[February-23-2026] Daily Cybersecurity Threat Report

Posted on

Executive Summary

This report analyzes a series of recent cyber incidents based on draft data detected on February 23, 2026. The dataset encompasses 109 distinct cybersecurity events targeting various global entities across multiple industries.+4

The threat landscape observed in this dataset is primarily dominated by data breaches, unauthorized initial access sales, and website defacements. The distribution of these attacks occurs across open web forums and Telegram channels. Several high-profile threat actors and hacktivist groups demonstrated organized, repeated campaigns against specific regions and sectors.+4

1. Primary Attack Categories

The incidents are categorized into several main types of malicious activity:

  • Data Breaches: This is the most prevalent category, involving the exfiltration and sale or leak of sensitive databases. Significant breaches include a 21 million record leak from Odido Netherlands and a 4.3 million record leak from Sport 2000 in France.+3
  • Initial Access Brokers (IAB): Threat actors frequently sold unauthorized administrative or server access to various global organizations, including e-commerce platforms and telecommunications companies.+4
  • Defacements: Hacktivist groups actively targeted government, retail, and gaming websites to alter their visual appearance, heavily impacting regions like Thailand and Indonesia.+4
  • Malware & Tools: The dataset includes the advertisement of a universal email checker and mail grabber tool designed to extract attachments and verify emails.
  • Alerts: Some threat actors used platforms to announce future operations, such as “Operation Shortcircuit” targeting Israel and Ukraine.

2. Geographical Victimology

The threat actors targeted a wide array of countries, with notable concentrations in specific regions:

  • Middle East: Iraq suffered numerous credential leaks impacting its education sector, international airports, and government ministries. Israel was also targeted, including an alleged breach of a groundwater pump management system.+4
  • Europe: France was a primary target for data breaches, affecting entities like Olympique de Marseille, Unis-Cité, and multiple state services.+4
  • Asia: Thailand experienced a coordinated defacement campaign targeting subdistrict municipalities and administrative organizations. India faced breaches in its education and government sectors, including a visa application center.+4
  • Americas: Colombia faced consecutive data breaches targeting its higher education institutions and municipal governments. The USA was heavily targeted for initial access to online stores and corporate databases.+4

Prominent Threat Actor Profiles

The dataset reveals several highly active threat actors and groups operating distinct campaigns:

A K U L A v 2 . 2

This actor focuses almost exclusively on leaking login credentials. Their primary targets are located in the Middle East, specifically Iraq. Targeted entities include the Federal Police Command, Iraqi Ministry of Trade, Uruk University, and Baghdad International Airport.+4

EXADOS

EXADOS is a defacement group highly active against Thai government infrastructure. They successfully defaced multiple subdistrict municipality websites, including Koh Tao, Laem, Kalisa, and Phato. They also claimed to have defaced Microsoft Bing.+4

DEFACER INDONESIAN TEAM

This group executes widespread website defacements across various industries and countries. Their targets range from a gaming site in Venezuela to Real Estate condos in the USA and legal services in Thailand.+4

NyxarGroup

NyxarGroup specializes in data breaches targeting Colombian infrastructure. They successfully breached databases belonging to the Universidad Cooperativa de Colombia, Universidad Industrial de Santander, Alcaldía de Girón, and Agencia Pública de Empleo.+4

Initial Access Brokers (Shopify, savel987, miyako)

Multiple actors act as access brokers. “Shopify” sold admin access to WordPress stores in Italy and France. “savel987” sold database and admin access to shops in the USA, Georgia, the EU, and Ecuador. “miyako” offered access to a South African telecom and an Argentine manufacturing company.+4

Detailed Incident Breakdown

Below is a structured analysis of critical incidents grouped by category.

Significant Data Breaches

  • Odido Netherlands: ShinyHunters allegedly breached 21 million records containing sensitive PII, physical addresses, passwords, and passport numbers.+2
  • Sport 2000 (France): Threat actor “authsso” claimed to sell a database of roughly 4.37 million individuals, exposing names, physical addresses, and loyalty card numbers.
  • Olympique de Marseille (France): Actor “84City” advertised 400,000 accounts containing full PII, staff emails, and customer orders.
  • YOUX / DRIVE IQ (Australia): FulcrumSec allegedly breached 300 GB of data from 22 databases, affecting 444,538 borrowers and exposing personal and employment information.+1
  • Coinbase Users: Multiple threat actors (mikaj63133, yafab43641, motefi1788, bacolo5655, mawog76434, maxagof) leaked databases of crypto users across Germany, Australia, France, Canada, and Greece.+4
  • Israeli Visa Application Center (India): CaptainSmok3r claimed to sell applicant data (passports, reference numbers) from major Indian processing centers.
  • French National Assembly: Eliasxy allegedly leaked a database tied to the French National Assembly via datan.fr.+1

Industrial and Critical Infrastructure Risks

  • Italian Drive Control Workstation: Z-PENTEST ALLIANCE claimed unauthorized access to a Windows 11 workstation managing industrial electric drives, allowing them to view and modify generator parameters.
  • Italian Thermal/Hydraulic System: NoName057(16) claimed access to a control system managing thermal circuits, gaining real-time visibility into pumps and coolant flow.+3
  • Romanian Network Infrastructure: Infrastructure Destruction Squad claimed access to a centralized server in Romania used to manage large-scale virtualized environments and virtual network devices.
  • Israeli Groundwater Pump System: Infrastructure Destruction Squad claimed unauthorized access to the Israeli groundwater pump management system.+3

Conclusion

The cyber threat activity observed on February 23, 2026, highlights a highly fragmented but aggressive landscape. Data breaches remain the most utilized method for financial gain, with actors frequently selling large datasets of PII and corporate data on open web forums. Furthermore, the dataset reveals a distinct regional focus by specific groups—such as NyxarGroup in Colombia and A K U L A v 2 . 2 in Iraq—indicating that localized campaigns are a significant component of the broader threat ecosystem. Finally, unauthorized access to critical infrastructure in Italy, Romania, and Israel underscores severe systemic vulnerabilities in industrial control systems and centralized networks.+4

Detected Incidents Draft Data

  1. Alleged sale of unauthorized admin access to an unidentified store
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified online store in USA.
    Date: 2026-02-23T23:44:16Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276720/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/872983c0-95ae-4e91-84d4-68b7597d77bf.png
    https://d34iuop8pidsy8.cloudfront.net/9cc0795e-8adc-40ea-8e0a-e3ce5bc487e8.png
    Threat Actors: ParanoiaDe
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  2. Alleged leak of Fresh Databases from Multiple Countries
    Category: Data Breach
    Content: The threat actor sale of newly compiled fresh databases. The seller claims to update the data regularly and offers 5,000–10,000 records as samples. The databases reportedly include records from the United States, Japan, Canada, Taiwan, and mixed-country datasets.
    Date: 2026-02-23T23:03:00Z
    Network: openweb
    Published URL: https://bhf.pro/threads/719966/#post-7494270
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/10d6b365-9a24-4a2b-8e9a-c05fb9e9c6de.png
    Threat Actors: JoeData
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  3. Alleged data breach of Unis-Cité
    Category: Data Breach
    Content: A threat actor claims to leaked a 40GB of data allegedly compromised from Unis-Cité. Allegedly Extracted Data Fields ,Full name,Address (multiple address lines),Phone number,Email address,Mission start & end dates,Termination reason,Program participation details,Internal change logs,Banking-related references.
    Date: 2026-02-23T22:35:33Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-FR-40GO-Unis-Cite-CNI-PICTURE
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f66220ee-62f3-46e2-b6c0-0219a54d8c90.png
    Threat Actors: DumpSec
    Victim Country: France
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: unis-cité
    Victim Site: uniscite.fr
  4. Alleged Sale of Unauthorized Admin Access to a WordPress Store in Italy
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized admin access to a WordPress Store in Italy, which includes full admin access.
    Date: 2026-02-23T22:35:16Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276760/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/00b24fb3-6b52-40f5-acdb-492c387c8ee2.png
    Threat Actors: Shopify
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  5. Alleged Sale of Unauthorized Admin Access to a WordPress Store in France
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized admin access to a WordPress Store in France, which includes full admin access.
    Date: 2026-02-23T22:32:15Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276759/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4413412f-2d62-41d3-b924-865410cb5ca4.png
    Threat Actors: Shopify
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  6. HellR00ters Team targets the website of Deva.E
    Category: Defacement
    Content: The Group claims to have defaced the website of Deva.E
    Date: 2026-02-23T21:51:37Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/1058
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/07e043b6-33b8-43f2-890c-58e0ba02dab0.jpg
    Threat Actors: HellR00ters Team
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: devainc.in
  7. Alleged leak of login credentials to Editorial System
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to Editorial System.
    Date: 2026-02-23T21:34:51Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3082
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/23ddb3e7-2a96-4a1e-a4a7-5f04c26d0f7a.png
    Threat Actors: B F R e p o V 4 F i l e s
    Victim Country: Poland
    Victim Industry: Information Services
    Victim Organization: editorial system
    Victim Site: editorialsystem.com
  8. Alleged leak of login credentials to ESTO
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to ESTO
    Date: 2026-02-23T21:34:48Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3085
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eaed674d-389f-4ec8-ad7d-f964c85cb50a.jpg
    Threat Actors: BFRepoV4Files
    Victim Country: Mexico
    Victim Industry: Newspapers & Journalism
    Victim Organization: esto
    Victim Site: development.new.esto.com
  9. Alleged leak of login credentials to SciFed
    Category: Data Breach
    Content: he group claims to have leaked the login credentials to SciFed
    Date: 2026-02-23T21:13:30Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3080
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f9d6d210-f645-48fe-8f94-1b10d4ba7ccf.jpg
    Threat Actors: BFRepoV4Files
    Victim Country: India
    Victim Industry: Online Publishing
    Victim Organization: scifed
    Victim Site: scifed.editorialsystems.com
  10. Alleged leak of login credentials to The Commons
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to The Commons
    Date: 2026-02-23T21:12:54Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3079
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7b9360fe-0638-46dc-8023-15e3aa0d86d4.png
    Threat Actors: B F R e p o V 4 F i l e s
    Victim Country: USA
    Victim Industry: Newspapers & Journalism
    Victim Organization: the commons
    Victim Site: commonsnews.org
  11. Alleged leak of login credentials to The Readers Club
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to The Readers Club
    Date: 2026-02-23T21:09:46Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3083
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/25c1e819-b6a3-4520-b0ac-4eaea91880bc.jpg
    Threat Actors: BFRepoV4Files
    Victim Country: Pakistan
    Victim Industry: Library
    Victim Organization: the readers club
    Victim Site: hereadersclub.com
  12. Alleged Data Breach of Odido Netherlands
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Odido Netherlands, alleging the exposure of nearly 21 million records containing sensitive information such as full names, physical addresses, email addresses, phone numbers, plaintext passwords, IBAN details, passport numbers, driver license numbers, and internal corporate data.
    Date: 2026-02-23T21:01:49Z
    Network: tor
    Published URL: http://toolatedhs5dtr2pv6h5kdraneak5gs3sxrecqhoufc5e45edior7mqd.onion/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/de3f46ab-e11d-4dbb-825f-b3e07d3dc35e.png
    Threat Actors: ShinyHunters
    Victim Country: Netherlands
    Victim Industry: Network & Telecommunications
    Victim Organization: odido netherlands
    Victim Site: odido.nl
  13. Alleged leak of login credentials to Arhitrade
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to Arhitrade
    Date: 2026-02-23T20:54:15Z
    Network: telegram
    Published URL: https://t.me/c/3667951656/3082
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3b15c626-fec3-4578-b7f9-95065e322ba8.jpg
    Threat Actors: BFRepoV4Files
    Victim Country: Croatia
    Victim Industry: Architecture & Planning
    Victim Organization: arhitrade
    Victim Site: arhitrade.com
  14. Alleged data leak of Private French IT Enterprise database
    Category: Data Breach
    Content: A threat actor claims to be selling a 5GB dataset allegedly exfiltrated from a private French IT enterprise. The data reportedly includes confidential IT training materials covering Microsoft Dynamics (AX, NAV, CRM), SQL Server administration, Windows Server virtualization,and project methodology.
    Date: 2026-02-23T19:49:32Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DOCUMENTS-5GB-Private-IT-enterprise-formation-leak
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1772f20e-85f6-44ae-bca8-beb63c98feb9.png
    Threat Actors: Draco22
    Victim Country: France
    Victim Industry: Information Technology (IT) Services
    Victim Organization: Unknown
    Victim Site: Unknown
  15. Alleged data breach of Andhra University
    Category: Data Breach
    Content: A threat actor claims to have leaked a database allegedly belonging to Andhra University, containing ~46K records. The exposed data including names, IDs, DOBs, phone numbers, emails, enrollment details, addresses, parental information, and student images/signatures.
    Date: 2026-02-23T19:42:08Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-India-Andhra-University-46k-record
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8cabbaa0-e09f-4755-b22d-e8de58ec2ce2.png
    Threat Actors: CrowStealer
    Victim Country: India
    Victim Industry: Higher Education/Acadamia
    Victim Organization: andhra university
    Victim Site: andhrauniversity.edu.in
  16. Alleged Unauthorized Access to Edulyst Ventures
    Category: Initial Access
    Content: A threat actor is advertising alleged unauthorized access to edulystventures.com, an India-based education/edtech platform.
    Date: 2026-02-23T19:40:24Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-India-edulystventures-com-access
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b7cd89c4-98fa-4ec3-acbe-8d7ff9d58d1d.png
    Threat Actors: blackwinter99
    Victim Country: India
    Victim Industry: E-Learning
    Victim Organization: edulyst ventures
    Victim Site: edulystventures.com
  17. Alleged Unauthorized Access to Oway Hotel Extranet
    Category: Initial Access
    Content: The threat actor is advertising alleged access to hotelextranet.oway.com.mm, which suggests potential unauthorized entry into a hotel extranet or booking management system.
    Date: 2026-02-23T19:27:10Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-hotelextranet-oway-com-mm-access
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/657522b2-7464-473c-9ce4-ccc24791d03f.png
    Threat Actors: blackwinter99
    Victim Country: Myanmar
    Victim Industry: Hospitality & Tourism
    Victim Organization: oway hotel extranet
    Victim Site: oway.com.mm
  18. Alleged data breach of Assemblée nationale
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly مرتبط with the French National Assembly via the datafr.fr platform. the exposed dataset may include government-related records, internal administrative data, and structured database files.
    Date: 2026-02-23T19:07:35Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Database-Assembl%C3%A9e-Nationale-France-datan-fr-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/561c925f-64a8-48ec-8ef8-844524d3cfb0.png
    https://d34iuop8pidsy8.cloudfront.net/e143f982-d7de-43b2-88e9-1748a01cc990.png
    https://d34iuop8pidsy8.cloudfront.net/db68891b-bf37-4077-9106-e29c42fda64b.png
    Threat Actors: Eliasxy
    Victim Country: France
    Victim Industry: Government & Public Sector
    Victim Organization: assemblée nationale
    Victim Site: assemblee-nationale.fr
  19. Alleged Data Leak of Germany Coinbase Crypto Data
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Coinbase crypto users in Germany.
    Date: 2026-02-23T18:53:45Z
    Network: openweb
    Published URL: https://leakbase.la/threads/germany-crypto-coinbase-database.49058/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bac44779-f584-480c-b45e-72735524dadd.png
    Threat Actors: mikaj63133
    Victim Country: Germany
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  20. Alleged Data Leak of Germany Ledger Crypto Data
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Ledger crypto users in Germany.
    Date: 2026-02-23T18:49:18Z
    Network: openweb
    Published URL: https://leakbase.la/threads/germany-ledger-crypto-data.49059/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/85994e46-5b53-4d9a-a86d-e9a3ac812f29.png
    Threat Actors: yafab43641
    Victim Country: Germany
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  21. Alleged Data Leak of Australia Coinbase Crypto Data
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Coinbase crypto users in Australia.
    Date: 2026-02-23T18:42:07Z
    Network: openweb
    Published URL: https://leakbase.la/threads/australia-coinbase-crypto-data.49054/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5139779f-d743-4569-985d-344b5995568c.png
    Threat Actors: motefi1788
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  22. Alleged Data Leak of France Coinbase Crypto Data
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Coinbase crypto users in France.
    Date: 2026-02-23T18:40:29Z
    Network: openweb
    Published URL: https://leakbase.la/threads/france-crypto-coinbase-data.49057/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e93445ce-5bb3-4e9d-8294-8c9719336d93.png
    Threat Actors: bacolo5655
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  23. Alleged Data Leak of Canada Coinbase Crypto Data
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Coinbase crypto users in Canada.
    Date: 2026-02-23T18:38:02Z
    Network: openweb
    Published URL: https://leakbase.la/threads/canada-coinbase-crypto-data.49055/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dd0e2ce4-2182-487a-bdfe-9d9ed14d7f61.png
    Threat Actors: mawog76434
    Victim Country: Canada
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  24. Alleged data leak of Coinbase User Database
    Category: Data Breach
    Content: The threat actor claims to be sharing or selling a dataset allegedly related to Coinbase users across multiple countries, including Australia, Canada, France, and Greece.
    Date: 2026-02-23T18:33:28Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-AU-CA-FR-GR-Crypto-Coinbase-Data
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6e169ba9-d68c-488a-a71c-ee904dc59ff0.png
    Threat Actors: maxagof
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  25. Alleged data breach of Israeli Visa Application Center in India
    Category: Data Breach
    Content: The threat actor claims to be selling a database allegedly sourced from israelvisa.in, described as an official visa application service portal for Israeli visas in India. the leaked dataset reportedly contains personal information of visa applicants from major Indian processing centers including Delhi, Bengaluru, and Mumbai. The exposed data allegedly includes applicant names, passport numbers, dates of birth, email addresses, phone numbers, physical addresses, visa categories, reference numbers, and application metadata.
    Date: 2026-02-23T18:21:42Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Selling-Israeli-Visa-Applicant-Data-from-israelvisa-in-Delhi-Bengaluru-Mumbai-Branches
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/afd163e8-5551-442b-abda-9e20d75925eb.png
    https://d34iuop8pidsy8.cloudfront.net/76718de4-82ca-495a-afbe-2f65a15d9208.png
    Threat Actors: CaptainSmok3r
    Victim Country: India
    Victim Industry: Government & Public Sector
    Victim Organization: israeli visa application center
    Victim Site: israelvisa.in
  26. Alleged Sale of Google Gmail accounts
    Category: Data Breach
    Content: Threat Actor claims to be selling Gmail accounts created without phone number verification, offering bulk purchases with a minimum order of 10 accounts.
    Date: 2026-02-23T18:19:47Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276738/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b96d4da0-e7b2-4009-bd49-213ab0405af4.png
    Threat Actors: thestarlight
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. Alleged Sale of AWS SMTP API Access
    Category: Initial Access
    Content: Threat Actor claims to be selling hacked AWS SMTP API access associated with multiple services including SendGrid, Amazon AWS, Biglobe, Nifty, and Mailgun.
    Date: 2026-02-23T17:57:22Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276724/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/859d4ef4-a65b-4f95-8e80-b18a136ee0f4.png
    Threat Actors: Endless_
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  28. Alleged data breach of Olympique de Marseille (OM)
    Category: Data Breach
    Content: The threat actor claims to be selling a database allegedly belonging to Olympique de Marseille (OM), a French Ligue 1 football club. the dataset reportedly contains information on over 400,000 accounts, including full personally identifiable information (PII), customer orders, loyalty program data, and staff email details.the exposed data includes names, email addresses, dates of birth, genders, phone numbers, and full addresses. Additional details allegedly include order histories, account statuses, wishlist data, loyalty tiers and card codes, and social login metadata.
    Date: 2026-02-23T17:42:54Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-OM-Data-Breach-2026-400K-Account-Full-PII-Orders-Loyalty-Staff-Emails
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8de5f0aa-c59c-4b7e-94c2-0fbb1fe471a0.png
    https://d34iuop8pidsy8.cloudfront.net/63fe385e-9b87-4ca8-80c8-78a4107dcedc.png
    Threat Actors: 84City
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: olympique de marseille (om)
    Victim Site: om.fr
  29. Alleged Leak of Indonesian Government DPRD Database
    Category: Data Breach
    Content: The threat actor claims to have leaked data allegedly associated with Indonesian government institutions, specifically referencing the DPRD (Regional People’s Representative Council) and judicial entities. the exposed data may include personal information such as names, national identification numbers (NIK), addresses, dates of birth, city or regional details, and official positions.
    Date: 2026-02-23T17:36:53Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DOCUMENTS-DATA-ON-THE-GOVERNMENT-OF-THE-INDONESIAN-DPRD-COURT-OF-APPOINTMENT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/037efbd5-2340-4b8a-bab5-7fbc090b883a.png
