: itc business school
Victim Site: itcbusinessschool.com
Alleged Data Breach of Ritelink
Category: Data Breach
Content: The threat actor claims to have breached the database of Ritelink; the dataset contains 79,081 records, with a total file size of 9.63 MB.
Date: 2026-02-12T00:22:35Z
Network: openweb
Published URL: https://breachforums.bf/Thread-ritelink-com-ng
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d4d15344-9ef4-48b0-95a1-6f2b9d36c043.png
Threat Actors: 0xKirigaya
Victim Country: Nigeria
Victim Industry: Network & Telecommunications
Victim Organization: ritelink
Victim Site: ritelink.com.ng
Alleged Sale of Mojitios Autodoxer
Category: Malware
Content: Threat actor claims to be selling an automated doxing tool named Mojitos Autodoxer, advertised to aggregate personal data on U.S.-based individuals using multiple OSINT and paid data sources. Priced at $1,500, the tool includes account recovery modules and appears intended for unauthorized data harvesting and identity abuse.
Date: 2026-02-12T00:21:14Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275825/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7a0234e0-21e3-4253-99f0-9e6eac61f8c9.png
https://d34iuop8pidsy8.cloudfront.net/9e08dc04-1c4d-4e63-8772-3ba50a818325.png
https://d34iuop8pidsy8.cloudfront.net/de183dd0-e3a6-4071-b39f-27fd19b0b690.png
Threat Actors: mojitos
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Leak of Coin Base data from France
Category: Data Breach
Content: Threat actor claims to have leaked a Coinbase France user database (2026). The dataset allegedly contains names, phone numbers, and email addresses, with a reported size of 27,991 records and sample data shared.
Date: 2026-02-12T00:00:21Z
Network: openweb
Published URL: https://leakbase.la/threads/coinbase-france.48735/#post-271636
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4556cfa6-c0a9-4269-90e6-2e23cb8e020e.png
Threat Actors: zoozkooz
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown