[March-1-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data. The threat landscape observed during this period is characterized by a high volume of diverse attacks, including critical infrastructure disruptions, massive data breaches, sophisticated malware sales, initial access brokering, and widespread hacktivist defacement campaigns. The data indicates highly active threat groups operating across global targets, with significant focus on the Middle East, the United States, and various European and Asian nations.

2. Critical Infrastructure Disruption & Advanced Access Threats

This section outlines incidents directly impacting critical infrastructure, as well as the sale of initial access and malware that enable such attacks.

2.1 Major Infrastructure Outages

AWS Middle East Disruption: Amazon Web Services (AWS) reported a major operational disruption in the ME-CENTRAL-1 (UAE) region following a localized power incident. The disruption was caused by objects striking a data center, which triggered a fire. Firefighters shut off power to Availability Zone mec1-az2, resulting in widespread service degradation across multiple AWS services. Customers experienced API failures, specifically impacting EC2 networking operations such as AllocateAddress, AssociateAddress, DescribeRouteTable, and DescribeNetworkInterfaces. AWS actively worked on restoration and mitigation, with full recovery expected to take several hours.

2.2 Initial Access Brokerage (IAB) Activity

Threat actors were highly active in selling or leaking unauthorized access to various systems:

USA Energy & Utilities: The threat actor “samy01” claimed to be selling unauthorized RDWeb and domain user access to multiple industries in the USA, specifically including the electricity and oil & gas sectors. The compromised infrastructure reportedly consists of 132 PCs and one domain controller, notably with CrowdStrike deployed as the active antivirus solution.
USA Aquatic Farm: The group “Z-PENTEST ALLIANCE” claimed to have leaked unauthorized access to an aquatic farm control system in the USA.
Indian Water Treatment Plant: The “Infrastructure Destruction Squad” claimed to have gained unauthorized access to the systems of the 19.51 MLD Water Treatment Plant project for Joda Municipality-OMBADC Chevrovx Water Corporation of Odisha (WATCO), India. The targeted plant reportedly provides services to approximately 130,000 residents. The actor stated they used the VoltRaptor tool to scan the compromised systems and determine the scope of propagation.
Israeli SCADA/PLC Systems: The “FAD Team” claimed unauthorized access to SCADA/PLC systems used for the remote control of wind turbines, alleging compromises of multiple industrial control systems in Israel and other countries they described as “normalization states”.
Iranian Infrastructure: The “404 CREW CYBER TEAM” claimed to conduct scanning activity against a network address allegedly associated with Iranian Undersea Cable Infrastructure. Furthermore, the same group claimed to have leaked unauthorized access to CCTV surveillance systems in Iran.
Malaysian Online Shop: The actor “AckLine” claimed to be selling access to a Malaysia-based Webmin panel associated with an online shop. The listing alleged access to approximately 3.07 million customer records (including UIDs, emails, hashed passwords, names, addresses, and phone numbers) and 2.93 million total orders.
Tunisian Legal Application: The threat actor “yukoxploit” claimed to be selling unauthorized admin access to a Tunisian lawyer mobile/web application. The compromised system reportedly involves 327 databases with HFSql level access. Additionally, this actor sold unauthorized SSH access to the Indian company Catloga.

2.3 Malware and Exploitation Tool Sales

Advanced LNK Builder: “CypherTeam” claimed to sell an “advanced LNK builder tool” designed to embed and deliver malicious payloads. The tool allegedly bypasses Windows Defender and AMSI protections. It includes features for payload obfuscation, custom command-line execution, resource embedding, secure scripting, and centralized campaign management. It supports multiple delivery formats and browser-based execution techniques, providing stealthy payload deployment for malicious intrusion operations.
RMS RAT: “Saruman777” claimed to sell the “RMS Remote Access Trojan (RAT)”. This malware is allegedly designed to leverage legitimate Remote Monitoring and Management (RMM) tools—such as NetSupport, ConnectWise, GoToResolve, DattoRMM, AteraAgent, and SimpleHelp—to establish stealthy access within targeted environments. The malware supports remote desktop monitoring, command execution, file transfer, persistence mechanisms, C2 communication, and lateral movement across networks using multiple delivery methods.
Infostealer Credential Attacks: A cybersecurity report detailed a large-scale attack campaign where threat actors utilized stolen credentials collected by infostealer malware to automate brute-force login attempts against corporate Single Sign-On (SSO) gateways, particularly F5 BIG-IP systems. The report highlighted that attackers are reusing real, harvested passwords rather than guessing them, emphasizing the need for robust multi-factor authentication.

3. Geopolitical Threat Landscape & Hacktivist Alerts

A significant portion of the observed data involves hacktivist groups issuing public alerts and claims of targeted campaigns, heavily focused on geopolitical conflicts in the Middle East.

Middle East and GCC Targeting:
- Handala Hack: Indicated intent to target all Middle Eastern countries , specifically noting Saudi Arabia as a next target.
- LulzSec Black: Claimed intent to target the UAE and all Gulf Countries, asserting they possess compromised documents and videos.
- THE GHOSTS IN THE MACHINE: Claimed that Jordan was under cyber attack and indicated they were targeting GCC countries. Further reports indicated Jordan faced imminent cyberattack threats potentially impacting airports, Hejaz Railways, banking, transport, and water supply systems.
- 313 Team: Stated intent to target Israel, Jordan, USA, Saudi Arabia, UAE, and Kuwait.
- APT IRAN: Claimed to be targeting multiple countries including Israel, America, Jordan, UAE, and Saudi Arabia.
- ALTOUFAN TEAM: Claimed to target Navy MWR Bahrain and Bahrain USA.
- Fatimion cyber team: Claimed to target the Bahrain Telecommunications Regulatory Authority.
Israel and United States Targeting:
- AnonGhost: Indicated they are targeting government databases, banking systems, and military communication networks in Israel and the USA.
- MAD GHOST: Claimed to be targeting Israel, USA, Saudi Arabia, and the UAE.
- Cyber Wolf: Claimed intent to target Israel and the USA.
- BABAYO EROR SYSTEM: Indicated they are targeting Israel and the USA.
- BD Anonymous: Claimed they are targeting Israel.
- Cyber Islamic resistance-Axis: Claimed to have carried out an attack targeting VigilAir drone detection systems in Israel, allegedly disabling the service and identifying the coordinates of five platforms.
- TFA Team: Claimed to target Zionist officials, politicians, and officers using hacked Zionist phone numbers to instill terror.
Other Geopolitical Alerts:
- Cyprus: “DieNet” indicated Cyprus could face potential cyberattacks amid regional tensions, specifically highlighting the island’s strategic importance due to the presence of British military bases.
- United Kingdom: “ALTOUFAN TEAM” claimed to target the SCA Group.
- United States Congressional Hack: A cyberattack hit email systems used by U.S. congressional staff working on House national security committees. Officials investigated this as a suspected Chinese cyber espionage operation detected in December, linked to the threat actor “Salt Typhoon,” which targeted staff overseeing China policy, foreign affairs, intelligence, and the military.

4. Comprehensive Data Breach Analysis

Data breaches constituted a massive volume of the reported incidents, spanning government, military, corporate, educational, and healthcare sectors globally.

4.1 Government, Military, and Defense Breaches

Israel:
- The “Russian Legion” claimed to have leaked data from the Israeli Ministry of Defense. The same group also claimed to have breached the servers of the Israel Defense Forces (IDF), compromising sensitive documents regarding communication equipment purchases, combat systems maintenance, and financing operations.
- “Investigation Anonymous” claimed to have leaked data belonging to Israeli Defense Force members, consisting of 775 kilobytes and 4513 lines of data including full names, ID numbers, contact details, roles, cities, and birth dates.
- “Jax7” claimed to have leaked a database allegedly associated with Israeli military-related entities.
- “FYNIX” claimed to have leaked data containing over 200 numbers of Israeli and American civilians and journalists.
- “Team Bangladesh cyber squad” claimed to have leaked a dataset belonging to Israel.
- “ShadowNex” claimed to leak a dataset containing 4,600 Israeli resident telephone numbers.
- “BABAYO EROR SYSTEM” claimed to have leaked approximately 3,300 records linked to individuals in Israel, including names, IP addresses, email addresses, and phone numbers.
- “Evil Markhors” claimed to have leaked a database of Israel Users.
Spain: “PoliceEspDoxedBF” claimed to have leaked personal data allegedly belonging to members of Spain’s National Security Council. Exposed records allegedly include full names, national identification numbers, phone numbers, email addresses, residential addresses, and dates of birth.
Indonesia: “TimeoRakin” leaked a database containing employee-related records of Indonesian government employees. “kyyzo” claimed to have leaked data from the North Barito Regency Government, containing 3,379 non-ASN personnel records. “CrowStealer” claimed to leak Indonesian Vehicle Registration Data containing 80,692 records including vehicle license plates, national IDs, and phone numbers. “Kim200p” claimed to leak a database of 2 million records from Indonesia, including names, addresses, tax numbers, and national IDs.
France: “ShinyHunters” claimed to have leaked the database from the Ministry of Agriculture and Food.
Norway: “Spirigatito” claimed to have breached 1,389,534 rows of data from the Cultural School Scene, Norway, containing IDs, full names, email addresses, phone numbers, and nationalities.
Iran: “ENTITY” claimed to have leaked the passport details of the former Shah of Iran, Mohammad Reza Pahlavi, and his wife.
Saudi Arabia: The “SYLHET GANG-SG” indicated they hacked the Saudi Ministry of Home Affairs HCM and Internal Management Systems.

4.2 Healthcare and Education Breaches

Higher Education:
- Morocco: “Anonymous Algeria” claimed to have breached 160,000 student and faculty records from Université Abdelmalek Essaâdi. The three databases contained email addresses, phone numbers, names, and ages.
- Mexico: “404 CREW CYBER TEAM” claimed to have breached data from the Universidad Nacional Autónoma de México, retrieving old files. “MagoSpeak” claimed to leak data from Universidad de Ciencias y Artes de Chiapas, including PII, academic records, and CURP codes.
- France: “ShinyHunters” claimed to leak the database from the University of Lille. “suicid” claimed to leak administrative mailing list directory information from Aix‑Marseille Université (AMU).
- Indonesia: “Maulnism1337” claimed to have breached the data of 5,000 students from the Health Polytechnic of the Ministry of Health, Surakarta.
Healthcare:
- China: “Tokyo0404” claimed to have leaked approximately 1.83 million COVID-19 vaccination records sourced from ndcc.cn (Jinan Putong), exposing ID numbers, full names, home addresses, health IDs, and vaccination timestamps.
- Pakistan: “Cyber-hacker” claimed to have leaked patient data related to the U.S. Embassy from the Shaheed Mohtarma Benazir Bhutto Institute of Trauma.

4.3 Corporate, Financial, and Commercial Breaches

The “ShinyHunters” Corporate Campaign: The threat actor “ShinyHunters” was exceptionally active, claiming data breaches and database leaks against several major global corporations, including:
- DreamUp (USA, Aviation & Aerospace)
- Eiffage (France, Building and construction)
- Loozap (Nigeria, E-commerce)
- Salesfloor (Canada, Software Development)
- OSAC Aero (France, Aviation & Aerospace)
- Adidas (Germany, Sporting Goods)
- Lacoste (France, Fashion & Apparel)
- Eni (Italy, Energy & Utilities)
Financial & Cryptocurrency Data:
- “lulzintel” claimed to possess a database linked to the TRA Project marketplace containing 35,000 user accounts and over 400,000 structured credit card records (including CVVs, BIN data, etc.).
- “ApexDev” sold freshly obtained credit card data sourced via a sniffer, primarily U.S.-based (95%), sold in fixed batches of 100.
- “aisdata” sold a database associated with Bitcoin IRA investment leads, containing 169,060 U.S. customer records including contact details and campaign identifiers.
- “shreder” claimed to have leaked alleged e-wallet data.
- “Angel_Batista” claimed to have breached 152.9 GB of data from EquityBrix Inc. (USA).
- “4 EXPLOITATION” claimed to be selling data from Prdhan Mantri Loan Yojana (India).
- “Sorb” claimed to leak data from the Canada Investors Club (previously breached in Dec 2024), containing business, user, and staff records.
- “Akatsuki cyber team” claimed to have hacked a Saudi Arabian website, stolen funds, and obtained data linked to over 50 PayPal accounts.
Corporate Data & Services:
- “Sorb” claimed to sell a 14.9 GB database from Joulestowatts Business Solutions Pvt Ltd (India), exposing personal and account details of users, employees, and job applicants, including encrypted passwords and resumes.
- “rythem” leaked over 13,000 reservation vouchers (many reportedly valid) associated with businesses in the UAE and Saudi Arabia.
- “jackdagger41” claimed to be selling a private eBay database.
- “AplaGroup” breached the administrative panel of Ayomi (France), exposing identity documents such as French National IDs (CNI), passports, and KBIS business records.
- “404 CREW CYBER TEAM” breached private files and backend infrastructure of Bastıyalı Tourism Operations Inc (Turkey) and leaked data from Hermosillo (Mexico).
- “888” leaked the Cornerstone source code from IDEXX Laboratories, Inc (USA).
- “NATION OF SAVIORS” leaked 21 GB of data from Baran Company Limited (Saudi Arabia).
- “HighRisk” claimed to have leaked data from Guidely (India) and [suspicious link removed].
- “toky019” leaked data from BE‑ATEX (France), exposing 2200 customer and 300 employer records.
- “suicid” leaked platform user account metadata and Discord member profiles from Operateur112 (France).
Gambling and Entertainment:
- “ufologistiks” leaked data from online casino player bases in Russia and Europe (2025-2026), exposing names, contacts, and casino platform information.
- “echo_party” claimed data leaks from Indonesian gambling sites Warung168 and Sikat88.
Other Data Sales:
- “omnimark777” sold a TikTok account with approximately 1.6 million followers.
- “HexDex” sold a housing application database containing 76,817 records.
- “jxq09” claimed to have leaked Japan Shopping Data.

5. Website Defacement Campaigns

Defacements were carried out by multiple distinct threat actors, primarily utilizing Telegram to publish their claims.

5.1 The “L4663R666H05T” UAE Campaign

The threat actor “L4663R666H05T” executed a highly concentrated defacement campaign heavily targeting the United Arab Emirates (UAE) and the broader region. Targets included:

Network Integrators (UAE, IT Services)
Junaid Jamshed (UAE, Textiles)
RC Corner Dubai (UAE, Retail)
WiWU (UAE, Electrical & Electronic Manufacturing)
Herome Beauty (UAE, Cosmetics)
Fabvariety.ae (UAE, E-commerce)
Wonderbooks.ae (UAE, E-commerce)
DCGPAC Trading Co. (UAE, Packaging)
Al Aswaq (UAE, E-commerce)
Tawreed.qa (Qatar, E-commerce)

5.2 The “BABAYO EROR SYSTEM” Campaign

This group executed defacements across multiple geographic regions:

The Compliance Consultant (Ireland, Financial Services)
Financial Logic Limited (Ireland, Financial Services)
Public Technological Higher Education Institute (Peru, Education)
fabtimesstores.com.ng (Unknown)
nature.xpartmart.top (Unknown)

5.3 Other Notable Defacements

Cyb3r Drag0nz: Defaced Israeli sites dly.co.il and Alon Margalit – Social Theater & Monologues.
INDOHAXSEC: Defaced message.co.il (Israel).
DEFACER INDONESIAN TEAM: Defaced Revolution Solar (USA) and TIAB Maskinuthyrning (Sweden).
FYNIX: Defaced Turk Press (Turkey).
IRANIAN HACKER: Defaced Dubai Luxe Leather (UAE).
Unknown Actors: Defaced the Geo Television Network (Pakistan) and targeted ARY News (Pakistan) with a cyberattack.
maulnism1337: Defaced educational institutions in Indonesia, including Jayakusuma College of Economics and Health Polytechnic of the Ministry of Health Surakarta.
TikusXploit: Defaced Birjhora Mahavidyalaya (India).
InDoM1nuS Team: Defaced Hi-Pro Technology (Zimbabwe).
EXADOS: Defaced Khet Udomsak Foundation (Thailand).

6. Strategic Conclusion

The data analyzed from March 1, 2026, reveals a highly volatile global cyber ecosystem driven by a convergence of financial motivation and intense geopolitical hacktivism.

Geopolitical Hotspots: A vast majority of alerts and targeted attacks (including defacements and data leaks) are heavily concentrated on the Middle East—specifically Israel, the UAE, Saudi Arabia, and Jordan—as well as the United States. Groups like Handala Hack, LulzSec Black, and AnonGhost are openly signaling widespread campaigns against government and military infrastructures in these regions.
Corporate Extortion and Mega-Breaches: The prolific activity of the ShinyHunters group demonstrates an ongoing, severe threat to massive global enterprises across sectors (aviation, construction, retail, energy). Concurrently, the sale of massive credit card databases, cryptocurrency leads, and PII on platforms like BreachForums highlights a thriving underground data economy.
Critical Infrastructure Vulnerability: The unauthorized access claims against US energy/oil & gas domains, Israeli SCADA systems, Iranian infrastructure, and Indian water treatment plants by Initial Access Brokers represent the highest tier of operational risk. These sales act as the precursors to devastating ransomware or sabotage events.
Operational Disruptions: The physical incident impacting the AWS UAE region underscores that service availability is not solely reliant on digital security, but also physical data center integrity.

Organizations must prioritize securing Single Sign-On (SSO) gateways against infostealer-harvested credential reuse, auditing Active Directory/RDP exposures, and preparing for geographically motivated DDoS or defacement campaigns.

Detected Incidents Draft Data

Cyb3r Drag0nz targets the website of dly.co.il
Category: Defacement
Content: The group claims to have defaced the website of dly.co.il
Date: 2026-03-01T23:55:38Z
Network: telegram
Published URL: https://t.me/c/3504564040/174
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/926b1ff6-1357-4494-b725-5783f6bf3cec.png
Threat Actors: Cyb3r Drag0nz
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: dly.co.il
Alleged data breach of Université Abdelmalek Essaâdi
Category: Data Breach
Content: The group claims to have breached 160,000 students data from Université Abdelmalek Essaâdi. The compromised data reportedly includes student and faculty files, and three databases containing information such as email addresses, phone numbers, names, and age
Date: 2026-03-01T23:51:04Z
Network: telegram
Published URL: https://t.me/anonymous_algeria_Original/3278
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2f27daa3-41c2-4f53-879b-a10dc5c8abb8.png
https://d34iuop8pidsy8.cloudfront.net/71e9a682-208f-42ce-9b46-4c0d83e42855.png
Threat Actors: Anonymous Algeria
Victim Country: Morocco
Victim Industry: Higher Education/Acadamia
Victim Organization: université abdelmalek essaâdi
Victim Site: master.uae.ac.ma
AWS UAE Region Disrupted by Major Power Outage
Category: Alert
Content: AWS reported a major operational disruption in the ME-CENTRAL-1 (UAE) region after a localized power incident caused by objects striking a data center and triggering a fire. Power to Availability Zone mec1-az2 was shut off by firefighters, resulting in widespread service degradation across multiple AWS services.Customers experienced API failures, including EC2 networking operations (AllocateAddress, AssociateAddress, DescribeRouteTable, DescribeNetworkInterfaces). AWS is working on restoration and mitigation, but full recovery is expected to take several hours.
Date: 2026-03-01T23:44:41Z
Network: openweb
Published URL: https://health.aws.amazon.com/health/status
Screenshots:
None
Threat Actors: Unknown
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: amazon web services
Victim Site: aws.amazon.com
INDOHAXSEC targets the website of message.co.il
Category: Defacement
Content: The group claims to have defaced the website of message.co.il
Date: 2026-03-01T23:36:39Z
Network: telegram
Published URL: https://t.me/IndoHaxSec3/58
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/953a91e3-b52c-4f68-90d3-27d735d335ae.png
Threat Actors: INDOHAXSEC
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: masav.message.co.il
Alleged data leak of Israeli ministry of defense
Category: Data Breach
Content: The group claims to have leaked data of Israeli ministry of defense.
Date: 2026-03-01T23:17:13Z
Network: telegram
Published URL: https://t.me/ruLegionn/171
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/63a43cdc-6fd1-49c0-92cf-1ea8fc125eb0.png
https://d34iuop8pidsy8.cloudfront.net/4c34ed85-1b65-4a78-9bfb-64373756d248.png
Threat Actors: Russian Legion
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown
Cyb3r Drag0nz targets the website of Alon Margalit – Social Theater & Monologues
Category: Defacement
Content: The group claims to have defaced the website of Alon Margalit – Social Theater & Monologues.
Date: 2026-03-01T23:15:14Z
Network: telegram
Published URL: https://t.me/c/3504564040/172
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/16cd100b-2538-45ba-9dfb-0ddeba108bfa.png
Threat Actors: Cyb3r Drag0nz
Victim Country: Israel
Victim Industry: Broadcast Media
Victim Organization: alon margalit – social theater & monologues
Victim Site: alonmargalit.co.il
Alleged data breach of Joulestowatts Business Solutions Pvt Ltd
Category: Data Breach
Content: The threat actor claims to be selling a database allegedly obtained from Joulestowatts Business Solutions Pvt Ltd. the dataset is described as approximately 14.9 GB in size and contains around 180 tables exported in CSV format. The data primarily includes information related to platform users, company employees, and job applicants. Allegedly exposed records are said to contain personal and account details such as email addresses, phone numbers, encrypted passwords, login activity logs, IP addresses, geographic data, employment information, resumes, and internal system metadata.
Date: 2026-03-01T22:17:50Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-Joulestowatts-Business-Solutions-Pvt-1400000
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/450cf542-d7d3-4a08-8052-092ba323f8f6.png
https://d34iuop8pidsy8.cloudfront.net/780d9dc4-c46a-429c-9b64-892ad97140e9.png
https://d34iuop8pidsy8.cloudfront.net/0f24bb70-f834-4241-b38a-15aac5b48e5a.png
https://d34iuop8pidsy8.cloudfront.net/ab9d7bbf-a231-479d-b147-ec3f05c877a0.png
Threat Actors: Sorb
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: joulestowatts business solutions pvt ltd
Victim Site: joulestowatts.com
Alleged data breach of Consejo de Seguridad Nacional
Category: Data Breach
Content: The threat actor claims to have leaked a personal data allegedly belonging to members of Spain’s National Security Council. The exposed records shown in the sample allegedly include sensitive personal details such as full names, national identification numbers, phone numbers, email addresses, residential addresses, and dates of birth.
Date: 2026-03-01T22:13:05Z
Network: openweb
Published URL: https://breachforums.as/Thread-SPAIN-CONSEJO-DE-SEGURIDAD-NACIONAL
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ca110c85-37a9-4a28-a816-9e4ca2a93848.png
https://d34iuop8pidsy8.cloudfront.net/d1d2c8a4-01ce-424c-8441-a79677cbdd4b.png
Threat Actors: PoliceEspDoxedBF
Victim Country: Spain
Victim Industry: Government & Public Sector
Victim Organization: consejo de seguridad nacional
Victim Site: dsn.gob.es
Alleged data leak of Israel Military Database
Category: Data Breach
Content: The threat actor claims to be leaked a database allegedly associated with Israeli military-related entities.
Date: 2026-03-01T22:01:48Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-DATABASE-MILITARY-ISRAEL–189894
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f9d11f4a-fc1c-452b-a6d5-528a33f04695.png
Threat Actors: Jax7
Victim Country: Israel
Victim Industry: Military Industry
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of E-wallet
Category: Data Breach
Content: The threat actor claims to have be leaked alleged e-wallet data
Date: 2026-03-01T21:54:20Z
Network: openweb
Published URL: https://breachforums.in/threads/e-wallet-leaks-for-2027.938/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e2d7e8f3-3c16-44c7-a96c-d402a75a8dac.png
Threat Actors: shreder
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of The Compliance Consultant
Category: Defacement
Content: The group claims to have defaced the website of The Compliance Consultant.
Date: 2026-03-01T21:50:39Z
Network: telegram
Published URL: https://t.me/c/3716986899/154
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/25b7ac53-2b7a-4a43-948a-2165b3e8490d.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Ireland
Victim Industry: Financial Services
Victim Organization: the compliance consultant
Victim Site: thecomplianceconsultant.ie
Alleged data leak of Crypto Currency Bitcoin IRA Database
Category: Data Breach
Content: The threat actor claims to be selling a database allegedly associated with Bitcoin IRA–related cryptocurrency investment leads. the dataset reportedly contains approximately 169,060 customer records, primarily from the United States. The exposed information is said to include personal and contact details such as first and last names, email addresses, phone numbers, IP addresses, country data, and campaign identifiers linked to cryptocurrency IRA inquiries.
Date: 2026-03-01T21:46:02Z
Network: openweb
Published URL: https://xss.pro/threads/146213/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8ca5dc16-baf9-4367-95a2-2c66250b3baa.png
Threat Actors: aisdata
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Israeli and American civilians and journalists
Category: Data Breach
Content: The group claims to have leaked data containing more than 200 numbers of Israeli and American civilians and journalists
Date: 2026-03-01T21:45:08Z
Network: telegram
Published URL: https://t.me/c/2691463074/218
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1c888793-a921-41f5-a89c-f2e5edaf1055.jpg
Threat Actors: FYNIX
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of Financial Logic Limited
Category: Defacement
Content: The group claims to have defaced the website of Financial Logic Limited
Date: 2026-03-01T21:42:38Z
Network: telegram
Published URL: https://t.me/c/3716986899/154
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b0ebe433-bd68-42bb-8a52-1e8a82724962.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Ireland
Victim Industry: Financial Services
Victim Organization: financial logic limited
Victim Site: financiallogic.ie
Alleged leak of Israel data
Category: Data Breach
Content: The group claims to have leaked dataset belonging to Israel
Date: 2026-03-01T21:16:19Z
Network: telegram
Published URL: https://t.me/teambcs404/314
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5d3a9550-2e95-431c-aa42-b94be2cd669e.jpg
Threat Actors: Team Bangladesh cyber squad
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of TRA Project
Category: Data Breach
Content: The threat actor claims to have a database allegedly linked to the TRA Project marketplace. the dataset reportedly contains approximately 35,000 user accounts and more than 400,000 listed credit card records. The exposed information is said to include user login details, contact information, account metadata, and structured financial records such as card numbers, expiration dates, CVV values, cardholder names, billing addresses, email addresses, phone numbers, issuing bank details, BIN data, and card type classifications.
Date: 2026-03-01T20:46:04Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-TRA-Project-shel-bz-shop-400K-CC
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dff88116-72bc-4073-8ea1-b3b1e3e4ec72.png
https://d34iuop8pidsy8.cloudfront.net/b1af55fb-2bce-4692-855e-4cae4b33cbe2.png
Threat Actors: lulzintel
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Advanced LNK Builder
Category: Malware
Content: Threat Actor claims to be selling a malware called advanced LNK builder tool designed to embed and deliver malicious payloads while allegedly bypassing Windows Defender and AMSI protections. It includes features such as payload obfuscation, custom command-line execution, resource embedding, secure scripting, and centralized campaign management. The tool supports multiple delivery formats, browser-based execution techniques, and integrated distribution methods. The tool provides stealthy payload deployment and defense evasion, potentially enabling malicious intrusion and malware distribution operations.
Date: 2026-03-01T20:43:34Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277310/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7990de69-20a3-4566-af0e-325a21b0344e.png
Threat Actors: CypherTeam
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of RMS RAT
Category: Malware
Content: Threat Actor claims to be selling a malware called RMS Remote Access Trojan (RAT), allegedly designed to leverage legitimate Remote Monitoring and Management tools such as NetSupport, ConnectWise, GoToResolve, DattoRMM, AteraAgent, and SimpleHelp to establish stealthy and persistent access within targeted environments. The malware supports remote desktop monitoring, command execution, file transfer, persistence mechanisms, command-and-control (C2) communication, and lateral movement across corporate networks, and multiple delivery methods including droppers and scripts.
Date: 2026-03-01T20:35:44Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277309/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/877cdc91-ffb3-4bf4-85e4-1236bfa31ec0.png
Threat Actors: Saruman777
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
DEFACER INDONESIAN TEAM targets the website of Revolution Solar
Category: Defacement
Content: The group claims to have defaced the website of Revolution Solar
Date: 2026-03-01T20:32:18Z
Network: telegram
Published URL: https://t.me/c/2433981896/1120
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/62416462-8ee5-4df9-974c-ab4a62455be2.png
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: USA
Victim Industry: Energy & Utilities
Victim Organization: revolution solar
Victim Site: revolutionsolarny.com
Alleged Sale of Unauthorized RDWeb and Domain User Access to Multiple Industries in USA
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized RDWeb and domain user access to multiple industries in USA including electricity and oil & gas sector. The compromised infrastructure reportedly consists of 132 PCs and one domain controller, with CrowdStrike deployed as the active antivirus solution.
Date: 2026-03-01T20:20:30Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277300/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a9281de1-9a04-4512-bd03-55cf51ab5c4a.png
Threat Actors: samy01
Victim Country: USA
Victim Industry: Energy & Utilities
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Israeli Defense Force members
Category: Data Breach
Content: The group claims to have leaked data belonging to Israeli Defense Force members. The leaked data consists of 775kilobytes of data and 4513 lines which include Full names, ID numbers, contact details, roles, cities and birth dates.
Date: 2026-03-01T20:19:06Z
Network: telegram
Published URL: https://t.me/investigationAnonYmous0/13199
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f5f22f6d-ec11-4f32-b413-d2160274a37b.jpg
Threat Actors: Investigation Anonymous
Victim Country: Israel
Victim Industry: Military Industry
Victim Organization: israeli defense force
Victim Site: idf.il
DEFACER INDONESIAN TEAM targets the website of TIAB Maskinuthyrning
Category: Defacement
Content: The group claims to have defaced the website of TIAB Maskinuthyrning.
Date: 2026-03-01T20:16:35Z
Network: telegram
Published URL: https://t.me/c/2433981896/1120
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b1605612-8fb0-4b30-976b-6091ebe76778.png
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Sweden
Victim Industry: Business Supplies & Equipment
Victim Organization: tiab maskinuthyrning
Victim Site: tiab-maskin.se
Alleged sale of fresh CCs
Category: Data Breach
Content: The threat actor claims to be selling freshly obtained credit card (“CC”) data allegedly sourced directly via a sniffer. the dataset reportedly consists primarily of U.S.-based card records (approximately 95%) and is being sold in fixed batches of 100, priced at 12 per card.
Date: 2026-03-01T20:12:38Z
Network: openweb
Published URL: https://xss.pro/threads/146211/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/815bd202-b267-49ee-a2d4-c2e9698d9081.png
Threat Actors: ApexDev
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged data Leak of 4,600 Israeli Resident Phone Numbers
Category: Data Breach
Content: A threat actor claims to be leaking a dataset allegedly containing 4,600 Israeli resident telephone numbers.
Date: 2026-03-01T20:02:41Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-4600-Israeli-Resident-Telephone-Numbers
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/41de9df3-6d75-474c-99b4-160cdd8a49ea.png
Threat Actors: ShadowNex
Victim Country: Israel
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of TikTok Account with 1.6 Million Followers
Category: Data Breach
Content: Threat Actor claims to be selling a TikTok account with approximately 1.6 million followers and 41.5 million likes.
Date: 2026-03-01T18:59:32Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277298/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b6d1ce33-655a-406f-a81a-b820172e524e.png
Threat Actors: omnimark777
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Leak of 13000 Reservation Vouchers in UAE and Saudi Arabia
Category: Data Breach
Content: Threat Actor claims to have leaked more than 13,000 reservation vouchers allegedly associated with businesses in UAE and Saudi Arabia, including hotels, restaurants, car rentals, entertainment venues, and medical services. The dataset contains customer names, email addresses, and unique voucher codes, with vouchers issued between 2013 and 2026, including many that are reportedly still valid and usable.
Date: 2026-03-01T18:54:29Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/277292/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/07b6b868-260e-4454-9232-5083fc39a243.png
https://d34iuop8pidsy8.cloudfront.net/12a77485-5359-4f3d-8c20-be2577d59634.png
Threat Actors: rythem
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
FYNIX targets the website of Turk Press
Category: Defacement
Content: The threat actor claims to have defaced the website of Turk Press
Date: 2026-03-01T18:50:35Z
Network: telegram
Published URL: https://t.me/c/2691463074/209
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ba94780d-66ac-4730-bb76-4621cf5523e3.png
Threat Actors: FYNIX
Victim Country: Turkey
Victim Industry: Online Publishing
Victim Organization: turk press
Victim Site: turkpress.co
claims to target Israel and USA
Category: Alert
Content: A recent post by the group indicates that they are targeting Government databases, Banking systems and Military communication networks in Israel and USA
Date: 2026-03-01T18:47:07Z
Network: telegram
Published URL: https://t.me/c/1806562122/14360
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d5c5b39d-2a05-46b1-85ce-452f9b9e53c4.jpg
Threat Actors: AnonGhost
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Government of Indonesia
Category: Data Breach
Content: The threat actor claims to be leaked a database containing information on Indonesian government employees. the dataset includes employee-related records .
Date: 2026-03-01T18:28:08Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-INDONESIA-Goverment-Employee-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/66df939b-75ad-44e6-a97e-5a786b4a3899.png
Threat Actors: TimeoRakin
Victim Country: Indonesia
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Fatimion cyber team claims to target Bahrain Telecommunications Regulatory Authority
Category: Alert
Content: A recent post by the group claims that they are targeting Bahrain Telecommunications Regulatory Authority
Date: 2026-03-01T18:26:52Z
Network: telegram
Published URL: https://t.me/hak994/4847
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fb817d47-01de-4615-9369-a91d66d4da73.jpg
Threat Actors: Fatimion cyber team
Victim Country: Bahrain
Victim Industry: Network & Telecommunications
Victim Organization: bahrain telecommunications regulatory authority
Victim Site: tra.org.bh
BD Anonymous claims to target Israel
Category: Alert
Content: A recent post by the group claims that they are targeting Israel.
Date: 2026-03-01T18:12:03Z
Network: telegram
Published URL: https://t.me/httpstmeVI8Cr1np5kxhyjd9/43
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f3fe49ce-ff88-4633-83ca-94b7261a3bca.png
Threat Actors: BD Anonymous
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to Joda Municipality Water Treatment Plant Systems
Category: Initial Access
Content: Threat actor claims to have gained unauthorized access to the systems of the 19.51 MLD Water Treatment Plant project for Joda Municipality-OMBADC Chevrovx Water Corporation of Odisha (WATCO). The actor states that the VoltRaptor tool was used to scan the compromised systems and determine the scope of propagation. The targeted plant reportedly provides services to approximately 130,000 residents.
Date: 2026-03-01T18:10:38Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3839
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c5dfe437-7467-4252-bf6d-9c615d58631f.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
SYLHET GANG-SG claims to target Saudi Ministry of Home Affairs HCM and Internal Management Systems.
Category: Cyber Attack
Content: A recent post by the group indicates that they have hacked Saudi Ministry of Home Affairs HCM and Internal Management Systems.
Date: 2026-03-01T18:07:24Z
Network: telegram
Published URL: https://t.me/SylhetGangSG1/7468
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/685f0ae7-7a7f-4087-a6a0-81d4d394f72f.jpg
Threat Actors: SYLHET GANG-SG
Victim Country: Saudi Arabia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cyberattack hits ARY News
Category: Cyber Attack
Content: News regarding a cyberattack targeting ARY News has emerged.
Date: 2026-03-01T17:59:48Z
Network: telegram
Published URL: https://t.me/OsintTV/40697
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3eb169cc-a422-41a4-ad47-64adaea036b2.jpg
Threat Actors: Unknown
Victim Country: Pakistan
Victim Industry: Network & Telecommunications
Victim Organization: ary news
Victim Site: arynews.tv
BABAYO EROR SYSTEM claims to target Israel and USA
Category: Alert
Content: A recent post by the group indicates that they are targeting Israel and USA
Date: 2026-03-01T17:56:08Z
Network: telegram
Published URL: https://t.me/c/3716986899/153
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b1a42cfd-1be3-4b33-9d41-d966dce53c9c.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
IRANIAN HACKER targets the website of Dubai Luxe Leather
Category: Defacement
Content: The threat actor claims to have defaced the website of Dubai Luxe Leather
Date: 2026-03-01T17:40:14Z
Network: openweb
Published URL: https://dubailuxeleather.com/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/acb48d46-b007-4a05-bfab-408d08350370.jpg
Threat Actors: IRANIAN HACKER
Victim Country: UAE
Victim Industry: Retail Industry
Victim Organization: dubai luxe leather
Victim Site: dubailuxeleather.com
Alleged data breach of eBay Inc
Category: Data Breach
Content: The threat actor claims to be selling a private eBay database.
Date: 2026-03-01T17:33:45Z
Network: openweb
Published URL: https://breachforums.as/Thread-EBay-private-dump
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ed04d8e5-fbbc-4cfa-8c97-fe9928af5c8a.png
Threat Actors: jackdagger41
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: ebay inc
Victim Site: ebay.com
Alleged unauthorized access to an unidentified SCADA/PLC systems in Israel
Category: Initial Access
Content: The group claims to have compromised SCADA/PLC systems used for remote control of wind turbines, alleging unauthorized access to multiple industrial control systems in Israel and other countries described as normalization states
Date: 2026-03-01T17:17:54Z
Network: telegram
Published URL: https://t.me/r3_6j/1780
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/33029683-6347-4411-9a9f-0766e616ba83.jpg
Threat Actors: FAD Team
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Geo Television Network suffers Defacement
Category: Defacement
Content: A recent cyber incident involved the defacement of Geo Television Network of Pakistan
Date: 2026-03-01T16:53:22Z
Network: telegram
Published URL: https://t.me/OsintTV/40691
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d16ebbef-7494-4ff6-96d1-ab9fcfadf0b0.jpg
Threat Actors: Unknown
Victim Country: Pakistan
Victim Industry: Network & Telecommunications
Victim Organization: geo television network
Victim Site: geo.tv
BABAYO EROR SYSTEM targets the website of Public Technological Higher Education Institute
Category: Defacement
Content: The threat actor claims to have defaced the website of Public Technological Higher Education Institute.
Date: 2026-03-01T16:20:21Z
Network: telegram
Published URL: https://t.me/c/3716986899/146
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b658f2a0-57c7-48ea-b115-515226f11265.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Peru
Victim Industry: Education
Victim Organization: public technological higher education institute
Victim Site: iestptrt.edu.pe
Alleged data breach of Ayomi
Category: Data Breach
Content: The threat actor claims to have breached Ayomi and allegedly gained access to the company’s administrative panel for several months. According to the post, the compromised data reportedly includes identity documents such as CNI (French National ID), passports, KBIS documents, and other business registration records.
Date: 2026-03-01T16:19:59Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-ayomi-fr-Breached-CNI-PASSESPORT-KBIS-JDD
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f77ebc5c-26b6-4c88-bc38-cd37163101ec.png
Threat Actors: AplaGroup
Victim Country: France
Victim Industry: Financial Services
Victim Organization: ayomi
Victim Site: ayomi.fr
Alleged Leak of 1.83 Million COVID-19 Vaccination Records from Jinan Putong (ndcc.cn)
Category: Data Breach
Content: The threat actor claims to have leaked approximately 1.83 million COVID-19 vaccination records allegedly sourced from ndcc.cn. the exposed data includes ID numbers, full names, home addresses, health identification numbers, and vaccination timestamps.
Date: 2026-03-01T15:44:29Z
Network: openweb
Published URL: https://breachforums.as/Thread-%E6%B5%8E%E5%8D%97e%E8%8B%97%E9%80%9A-1-83M-Chinese-COVID-Vaxxers-Data-Breach
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/27d81e68-9369-49aa-ae00-ff231efece78.png
Threat Actors: Tokyo0404
Victim Country: China
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Bastıyalı Tourism Operations Inc
Category: Data Breach
Content: The group claims to have breached private files as well as backend infrastructure associated with Bastiyali including SQL backup paths, and asserts access to employee information and website systems.
Date: 2026-03-01T15:24:42Z
Network: telegram
Published URL: https://t.me/crewcyber/849
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/732d0cae-94b5-4157-abf1-aee19bd3433c.jpg
https://d34iuop8pidsy8.cloudfront.net/f124e60c-c2ba-41e9-a021-970be1d479db.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Turkey
Victim Industry: Hospitality & Tourism
Victim Organization: bastiyali group
Victim Site: bastiyali.com
Alleged data breach of IDEXX Laboratories, Inc
Category: Data Breach
Content: The threat actor claims to have leaked data from IDEXX Laboratories . the compromised data allegedly includes IDEXX Cornerstone source code.
Date: 2026-03-01T15:13:05Z
Network: openweb
Published URL: https://breachforums.as/Thread-SOURCE-CODE-IDEXX-Data-Breach-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d4067539-d00b-4334-8d0c-d87f6b2df6e4.png
Threat Actors: 888
Victim Country: USA
Victim Industry: Veterinary
Victim Organization: idexx laboratories, inc
Victim Site: idexx.com
Alleged leak of Israel data
Category: Data Breach
Content: The group claims to have leaked data containing approximately 3,300 records allegedly linked to individuals in Israel, stating that the dataset includes names, IP addresses, email addresses, and phone numbers.
Date: 2026-03-01T15:11:17Z
Network: telegram
Published URL: https://t.me/c/3716986899/140
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ad0ea043-60f7-4fb4-986e-a34c3a380f92.jpg
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
404 CREW CYBER TEAM claims to target Iranian Undersea Cable Infrastructure
Category: Alert
Content: The group claimed to conduct scanning activity against a network address allegedly associated with Iranian Undersea Cable Infrastructure
Date: 2026-03-01T15:08:42Z
Network: telegram
Published URL: https://t.me/crewcyber/850
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/879f7cc4-6847-4918-b0f4-6c9c65cd5026.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Z-BL4CX-H4T targets the website of Karnal International School
Category: Defacement
Content: The group claims to have defaced the website of Karnal International School.
Date: 2026-03-01T15:07:38Z
Network: telegram
Published URL: https://t.me/c/3027611821/427
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f42da770-3361-4264-aa57-5409ec2a4ac0.png
Threat Actors: Z-BL4CX-H4T
Victim Country: India
Victim Industry: Education
Victim Organization: karnal international school
Victim Site: kiskarnal.in
Alleged leak of personal data belonging to Mohammad Reza Pahlavi
Category: Data Breach
Content: The group claims to have leaked passport details of the former shah of Iran Mohammad Reza Pahlavi and his wife
Date: 2026-03-01T14:49:13Z
Network: telegram
Published URL: https://t.me/AGLegends/4336
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9ebc8e2a-f91f-4d9d-8106-353295edde77.jpg
Threat Actors: ENTITY
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data sale of housing application database
Category: Data Breach
Content: The threat actor claims to be selling a database containing 76,817 housing application records. The dataset reportedly includes personal, financial, etc.
Date: 2026-03-01T14:26:56Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-FR-76K-Housing-request
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e02c692c-a566-4054-b56d-1f78b0bb3a4c.png
https://d34iuop8pidsy8.cloudfront.net/8f8542c3-6d2c-46c2-b85f-89bc1e4666bb.png
Threat Actors: HexDex
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of North Barito Regency Government
Category: Data Breach
Content: The threat actor claims to be leaked data from North Barito Regency Government. The compromised data reportedly contain 3,379 personnel records.
Date: 2026-03-01T14:18:23Z
Network: openweb
Published URL: https://breachforums.as/Thread-DUMP-Database-Tenaga-Non-ASN-Kab-Barito-Utara-3-379-Records-Nama-NIK-Jabatan
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d1c9a1ec-3acd-4733-bb24-61768b7fbbe1.png
https://d34iuop8pidsy8.cloudfront.net/2957f7ee-99c2-48ba-b8be-92ea53ddbcb5.png
Threat Actors: kyyzo
Victim Country: Indonesia
Victim Industry: Government & Public Sector
Victim Organization: north barito regency government
Victim Site: baritoutarakab.go.id
Alleged data breach of Universidad Nacional Autónoma de México
Category: Data Breach
Content: The group claims to have breached data from Universidad Nacional Autónoma de México. They claims that they retrieved old files of the organization.
Date: 2026-03-01T13:58:55Z
Network: telegram
Published URL: https://t.me/crewcyber/836
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2559912-2f1d-4fed-b858-bf004d9a292d.jpg
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Mexico
Victim Industry: Education
Victim Organization: universidad nacional autónoma de méxico
Victim Site: unam.mx
Alleged data leak of Shaheed Mohtarma Benazir Bhutto Institute of Trauma
Category: Data Breach
Content: The group claims to have leaked patient data related to the U.S. Embassy from the Shaheed Mohtarma Benazir Bhutto Institute of Trauma.
Date: 2026-03-01T13:34:00Z
Network: telegram
Published URL: https://t.me/Cyberhacker13034/33846
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6bb91460-8b4f-4bd9-8d3d-596e8130be13.png
Threat Actors: Cyber-hacker
Victim Country: Pakistan
Victim Industry: Hospital & Health Care
Victim Organization: shaheed mohtarma benazir bhutto institute of trauma
Victim Site: smbbit.gos.pk
Alleged data breach of DreamUp
Category: Data Breach
Content: The group claims to have leaked the database from DreamUp.
Date: 2026-03-01T13:15:58Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/36e0afa2-94a1-4e11-9ba5-be5df844c973.png
Threat Actors: ShinyHunters
Victim Country: USA
Victim Industry: Aviation & Aerospace
Victim Organization: dreamup
Victim Site: dreamup.org
Alleged breach of Israel Defense Forces (IDF) servers
Category: Data Breach
Content: The group claims to have breached the servers of the IDF and compromised sensitive documents regarding the purchase of communication equipment, maintenance of combat systems, and financing operations.
Date: 2026-03-01T13:11:30Z
Network: telegram
Published URL: https://t.me/ruLegionn/163?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d5a91339-2acc-4de4-885d-b96ad20d74ee.png
https://d34iuop8pidsy8.cloudfront.net/3832ace7-3f15-46e4-ace6-9ea5d2f32619.png
Threat Actors: Russian Legion
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: israel defense forces
Victim Site: idf.il
Alleged data breach of Eiffage
Category: Data Breach
Content: The group claims to have leaked the database from Eiffage.
Date: 2026-03-01T13:08:01Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3709c432-a0ae-47ed-8b47-b0c2b6b3da72.png
Threat Actors: ShinyHunters
Victim Country: France
Victim Industry: Building and construction
Victim Organization: eiffage
Victim Site: eiffage.com
Alleged data breach of Loozap
Category: Data Breach
Content: The group claims to have leaked the database from Loozap.
Date: 2026-03-01T13:07:29Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8564e166-8a67-4bcc-824f-5191a4fa0894.png
Threat Actors: ShinyHunters
Victim Country: Nigeria
Victim Industry: E-commerce & Online Stores
Victim Organization: loozap
Victim Site: loozap.com
Alleged data breach of Salesfloor
Category: Data Breach
Content: The group claims to have leaked the database from Salesfloor.
Date: 2026-03-01T13:05:56Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3aadc699-62eb-49df-9644-a1ab8b5d1ec6.png
Threat Actors: ShinyHunters
Victim Country: Canada
Victim Industry: Software Development
Victim Organization: salesfloor
Victim Site: salesfloor.net
Alleged data breach of Ministry of Agriculture and Food
Category: Data Breach
Content: The group claims to have leaked the database from Ministry of Agriculture and Food.
Date: 2026-03-01T13:03:43Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e04960a0-584b-41aa-80c4-cba6e27b5884.png
Threat Actors: ShinyHunters
Victim Country: France
Victim Industry: Government & Public Sector
Victim Organization: ministry of agriculture and food
Victim Site: agriculture.gouv.fr
L4663R666H05T targets the website of Network Integrators
Category: Defacement
Content: Group claims to have defaced the website of Network Integrators.
Date: 2026-03-01T12:55:22Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795519
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c18fd64e-f31d-4ca7-9a5d-f29d27557c22.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Information Technology (IT) Services
Victim Organization: network integrators
Victim Site: networkintegrators.ae
maulnism1337 targets the website of Jayakusuma College of Economics
Category: Defacement
Content: The group claims to have defaced the website of Jayakusuma College of Economics
Date: 2026-03-01T12:54:57Z
Network: telegram
Published URL: https://t.me/maul1337anon/1124
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d87facee-716b-4433-b480-4c467338df63.png
Threat Actors: maulnism1337
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: jayakusuma college of economics
Victim Site: jurnal.stiejayakusuma.ac.id
Alleged data breach of OSAC Aero
Category: Data Breach
Content: The group claims to have leaked the database from OSAC Aero.
Date: 2026-03-01T12:52:15Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/27783a77-c917-452b-b840-3d098bf2bbb0.jpg
Threat Actors: ShinyHunters
Victim Country: France
Victim Industry: Aviation & Aerospace
Victim Organization: osac aero
Victim Site: osac.aero
L4663R666H05T targets the website of Junaid Jamshed
Category: Defacement
Content: Group claims to have defaced the website of Junaid Jamshed.
Date: 2026-03-01T12:51:29Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795497
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/07780f44-f419-46aa-a083-8e5eee7da4be.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Textiles
Victim Organization: junaid jamshed
Victim Site: junaidjamshed.ae
L4663R666H05T targets the website of RC Corner Dubai
Category: Defacement
Content: The group claims to have defaced the website of RC Corner.
Date: 2026-03-01T12:49:37Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795529
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5bd86860-4b7b-4bce-b29c-a02aaadd0087.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Retail Industry
Victim Organization: rc corner dubai
Victim Site: rccorner.ae
L4663R666H05T targets the website of WiWU
Category: Defacement
Content: The group claims to have defaced the website WiWU.
Date: 2026-03-01T12:49:14Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795562
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ce990859-d2c3-4ddd-9465-ecd2effb131e.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Electrical & Electronic Manufacturing
Victim Organization: wiwu
Victim Site: wiwu.ae
L4663R666H05T targets the website of Herome Beauty
Category: Defacement
Content: Group claims to have defaced the website of Herome Beauty.
Date: 2026-03-01T12:48:12Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795488
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/137222c0-d77f-48e3-8294-796969346e5e.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Cosmetics
Victim Organization: herome beauty
Victim Site: herome.ae
Alleged data breach of Adidas
Category: Data Breach
Content: The group claims to have leaked the database from Adidas.