    Threat Actors: Shenira6core
    Victim Country: Indonesia
    Victim Industry: Government & Public Sector
    Victim Organization: Unknown
    Victim Site: Unknown
  30. Alleged Leak of French State Service Database
    Category: Data Breach
    Content: The threat actor claims to have leaked a collection of databases allegedly sourced from multiple French state services and public sector platforms. The datasets in JSON/CSV formats referencing government-related services such as employment, taxation, pensions, social benefits, and public administration portals
    Date: 2026-02-23T17:27:58Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-French-state-service
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/38ca1aa1-fd4f-4a5e-8daf-8a5b2ef32054.png
    Threat Actors: MoNkEySdAnCiNiNg
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  31. Alleged Sale of AMLCC Database in UK
    Category: Data Breach
    Content: Threat Actor claims to be selling a 138 GB UK database allegedly belonging to AMLCC. The dataset contains sensitive documents including driver licenses, passports, statements, and invoices.
    Date: 2026-02-23T17:22:32Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276733/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6563c950-4845-42ef-a650-1b132a316f36.png
    Threat Actors: reddgilburt
    Victim Country: UK
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  32. Alleged data leak of Claude Bernard University Lyon 1
    Category: Data Breach
    Content: The group claims to have leaked data from Claude Bernard University Lyon 1
    Date: 2026-02-23T16:48:32Z
    Network: telegram
    Published URL: https://t.me/Lun4risSec/17
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d3574985-35d4-402b-b6cb-311a7b40d302.jpg
    Threat Actors: LunarisSec
    Victim Country: France
    Victim Industry: Education
    Victim Organization: claude bernard university lyon 1
    Victim Site: univ-lyon1.fr
  33. EXADOS targets the website of Koh Tao Subdistrict Municipality
    Category: Defacement
    Content: The group claims to have defaced the website of Koh Tao Subdistrict Municipality.
    Date: 2026-02-23T16:41:54Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f769780c-05a8-4e17-8cfe-2bc9d5afed42.png
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: koh tao subdistrict municipality
    Victim Site: kohtao.go.th
  34. Alleged data breach of Sport 2000
    Category: Data Breach
    Content: The threat actor claims to be selling a database allegedly belonging to Sport 2000, a French sporting goods retailer. the dataset contains information on approximately 4,376,038 individuals. The exposed data reportedly includes last and first names, gender, email addresses, physical addresses, postal codes, phone numbers, loyalty card numbers, and account creation dates.
    Date: 2026-02-23T16:39:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Sport-2000-FR-2024
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8755ad3e-b674-4fda-a080-ba90b9fe85d2.png
    Threat Actors: authsso
    Victim Country: France
    Victim Industry: Sporting Goods
    Victim Organization: sport 2000
    Victim Site: sport2000.fr
  35. EXADOS targets the website of Laem Subdistrict Administrative Organization
    Category: Defacement
    Content: The group claims to have defaced the website of Laem Subdistrict Administrative Organization.
    Date: 2026-02-23T16:18:01Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0229477e-8bb6-4e6a-985c-3a71d03bffc8.png
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: laem subdistrict administrative organization
    Victim Site: leam.go.th
  36. Alleged unauthorized access to an unidentified centralized server and network simulation infrastructure in Romania
    Category: Initial Access
    Content: The group claims to have gained access to a centralized server and network simulation infrastructure in Romania, allegedly responsible for managing large-scale virtualized environments and critical computing resources. The system controls processors, memory, and storage allocation while running and monitoring multiple virtual network devices (routers, switches, and servers) used to simulate enterprise or ISP-level environments they claim that administrative interfaces allow remote configuration, monitoring, and management of the infrastructure
    Date: 2026-02-23T16:10:46Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3799
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d24a8a41-60b0-4e09-a411-188e80a73f7a.jpg
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: Romania
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  37. EXADOS targets the website of Microsoft Bing
    Category: Defacement
    Content: The group claims to have defaced the website of Microsoft Bing.
    Date: 2026-02-23T16:09:47Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6ea32c48-1cc8-49dd-b7d0-4236958b1e7a.png
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: microsoft bing
    Victim Site: bing.com
  38. EXADOS targets the website of Kalisa Subdistrict Administrative Organization
    Category: Defacement
    Content: The group claims to have defaced the website of Kalisa Subdistrict Administrative Organization
    Date: 2026-02-23T16:09:15Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/88430646-ed2f-408a-964c-7f5bebeb1b36.jpg
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: kalisa subdistrict administrative organization
    Victim Site: kalisa.go.th
  39. Alleged Sale of Unauthorized Admin Access to a WordPress Store in USA
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized admin access to a WordPress Store in USA.
    Date: 2026-02-23T16:01:54Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/276726/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bf562ae4-8d97-467e-9a35-2fd9d485b936.png
    Threat Actors: ParanoiaDe
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  40. EXADOS targets the website of Phrom Lok City Municipality
    Category: Defacement
    Content: The group claims to have defaced the website of Phrom Lok City Municipality
    Date: 2026-02-23T15:55:04Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e089d7cf-eb52-4e0a-a9c9-597d2dcbc3b7.jpg
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: phrom lok city municipality
    Victim Site: phatolocal.go.th
  41. Alleged sale of Email Checker & Mail Grabber Tool
    Category: Malware
    Content: The threat actor is advertising a software tool described as a universal email checker and mail grabber. The tool allegedly works with IMAP and Hotmail/MIX databases and is designed to verify email validity and extract attachments from inboxes and outboxes.
    Date: 2026-02-23T15:41:07Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Email-Checker-Mail-Grabber-Downloads-email-attachments-Parser-Seed-Phrase
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/513d0143-f006-42e6-ba4d-6906036db564.png
    https://d34iuop8pidsy8.cloudfront.net/0f1437fe-c9ce-4995-8dac-8bd8c20bd4a2.png
    Threat Actors: CyberPaladin
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  42. EXADOS targets the website of Phato Subdistrict Administrative Organization
    Category: Defacement
    Content: The group claims to have defaced the website of Phato Subdistrict Administrative Organization
    Date: 2026-02-23T15:27:53Z
    Network: telegram
    Published URL: https://t.me/EXA_DOS_KH/163
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/40561691-1d15-47d1-9002-d40a36719a45.jpg
    Threat Actors: EXADOS
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: phato subdistrict administrative organization
    Victim Site: phatolocal.go.th
  43. Alleged data leak of Ukraine Intelligence Database
    Category: Data Breach
    Content: The threat actor claims to have leaked intelligence data allegedly linked to the Defense Intelligence of Ukraine (DIU) and the CIA.
    Date: 2026-02-23T15:13:06Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DOCUMENTS-Intelligence-Data-DIU-CIA-Ukraine-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aa0100cf-cf62-4f3c-8e0c-e48e26863fc7.png
    Threat Actors: Shinyypro
    Victim Country: Ukraine
    Victim Industry: Defense & Space
    Victim Organization: Unknown
    Victim Site: Unknown
  44. Alleged data breach of Mondial Relay
    Category: Data Breach
    Content: Threat actor claims to have breached the 5M records of data from Mondial Relay. The compromised data includes personal information such as names, addresses, postal codes, email addresses, and transaction-related details.Note: it was previously breached by the threat actor DumpSec on December 27, 2025.
    Date: 2026-02-23T15:01:15Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-FR-Mondial-Relay-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ad972c88-40e3-49bc-a4bd-6f621ccdf1bc.png
    Threat Actors: DumpSec
    Victim Country: France
    Victim Industry: Transportation & Logistics
    Victim Organization: mondial relay
    Victim Site: mondialrelay.fr
  45. Alleged leak of login credentials to College of Physical Education and Sports Sciences
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Physical Education and Sports Sciences
    Date: 2026-02-23T14:58:32Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078117
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/86e8ad09-6dd4-469d-828c-6117182b5787.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Education
    Victim Organization: college of physical education and sports sciences
    Victim Site: cphe.tu.edu.iq
  46. Alleged Sale of Austria business data
    Category: Data Breach
    Content: Threat Actor claims to be selling 190,000 Austria business data.
    Date: 2026-02-23T14:54:34Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276713/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ad4f36d0-4553-4173-91a1-1adeafb8061d.png
    Threat Actors: Goldstones
    Victim Country: Austria
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  47. Alleged leak of login credentials to Federal Police Command
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Federal Police Command
    Date: 2026-02-23T14:50:57Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078111
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f61f317e-0c28-402f-b0ee-b13cac9de983.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: federal police command
    Victim Site: fpc-moi.gov.iq
  48. Alleged leak of login credentials to Raman company
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to Raman company.
    Date: 2026-02-23T14:27:12Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1079015
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/feab8672-f268-456f-9142-8616cf2748f3.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Manufacturing & Industrial Products
    Victim Organization: raman company
    Victim Site: ramanco.ir
  49. BABAYO EROR SYSTEM targets the website of PT Javira Media Famitech
    Category: Defacement
    Content: The Group claims to have defaced the website of PT Javira Media Famitech.
    Date: 2026-02-23T14:19:26Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/277
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/daa75e3a-03ff-450f-a52a-4bc453f816fe.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Indonesia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: pt javira media famitech
    Victim Site: javiramedia.famitech.qpon
  50. Alleged leak of login credentials to BinBaz.org.sa
    Category: Data Breach
    Content: The group claims to have leaked login credentials to BinBaz.org.sa
    Date: 2026-02-23T14:13:25Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1079101
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9bae1469-7c13-494a-a1b9-6b662184775d.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Religious Institutions
    Victim Organization: Unknown
    Victim Site: binbaz.org.sa
  51. Alleged leak of login credentials to Iraqi Ministry of Trade
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Iraqi Ministry of Trade
    Date: 2026-02-23T14:08:03Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078107
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/90acc2e2-0ec5-4862-bdfe-9a589e2d4df0.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: iraqi ministry of trade
    Victim Site: ht.iq
  52. BABAYO EROR SYSTEM targets the website of customer.digitalwebars.xyz
    Category: Defacement
    Content: The Group claims to have defaced the website of customer.digitalwebars.xyz
    Date: 2026-02-23T14:04:54Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/277
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/29c54dfe-8ddf-47a3-a11c-c4cac3b965f1.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: customer.digitalwebars.xyz
  53. HackHax announces operation Shortcircuit targeting Israel and Ukraine
    Category: Alert
    Content: The group claims to have announced the Shortcircuit operation targeting Israel and Ukraine.
    Date: 2026-02-23T13:59:55Z
    Network: telegram
    Published URL: https://t.me/c/2532678208/449
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/80380b4c-577f-488a-84d9-f87c2eee0578.png
    Threat Actors: HackHax
    Victim Country: Ukraine
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  54. BABAYO EROR SYSTEM targets the website of Billionaire Skin
    Category: Defacement
    Content: The Group claims to have defaced the website of Billionaire Skin.
    Date: 2026-02-23T13:40:55Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSysteam2/277
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/48b9abe6-65eb-4b37-8c36-f13bdd551ddd.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Nigeria
    Victim Industry: Cosmetics
    Victim Organization: billionaire skin
    Victim Site: billionairesskin.ng
  55. Alleged Sale of access to an unidentified leading South African telecom company
    Category: Initial Access
    Content: The threat actor claims to be selling access to an unidentified leading South African telecom company.
    Date: 2026-02-23T13:26:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-South-African-Leading-Telecom
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ecfa3982-e64c-4470-aae6-9ddaa6b01a9b.png
    Threat Actors: miyako
    Victim Country: South Africa
    Victim Industry: Network & Telecommunications
    Victim Organization: Unknown
    Victim Site: Unknown
  56. Alleged Unauthorized Access to Industrial Drive Control Workstation in Italy
    Category: Initial Access
    Content: The group claims that a member gained unauthorized access to an Italian operator’s Windows 11 workstation running GP-Viewer EX, a software application used to manage industrial electric drives. They attribute the access to weak password practices and insufficient network segmentation, alleging the ability to view and modify motor and generator parameters, with potential implications for operational stability and data security.
    Date: 2026-02-23T13:09:32Z
    Network: telegram
    Published URL: https://t.me/zpentestalliance/1092
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/835d60b7-7f1e-4816-8102-e9e7dac7c49c.png
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  57. Alleged Sale of access to an unidentified Argentine Manufacturing Company
    Category: Initial Access
    Content: The threat actor claims to be selling access to an unidentified Argentine Manufacturing Company.
    Date: 2026-02-23T13:01:50Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Argentina-Manufacturing-1-2B-Revenue
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/96c1ed6d-5995-4b00-bd00-7fe39e4e5583.png
    Threat Actors: miyako
    Victim Country: Argentina
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  58. Alleged data breach of Autonomous University of Chiapas
    Category: Data Breach
    Content: The threat actor claims to have breached 14,668 records from the Autonomous University of Chiapas, allegedly containing full names, phone numbers, personal Gmail addresses, domiciles, birth dates, and more.
    Date: 2026-02-23T12:56:25Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-DATABASE-M%C3%89XICO-UNIVERSIDAD-AUT%C3%93NOMA-DE-CHIAPAS-14-668
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6ba1807c-08bb-40c9-9ebe-41ae9cae3557.png
    Threat Actors: SpeakTeam
    Victim Country: Mexico
    Victim Industry: Education
    Victim Organization: autonomous university of chiapas
    Victim Site: unach.mx
  59. Allged data breach of Autonomous University of the State of Hidalgo
    Category: Data Breach
    Content: The threat actor claims to have breached 12,362 records from the Autonomous University of the State of Hidalgo, allegedly containing full names, phone numbers, personal Gmail addresses, domiciles, birth dates, and more.
    Date: 2026-02-23T12:53:44Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-DATABASE-M%C3%89XICO-UNIVERSIDAD-AUT%C3%93NOMA-DE-HIDALGO-12-362
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/79892974-c4f8-443d-94fd-ac88d71e8476.png
    Threat Actors: SpeakTeam
    Victim Country: Mexico
    Victim Industry: Education
    Victim Organization: autonomous university of the state of hidalgo
    Victim Site: en.uaeh.edu.mx
  60. Alleged leak of login credentials to MedOne
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to MedOne.
    Date: 2026-02-23T12:52:26Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078925