Date: 2026-03-01T12:45:43Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3fbad4a2-bdf6-4df1-aa27-6feaca5a37c9.jpg
Threat Actors: ShinyHunters
Victim Country: Germany
Victim Industry: Sporting Goods
Victim Organization: adidas
Victim Site: adidas.com
L4663R666H05T targets the website Fabvariety.ae
Category: Defacement
Content: The group claims to have defaced the organizations website.
Date: 2026-03-01T12:41:20Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795481
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a13d0aa1-bb6b-4b67-b9c5-036f96afea86.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: E-commerce & Online Stores
Victim Organization: fabvariety.ae
Victim Site: fabvariety.ae
L4663R666H05T targets the website Wonderbooks.ae
Category: Defacement
Content: The group claims to have defaced the website Wonderbooks.ae
Date: 2026-03-01T12:40:19Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795472
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e2e9840-17de-4869-9f47-c32a1694c304.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: E-commerce & Online Stores
Victim Organization: wonderbooks.ae
Victim Site: demo.wonderbooks.ae
Alleged data breach of EquityBrix Inc
Category: Data Breach
Content: The threat actor claims to have breached 152.9 GB of data from EquityBrix Inc., allegedly containing IDs, addresses, names, countries, and more.
Date: 2026-03-01T12:39:40Z
Network: openweb
Published URL: https://breachforums.as/Thread-equitybrix-com-152M
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/649f5a50-e7e9-436e-874f-327f9a31afe0.png
Threat Actors: Angel_Batista
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: equitybrix inc
Victim Site: equitybrix.com
Alleged data breach of Lacoste
Category: Data Breach
Content: The group claims to have leaked the database from Lacoste.
Date: 2026-03-01T12:36:43Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/44af6ac9-c7d4-497c-9bc5-a14fbb71606b.jpg
Threat Actors: ShinyHunters
Victim Country: France
Victim Industry: Fashion & Apparel
Victim Organization: lacoste
Victim Site: lacoste.com
L4663R666H05T targets the website dcgpac.ae
Category: Defacement
Content: The group claims to have defaced the website dcgpac.ae
Date: 2026-03-01T12:32:03Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795471
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/44ef5d4d-a7f4-4639-98aa-b058ec1f42bb.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: Packaging & Containers
Victim Organization: dcgpac trading co. l.l.c.
Victim Site: dcgpac.ae
Alleged data breach of Uniiversity of Lille
Category: Data Breach
Content: The group claims to have leaked the database from Uniiversity of Lille.
Date: 2026-03-01T12:31:58Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ac593aa4-9c93-4780-a1aa-2970fc6887e9.jpg
Threat Actors: ShinyHunters
Victim Country: France
Victim Industry: Higher Education/Acadamia
Victim Organization: uniiversity of lille
Victim Site: univ-lille.fr
L4663R666H05T targets the website of Al Aswaq
Category: Defacement
Content: The group claims to have defaced the website of Al Aswaq.
Date: 2026-03-01T12:20:48Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/795460
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5e1bd6d1-fb01-4ee1-a15f-9e686274621a.png
Threat Actors: L4663R666H05T
Victim Country: UAE
Victim Industry: E-commerce & Online Stores
Victim Organization: al aswaq
Victim Site: aswaqrak.ae
313 Team claims to target israel, Jordan, USA, Saudi Arabia, UAE and Kuwait
Category: Alert
Content: A recent post by the threat actor indicates that they intends to target israel, Jordan, USA, Saudi Arabia, UAE and Kuwait
Date: 2026-03-01T12:19:32Z
Network: telegram
Published URL: https://t.me/xX313XxTeam/598
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f8e06bc9-1d72-4314-b73f-c4a841934943.png
Threat Actors: 313 Team
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
DieNet claims possible cyber threats against Cyprus
Category: Cyber Attack
Content: A recent post from the threat actor indicates that Cyprus could face potential cyberattacks amid rising regional tensions, highlighting the island’s strategic importance due to British military bases located there.
Date: 2026-03-01T12:14:32Z
Network: telegram
Published URL: https://t.me/dienet3/301
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5186aa72-a2ac-4957-8ac9-0d0b6bc70fc2.png
Threat Actors: DieNet
Victim Country: Cyprus
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Eni
Category: Data Breach
Content: The group claims to have leaked the database from Eni.
Date: 2026-03-01T12:13:24Z
Network: openweb
Published URL: https://lapsus.cz/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5fc244b5-5ce7-4255-aeaf-7d0b0cd1879a.jpg
Threat Actors: ShinyHunters
Victim Country: Italy
Victim Industry: Energy & Utilities
Victim Organization: eni
Victim Site: eni.com
Cyber Islamic resistance-Axis targets VigilAir Drone Detection Systems in Israel
Category: Cyber Attack
Content: The group claims to have carried out a cyberattack targeting VigilAir drone detection systems in Israel, allegedly disabling and stopping the service. The group also claims to have identified the positions and coordinates of five platforms belonging to the system.
Date: 2026-03-01T12:01:05Z
Network: telegram
Published URL: https://t.me/Mhwear98/1544
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f3b604e9-14ab-4585-9e26-6bcaa60f3336.png
Threat Actors: Cyber Islamic resistance-Axis
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
LulzSec Black claims to target UAE
Category: Alert
Content: A recent post by the threat actor indicates that they intends to target UAE.
Date: 2026-03-01T11:50:06Z
Network: telegram
Published URL: https://t.me/LulzSecBlack/4625
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5bc2e174-cd60-4587-ac54-6f023ff33d56.jpg
Threat Actors: LulzSec Black
Victim Country: UAE
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
L4663R666H05T targets the website Tawreed.qa
Category: Defacement
Content: The group claims to have defaced the website Tawreed.qa
Date: 2026-03-01T11:39:46Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/796116
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c0875b43-09b4-400e-a29b-fa9f61c0ee25.png
Threat Actors: L4663R666H05T
Victim Country: Qatar
Victim Industry: E-commerce & Online Stores
Victim Organization: tawreed.qa
Victim Site: tawreed.qa
Alleged Data Breach of Prdhan Mantri Loan Yojana
Category: Data Breach
Content: The group claims to have selling data from Prdhan Mantri Loan Yojana.
Date: 2026-03-01T11:17:50Z
Network: telegram
Published URL: https://t.me/Exploitationn/1637
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/602d2415-9dcc-4d90-b6ab-8e2be161f59a.jpg
Threat Actors: 4 EXPLOITATION
Victim Country: India
Victim Industry: Financial Services
Victim Organization: prdhan mantri loan yojana
Victim Site: prdhanmantriloanyojana.com
Alleged data breach of The cultural school scene, Norway
Category: Data Breach
Content: The threat actor claims to have breached 1,389,534 rows of data from the Cultural School Scene, Norway, allegedly containing IDs, full names, email addresses, phone numbers, addresses, nationalities, languages, and more.
Date: 2026-03-01T10:54:27Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Government-of-Norway-DenKulturelles-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/73e43309-59ae-4724-95d8-22bc56e77a88.png
https://d34iuop8pidsy8.cloudfront.net/144600fe-8c58-43c4-aad9-47c47ead9f1f.png
https://d34iuop8pidsy8.cloudfront.net/7c47774e-cfae-4f31-8d98-30679ab11129.png
Threat Actors: Spirigatito
Victim Country: Norway
Victim Industry: Government Administration
Victim Organization: cultural school scene, norway
Victim Site: denkulturelleskolesekken.no
Alleged data breach of Baran Company Limited
Category: Data Breach
Content: The group claims to be leaked 21 GB data from Baran Company Limited.NB: The organization was previously breached on February 21 2025.
Date: 2026-03-01T10:46:20Z
Network: telegram
Published URL: https://t.me/c/2259100562/806
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b33117eb-c8c5-4d8c-a6f1-4f51e364bfcc.jpg
Threat Actors: NATION OF SAVIORS
Victim Country: Saudi Arabia
Victim Industry: Building and construction
Victim Organization: baran company limited
Victim Site: baran.com.sa
Alleged Leak of Unidentified Saudi Arabian Website
Category: Data Breach
Content: The group claims to have hacked a website in Saudi Arabia and stolen a significant amount of funds. The actor further alleges that they obtained data linked to more than 50 PayPal accounts. The compromised information reportedly includes email addresses, passwords, country details, and phone numbers. The data was shared in CSV format.
Date: 2026-03-01T10:06:44Z
Network: telegram
Published URL: https://t.me/Akatsukiyberteam/636
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1403d064-7133-4df6-a5dd-84039bc8e17d.jpg
Threat Actors: Akatsuki cyber team (official)
Victim Country: Saudi Arabia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of fabtimesstores.com.ng
Category: Defacement
Content: The group claims to have defaced the website of fabtimesstores.com.ng.
Date: 2026-03-01T10:02:13Z
Network: telegram
Published URL: https://t.me/c/3716986899/109