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/140afc99-c613-422d-8bc6-a0222a6b330e.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: medone
    Victim Site: medone.co.il
  61. Alleged sale of access to an unidentified shop in the USA, Georgia, and the EU.
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized administrative and database access to multiple unidentified shops in the USA, Georgia, and the EU.
    Date: 2026-02-23T12:51:16Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276709/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/470249ea-a23f-4d27-b5c2-6868e6100adb.png
    Threat Actors: savel987
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  62. Alleged sale of Facturan2
    Category: Data Breach
    Content: The group claims to be selling Facturan2.
    Date: 2026-02-23T12:40:22Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/350
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c433dfb8-c953-43fe-bd62-9482a92a0761.png
    Threat Actors: LEAK DATABASE
    Victim Country: Spain
    Victim Industry: Information Technology (IT) Services
    Victim Organization: facturan2
    Victim Site: facturan2.com
  63. Alleged sale of access to an unidentified shop in Ecuador
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized administrative and database access to multiple unidentified shops in Ecuador.
    Date: 2026-02-23T12:31:36Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276711/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9549bf6b-9b82-4f48-b225-94bbb7e0550d.png
    Threat Actors: savel987
    Victim Country: Ecuador
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  64. Alleged leak of login credentials to hop.zm.gov.lv
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to hop.zm.gov.lv
    Date: 2026-02-23T12:25:09Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078588
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2696bca5-42a7-4865-874f-3d173928bb33.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Latvia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: hop.zm.gov.lv
  65. Alleged sale of PARIAMAN CITY DISCOMINFO
    Category: Data Breach
    Content: The group claims to be selling PARIAMAN CITY DISCOMINFO.
    Date: 2026-02-23T12:24:41Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/350
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/09102c3f-7edd-475a-a688-0afd855d16e6.png
    Threat Actors: LEAK DATABASE
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: pariaman city discominfo
    Victim Site: pariamankota.go.id
  66. Alleged sale of Shala Setu
    Category: Data Breach
    Content: The group claims to be selling Shala Setu
    Date: 2026-02-23T12:21:11Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/350
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6d75bad8-caf8-4951-9126-c0c55df37590.png
    Threat Actors: LEAK DATABASE
    Victim Country: India
    Victim Industry: Government & Public Sector
    Victim Organization: shala setu
    Victim Site: shalasetu.com
  67. Alleged data breach of Shanghai Zhichu Instrument Co., Ltd.
    Category: Data Breach
    Content: Threat actor claims to have breached data of Shanghai Zhichu Instrument Co., Ltd.
    Date: 2026-02-23T12:19:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Shanghai-Zhichu-Partial-Data-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1252
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/729cc775-b526-45a1-8b59-e11e09d5c438.png
    Threat Actors: SnowSoul
    Victim Country: China
    Victim Industry: Biotechnology
    Victim Organization: shanghai zhichu instrument co., ltd.
    Victim Site: zhichushakers.com
  68. Alleged sale of OneIxchange
    Category: Data Breach
    Content: The group claims to be selling OneIxchange.
    Date: 2026-02-23T12:09:06Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/350
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/571fb845-1332-4795-9433-2595c060a392.png
    Threat Actors: LEAK DATABASE
    Victim Country: Singapore
    Victim Industry: Information Technology (IT) Services
    Victim Organization: oneixchange
    Victim Site: oneixchange.com
  69. Alleged Unauthorized Access to an Industrial Thermal and Hydraulic Control System in Italy
    Category: Initial Access
    Content: The group claims to have accessed an industrial control system in Italy responsible for managing thermal and hydraulic circuits, reportedly gaining real-time visibility into pumps, valves, heat exchange equipment, and parameters such as temperature, pressure, and coolant flow. They allege the ability to modify system settings and control logic, potentially affecting operational safety and infrastructure stability.
    Date: 2026-02-23T11:55:43Z
    Network: telegram
    Published URL: https://t.me/nnm05716english/1217
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dce73e4d-8b99-4f32-ac9c-328601bc4180.png
    Threat Actors: NoName057(16)
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  70. Alleged data breach of Shanghai Zhichu Biotechnology Co., Ltd.
    Category: Data Breach
    Content: Threat actor claims to have breached data of Shanghai Zhichu Biotechnology (Shanghai) Co., Ltd.
    Date: 2026-02-23T11:52:26Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Shanghai-Zhichu-Partial-Data-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1252
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fd109c9f-04e8-4498-92f6-01db6ba8039f.png
    Threat Actors: SnowSoul
    Victim Country: China
    Victim Industry: Biotechnology
    Victim Organization: shanghai zhichu biotechnology co., ltd.
    Victim Site: zhichusw.com
  71. Alleged sale of PayTop database
    Category: Data Breach
    Content: The group claims to be selling PayTop database.
    Date: 2026-02-23T11:40:04Z
    Network: telegram
    Published URL: https://t.me/c/2552217515/350
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3571ffbb-f0da-47a4-a393-cc3cbe4657f1.png
    Threat Actors: LEAK DATABASE
    Victim Country: France
    Victim Industry: Financial Services
    Victim Organization: paytop
    Victim Site: paytop.com
  72. Alleged sale of Microsoft registered emails
    Category: Data Breach
    Content: The group claims to be selling over 45,000 plus EDU email accounts.
    Date: 2026-02-23T11:11:40Z
    Network: telegram
    Published URL: https://t.me/redpinshop/11
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0656a7db-e148-4983-8740-b8fa8d24303e.png
    Threat Actors: r3dpin shop
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  73. Alleged sale of server access to Velio
    Category: Initial Access
    Content: The group claims to have gained server access to Velio.
    Date: 2026-02-23T10:49:45Z
    Network: telegram
    Published URL: https://t.me/redpinshop/18
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/332e6aad-3644-4f4d-a28d-633b73bdbe63.png
    Threat Actors: r3dpin shop
    Victim Country: UK
    Victim Industry: Leisure & Travel
    Victim Organization: velio
    Victim Site: velio.app
  74. Alleged sale of server access to kiber.bit.lt
    Category: Initial Access
    Content: The group claims to have gained server access to kiber.bit.lt.
    Date: 2026-02-23T10:38:55Z
    Network: telegram
    Published URL: https://t.me/redpinshop/19
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cd67b722-bcdb-4f75-b178-e932fa1b9bbd.png
    Threat Actors: r3dpin shop
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: kiber.bit.lt
  75. Alleged leak of login credentials to Har-Gal Salary
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to Har-Gal Salary.
    Date: 2026-02-23T10:31:21Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078431
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/358d3902-7296-4a9d-b72d-cf4881827538.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Other Industry
    Victim Organization: har-gal salary
    Victim Site: hargal.co.il
  76. Alleged sale of server access to ICT-West
    Category: Initial Access
    Content: The group claims to have gained server access to ICT-West.
    Date: 2026-02-23T10:21:01Z
    Network: telegram
    Published URL: https://t.me/redpinshop/20
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d315c1fe-a649-4dc3-89ca-55638413e10e.png
    Threat Actors: r3dpin shop
    Victim Country: Ukraine
    Victim Industry: Transportation & Logistics
    Victim Organization: ict-west
    Victim Site: ict.lviv.ua
  77. Alleged leak of login credentials to Federal Police Command
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Federal Police Command
    Date: 2026-02-23T10:16:50Z
    Network: openweb
    Published URL: https://fpc-moi.gov.iq
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f61f317e-0c28-402f-b0ee-b13cac9de983.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Government Administration
    Victim Organization: federal police command
    Victim Site: fpc-moi.gov.iq
  78. Alleged sale of unauthorized admin access to an unidentified security service organization
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified security service organization in USA.
    Date: 2026-02-23T10:15:43Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276702/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4c19be9f-5f8b-4d60-a258-1194fc32472f.png
    Threat Actors: Asian_Baddie
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  79. Alleged sale of access to unidentified shop in USA
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin and database access to an unidentified shop in USA.
    Date: 2026-02-23T10:10:38Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276696/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d0ebc6bb-b99e-47db-a5a4-2e2bc5c1bc85.png
    Threat Actors: savel987
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  80. DEFACER INDONESIAN TEAM targets the website of The Turning Point of Your Life
    Category: Defacement
    Content: The Group claims to have defaced the website of The Turning Point of Your Life.
    Date: 2026-02-23T10:04:46Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/325069d2-c15a-4d04-8976-b3fbb2c40a98.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Venezuela
    Victim Industry: Gaming
    Victim Organization: the turning point of your life
    Victim Site: elgirodetuvida.com
  81. Alleged leak of login credentials to College of Physical Education and Sports Sciences
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Physical Education and Sports Sciences
    Date: 2026-02-23T10:04:15Z
    Network: openweb
    Published URL: https://cphe.tu.edu.iq
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/86e8ad09-6dd4-469d-828c-6117182b5787.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Education
    Victim Organization: college of physical education and sports sciences
    Victim Site: cphe.tu.edu.iq
  82. Alleged data breach of YOUX
    Category: Data Breach
    Content: Threat actor claims to have breached YOUX, exfiltrating approximately 300 GB from 22 databases, affecting 444,538 borrowers and exposing personal information such as names, dates of birth, employment information etc.
    Date: 2026-02-23T09:53:45Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-YOUx-DRIVE-IQ-BREACH-REDUX-WORLD-S-DUMBEST-COMPANY-ALL-SIGNS-POINT-TO-YES
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9cd776a9-eae3-4fb4-b1bf-ee47700c7c9c.png
    https://d34iuop8pidsy8.cloudfront.net/724c6150-0d3d-4053-acfe-7b63fcea0db4.png
    https://d34iuop8pidsy8.cloudfront.net/96f7e973-b254-4268-a857-dd15d9c638a7.png
    https://d34iuop8pidsy8.cloudfront.net/4a3a2f09-a921-44b7-8828-5c0812d60b12.png
    Threat Actors: FulcrumSec
    Victim Country: Australia
    Victim Industry: Automotive
    Victim Organization: youx
    Victim Site: Unknown
  83. Alleged leak of login credentials to State Tourism Agency
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to State Tourism Agency.
    Date: 2026-02-23T09:51:21Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078502
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e0066633-42f6-41f3-898c-9726417ca68c.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Azerbaijan
    Victim Industry: Government Administration
    Victim Organization: state tourism agency
    Victim Site: turizm.gov.az
  84. DEFACER INDONESIAN TEAM targets the website of A Princesinha
    Category: Defacement
    Content: The Group claims to have defaced the website of A Princesinha.
    Date: 2026-02-23T09:44:49Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/37626a36-cfba-48de-b21c-a3eace014731.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Unknown
    Victim Industry: Online Publishing
    Victim Organization: a princesinha
    Victim Site: app.aprincesinha.com
  85. DEFACER INDONESIAN TEAM targets the website of ISAMOTOS
    Category: Defacement
    Content: The Group claims to have defaced the website of ISAMOTOS.
    Date: 2026-02-23T09:31:55Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b94e00ff-6008-4ad3-a7ee-fa8d66c55de0.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Unknown
    Victim Industry: Gambling & Casinos
    Victim Organization: isamotos
    Victim Site: oportunidadesisamotos.com
  86. Alleged data breach of DRIVE IQ
    Category: Data Breach
    Content: Threat actor claims to have breached DRIVE IQ, exfiltrating approximately 300 GB from 22 databases, affecting 444,538 borrowers and exposing personal information such as names, dates of birth, employment information etc.
    Date: 2026-02-23T09:22:09Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-YOUx-DRIVE-IQ-BREACH-REDUX-WORLD-S-DUMBEST-COMPANY-ALL-SIGNS-POINT-TO-YES
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4678b0db-c377-4b89-af74-c21877dd0179.png
    https://d34iuop8pidsy8.cloudfront.net/cee28160-1747-4b94-9b01-40d1248404f2.png
    https://d34iuop8pidsy8.cloudfront.net/fb7c0583-73d6-452b-9669-9ac93bbdcdae.png
    https://d34iuop8pidsy8.cloudfront.net/74c506c5-54a3-43a0-975d-3bc2b35d031c.png
    Threat Actors: FulcrumSec
    Victim Country: Australia
    Victim Industry: Automotive
    Victim Organization: drive iq
    Victim Site: driveiq.com
  87. DEFACER INDONESIAN TEAM targets the website of MI MARCA VIP
    Category: Defacement
    Content: The Group claims to have defaced the website of MI MARCA VIP
    Date: 2026-02-23T09:09:08Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/09b84f59-1c7e-4db6-9d52-4eb2e7e8cc8b.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: mi marca vip
    Victim Site: mimarca.vip
  88. Alleged leak of login credentials to Iraqi Ministry of Trade
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Iraqi Ministry of Trade
    Date: 2026-02-23T08:59:14Z
    Network: openweb
    Published URL: https://ht.iq
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/90acc2e2-0ec5-4862-bdfe-9a589e2d4df0.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: iraqi ministry of trade
    Victim Site: ht.iq
  89. DEFACER INDONESIAN TEAM targets the website of INVERACTIVOS
    Category: Defacement
    Content: The Group claims to have defaced the website of INVERACTIVOS.
    Date: 2026-02-23T08:52:07Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7047303a-0886-4b64-bcbb-d4924a0de5e5.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Unknown
    Victim Industry: Gambling & Casinos
    Victim Organization: inveractivos
    Victim Site: inveractive.com
  90. DEFACER INDONESIAN TEAM targets the website of Sorteos 444
    Category: Defacement
    Content: The Group claims to have defaced the website of Sorteos 444.
    Date: 2026-02-23T08:51:42Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9121b9d6-b7ca-4d8d-855c-52e369dc8cfe.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Unknown
    Victim Industry: Gaming
    Victim Organization: sorteos 444
    Victim Site: sorteos444.com
  91. DEFACER INDONESIAN TEAM targets the website of Hilton Fort Lauderdale Condos.
    Category: Defacement
    Content: The Group claims to have defaced the website of Hilton Fort Lauderdale Condos.
    Date: 2026-02-23T08:34:30Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d3808ada-bdad-44f4-bc81-80860c3d1f4a.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: USA
    Victim Industry: Real Estate
    Victim Organization: hilton fort lauderdale condos
    Victim Site: hiltonfortlauderdalecondos.com
  92. DEFACER INDONESIAN TEAM targets the website of LOTTOONE
    Category: Defacement
    Content: The Group claims to have defaced the website of LOTTOONE
    Date: 2026-02-23T08:22:07Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e7a96644-c432-4ea2-8697-0a6f17bc193c.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Thailand
    Victim Industry: Legal Services
    Victim Organization: lottoone
    Victim Site: lottoone.link
  93. Alleged leak of login credentials to ARAB INTERNATIONAL SCHOOLS
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to ARAB INTERNATIONAL SCHOOLS.
    Date: 2026-02-23T08:16:16Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078089
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1ae9f3b6-1f40-4960-99b4-377c4f9252eb.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Education
    Victim Organization: arab international schools
    Victim Site: eschool.arabschools.edu.sa
  94. DEFACER INDONESIAN TEAM targets the website of Camimoa Betania.
    Category: Defacement
    Content: The Group claims to have defaced the website of Camimoa Betania.
    Date: 2026-02-23T08:09:07Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1019
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2ef898a6-b629-4c79-8568-f82c33213a41.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Venezuela
    Victim Industry: Retail Industry
    Victim Organization: camimoa betania
    Victim Site: camimoabetania.com
  95. Alleged leak of login credentials to Uruk University
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to Uruk University.
    Date: 2026-02-23T07:42:38Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078146
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/600656e4-e0b7-4715-becb-d1b2020298dc.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Higher Education/Acadamia
    Victim Organization: uruk university
    Victim Site: uruk.edu.iq
  96. Alleged leak of login credentials to Omniya Al-Mustaqbal Exchange
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to Omniya Al-Mustaqbal Exchange
    Date: 2026-02-23T07:21:06Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078071
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1391d4af-5af9-4743-85d0-efa1f1f8552e.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Financial Services
    Victim Organization: omniya al-mustaqbal exchange
    Victim Site: omniat-almostaqbal.iq
  97. Alleged leak of login credentials to Baghdad International Airport
    Category: Data Breach
    Content: The group claims to have leaked login credentials Baghdad International Airport
    Date: 2026-02-23T06:46:48Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078069
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/557bd861-1819-4590-9177-0e4b0c48f0d2.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Airlines & Aviation
    Victim Organization: baghdad international airport
    Victim Site: baghdadairport.gov.iq
  98. Alleged leak of login credentials to GINI Plus
    Category: Data Breach
    Content: he group claims to have leaked login credentials belonging to GINI.
    Date: 2026-02-23T06:31:36Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078027
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6059d2f0-ba37-4043-b735-426988d0f8bd.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Information Technology (IT) Services
    Victim Organization: gini
    Victim Site: gini.iq
  99. Alleged leak of login credentials to Jana Financial
    Category: Data Breach
    Content: The group claims to have leaked login credentials of Jana Financial
    Date: 2026-02-23T06:28:40Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1078025
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d22d4f89-38ef-464c-b216-4e36ca6b057a.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Financial Services
    Victim Organization: jana financial
    Victim Site: janafinancial.sa
  100. Alleged Data Breach of Universidad Cooperativa de Colombia
    Category: Data Breach
    Content: The threat actor claims to have breached the database Universidad Cooperativa de Colombia; the dataset includes student-related information, specifically photographs and student codes.
    Date: 2026-02-23T06:16:06Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-CO-50K-UCC-EDU-CO
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/60d8e508-e9e8-4fe6-8d41-4536e00734ca.png
    Threat Actors: NyxarGroup
    Victim Country: Colombia
    Victim Industry: Higher Education/Acadamia
    Victim Organization: universidad cooperativa de colombia (ucc)
    Victim Site: ucc.edu.co
  101. Alleged Data Breach of Universidad Industrial de Santander
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Universidad Industrial de Santander; the dataset contains academic and identity-related student data originating from the university’s systems.
    Date: 2026-02-23T06:11:04Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-CO-UIS-EDU-CO
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/494d546e-6821-47ef-a895-68667c4e843f.png
    Threat Actors: NyxarGroup
    Victim Country: Colombia
    Victim Industry: Higher Education/Acadamia
    Victim Organization: universidad industrial de santander (uis)
    Victim Site: uis.edu.co
  102. Alleged leak of login credentials to Al-Ghadeer
    Category: Data Breach
    Content: The group claims to have leaked login credentials belonging to Al-Ghadeer .
    Date: 2026-02-23T05:39:44Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1077979
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3fa41eb8-2a5b-4754-98ba-9deb2dea54b3.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Newspapers & Journalism
    Victim Organization: al-ghadeer
    Victim Site: alghadeertv.iq
  103. Alleged Data Breach of Alcaldía de Girón
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Alcaldía de Girón; the dataset contains confidential and financial information related to companies and citizens within the municipality.
    Date: 2026-02-23T04:50:38Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-CO-3-MILLION-GIRON-SANTANDER-GOV-CO
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/79812a07-b312-4504-8215-7c41561a968e.png
    Threat Actors: NyxarGroup
    Victim Country: Colombia
    Victim Industry: Government Administration
    Victim Organization: alcaldía de girón
    Victim Site: giron-santander.gov.co
  104. Alleged unauthorized access to Israeli system
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to the Israeli groundwater pump management and monitoring system.
    Date: 2026-02-23T04:20:18Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3796
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/52444ba8-7276-48d4-a134-0e0fc07f0ece.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: Israel
    Victim Industry: Energy & Utilities
    Victim Organization: Unknown
    Victim Site: Unknown
  105. Alleged unauthorized access to system in south Korea
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to system in south Korea.
    Date: 2026-02-23T03:45:39Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3797
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d71510e9-d096-4f61-bc06-755f886e111e.png
    https://d34iuop8pidsy8.cloudfront.net/a1fe24a1-a7aa-4deb-901f-5aa33e3e620f.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: South Korea
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  106. Alleged Data Breach of Agencia Pública de Empleo
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Agencia Pública de Empleo; the dataset contains the personally identifiable information and detailed employment profiles submitted by users through the platform.
    Date: 2026-02-23T01:25:55Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-CO-75K-AGENCIAPUBLICADEEMPLEO-SENA-EDU-CO
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e9476d13-ceae-43f2-8986-c4650c880180.png
    Threat Actors: NyxarGroup
    Victim Country: Colombia
    Victim Industry: Government Administration
    Victim Organization: agencia pública de empleo (sena)
    Victim Site: agenciapublicadeempleo.sena.edu.co
  107. Alleged Sale of US-Based AI Recruiting Platform Database
    Category: Data Breach
    Content: The threat actor claims to be selling the full database of a US-based AI recruiting platform; the dataset contains 784,000 candidate records and more than 1 million CRM contacts accessible via compromised Salesforce credentials.
    Date: 2026-02-23T00:57:38Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-AI-Recruiting-Platform-Full-DB-Live-Creds
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d4b136ec-72ab-47f2-b8ea-24f2dafca47b.png
    Threat Actors: luffyhack26
    Victim Country: USA
    Victim Industry: Staffing/Recruiting
    Victim Organization: Unknown
    Victim Site: Unknown
  108. Alleged access to Kampus guide
    Category: Initial Access
    Content: The group claims to have gained access to Kampus guide.
    Date: 2026-02-23T00:56:42Z
    Network: telegram
    Published URL: https://t.me/cincaughast6/5
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/415a78c9-2f75-4c45-b387-de07d5c43af6.png
    Threat Actors: CinCauGhast
    Victim Country: USA
    Victim Industry: Education
    Victim Organization: kampus guide
    Victim Site: answerhub.kampusguide.com
  109. Alleged sale of French commercial & corporate data room archive
    Category: Data Breach
    Content: Threat actor claims to be selling a large dataset allegedly containing French corporate records sourced from official registries, including shareholder meeting minutes, company statutes, KBis extracts, insolvency data, and supporting documents, totaling over 300K PDF files (~255GB uncompressed).
    Date: 2026-02-23T00:50:37Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/276635/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/be9dbd89-ef81-443d-bcce-d262ca0b6e1f.png
    https://d34iuop8pidsy8.cloudfront.net/9547dd44-6fc9-4296-8de9-7052c425a62e.png
    Threat Actors: zestix
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown

Related Posts