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5a01ade8-9537-4e72-86da-72f470ddd2ce.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: fabtimesstores.com.ng
BABAYO EROR SYSTEM targets the website of nature.xpartmart.top
Category: Defacement
Content: The group claims to have defaced the website of nature.xpartmart.top.
Date: 2026-03-01T09:57:42Z
Network: telegram
Published URL: https://t.me/c/3716986899/109
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c72d8318-845e-4d32-a76d-61bf0a1af3ba.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: nature.xpartmart.top
Alleged Data Breach of Guidely
Category: Data Breach
Content: Threat Actor claims to have leaked data from Guidely.
Date: 2026-03-01T09:50:20Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277274/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ae3b856a-f63d-4d5a-a81e-dc55ea7d8189.png
Threat Actors: HighRisk
Victim Country: India
Victim Industry: E-Learning
Victim Organization: guidely
Victim Site: guidely.in
LulzSec Black claims to target GCC countries
Category: Alert
Content: A recent post by the threat actor indicates that they intends to target all Gulf Countries. The claim that they have documents and videos.
Date: 2026-03-01T09:47:28Z
Network: telegram
Published URL: https://t.me/LulzSecBlack/4620
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6ee02a6b-90b8-466e-a956-a25c1e22d4ab.png
Threat Actors: LulzSec Black
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
THE GHOSTS IN THE MACHINE claims to target Jordan
Category: Cyber Attack
Content: Jordan under cyber attack. @TheGhostsITM
Date: 2026-03-01T09:43:07Z
Network: telegram
Published URL: https://t.me/TheGhostsITM/252
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8cebe0cb-f2af-4265-ab0b-538050bd6174.png
Threat Actors: THE GHOSTS IN THE MACHINE
Victim Country: Jordan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
THE GHOSTS IN THE MACHINE claims to target GCC countries
Category: Alert
Content: A recent post by the group indicates that they are targeting GCC countries.
Date: 2026-03-01T09:42:46Z
Network: telegram
Published URL: https://t.me/TheGhostsITM/251
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1ac11f15-d78b-4d4d-9e86-14f082356e62.png
Threat Actors: THE GHOSTS IN THE MACHINE
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of uiporn.com
Category: Data Breach
Content: Threat Actor claims to have leaked data from uiporn.com.
Date: 2026-03-01T09:36:26Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277273/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2fb9692-1beb-4674-8d6d-ea0402ccc6b2.png
Threat Actors: HighRisk
Victim Country: Unknown
Victim Industry: Other Industry
Victim Organization: uiporn.com
Victim Site: uiporn.com
maulnism1337 targets the website of Health Polytechnic of the Ministry of Health Surakarta
Category: Defacement
Content: The group claims to have defaced the website of Health Polytechnic of the Ministry of Health Surakarta.
Date: 2026-03-01T08:44:37Z
Network: telegram
Published URL: https://t.me/maul1337anon/1121
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2213d53-6d99-4b57-8e3a-4f1bab330122.jpg
Threat Actors: maulnism1337
Victim Country: Indonesia
Victim Industry: Higher Education/Acadamia
Victim Organization: health polytechnic of the ministry of health surakarta
Victim Site: litmas.poltekkes-solo.ac.id
Alleged leak of Online Casino Players Data
Category: Data Breach
Content: The threat actor claims to have leaked data from the online casino player bases in Russia, Europe 2025-2026. The compromised data reportedly includes player names, email addresses, phone numbers, location details, and casino platform information.
Date: 2026-03-01T08:29:16Z
Network: openweb
Published URL: https://breachforums.as/Thread-Several-fresh-online-casino-player-bases-in-Russia-Europe-2025-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8a9fddb4-8c33-435e-8049-b3a0cde23784.png
https://d34iuop8pidsy8.cloudfront.net/17c55075-4eff-4258-ad8e-2025a797c346.png
Threat Actors: ufologistiks
Victim Country: Russia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Warung168
Category: Data Breach
Content: The threat actir claims to have leaked data from Warung168.
Date: 2026-03-01T08:22:02Z
Network: openweb
Published URL: https://breachforums.as/Thread-Indonesia-Gambling-Warung168
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c1689828-7018-46b8-8469-22a09d3633c2.png
Threat Actors: echo_party
Victim Country: Indonesia
Victim Industry: Gambling & Casinos
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Sikat88
Category: Data Breach
Content: The threat claims to have leaked data from Sikat88.
Date: 2026-03-01T08:19:27Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Indonesia-Gambling-Sikat88
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6b5eaf0f-9cd5-4d27-ba05-d63d7634b90a.png
Threat Actors: echo_party
Victim Country: Indonesia
Victim Industry: Gambling & Casinos
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Health Polytechnic of the Ministry of Health, Surakarta
Category: Data Breach
Content: The threat actor claims to have breached the data of 5,000 students from the Health Polytechnic of the Ministry of Health, Surakarta.
Date: 2026-03-01T08:17:10Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-5-000-DATA-KKN-POLITEKNIK-KESEHATAN-SURAKARTA
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f13b41db-d8c1-425a-bb33-b4eec0a250cb.png
Threat Actors: Maulnism1337
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: ministry of health, surakarta
Victim Site: poltekkes-solo.ac.id
Infostealer-Driven Credential Attacks Hit Enterprise Login Portals
Category: Cyber Attack
Content: A recent cybersecurity report details a large-scale attack campaign where threat actors used stolen credentials collected by infostealer-type malware to automate brute-force login attempts against corporate Single Sign-On (SSO) gateways, especially F5 BIG-IP systems, showing that these attacks aren’t guessing passwords but reusing real passwords harvested from infected devices to break into enterprise systems, highlighting the growing risk of credential theft, login reuse, and the need for stronger multi-factor authentication and credential protection measures.
Date: 2026-03-01T08:10:22Z
Network: openweb
Published URL: https://gbhackers.com/massive-brute-force-attacks/
Screenshots:
None
Threat Actors: Unknown
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
TikusXploit targets the website of Birjhora Mahavidyalaya
Category: Defacement
Content: The group claims to have defaced the website of Birjhora Mahavidyalaya.
Date: 2026-03-01T08:03:56Z
Network: telegram
Published URL: https://t.me/llllllllllllllllllllal/176
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2715a567-c824-462b-ba8f-ef3fc80d0d98.png
Threat Actors: TikusXploit
Victim Country: India
Victim Industry: Education
Victim Organization: birjhora mahavidyalaya
Victim Site: admin.birjhoramahavidyalaya.in
Alleged Leak of Japan Shopping Data
Category: Data Breach
Content: Threat actor claims to have leaked Japan Shopping Datab.
Date: 2026-03-01T08:02:00Z
Network: openweb
Published URL: https://leakbase.la/threads/japan-shopping-data-golf.49195/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4370228d-f4d6-4010-b245-94d0ce00c088.png
Threat Actors: jxq09
Victim Country: Japan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cyberattack hit University of Jordan Library
Category: Cyber Attack
Content: A cyberattack hit University of Jordan Library.
Date: 2026-03-01T08:01:07Z
Network: openweb
Published URL: https://x.com/Null_and_Max/status/2027969515859153264
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/90a6e167-4083-48b2-a7fd-80a779009bc6.png
Threat Actors: Unknown
Victim Country: Jordan
Victim Industry: Library
Victim Organization: university of jordan library
Victim Site: library.ju.edu.jo
Jordan Faces Imminent Cyberattack Threat
Category: Cyber Attack
Content: Jordan reportedly targeted by cyberattacks, with potential threats to Airports, Hejaz Railways, Banking, Transport, and Water Supply Systems.
Date: 2026-03-01T08:00:09Z
Network: openweb
Published URL: https://x.com/Null_and_Max/status/2027966786919178295
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c82cc148-7c21-4305-aa61-8fca77608f42.png
Threat Actors: Unknown
Victim Country: Jordan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Handala Hack claims to target all Middle Eastern countries
Category: Alert
Content: A recent post by the threat actor indicates that they intends to target all Middle Eastern countries.
Date: 2026-03-01T07:52:19Z
Network: openweb
Published URL: https://x.com/HANDALA_RSS/status/2028010189027250321?s=20
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/42de638d-eda5-4d21-bb37-575c78cc92df.png
Threat Actors: Handala Hack
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cyberattack hit email systems used by congressional staff
Category: Cyber Attack
Content: A cyberattack hit email systems used by U.S. congressional staff working on House national security committees, with officials investigating a suspected Chinese cyber espionage operation detected in December. The activity has been linked by researchers to the threat actor known as Salt Typhoon and reportedly targeted staff supporting committees overseeing China policy, foreign affairs, intelligence, and the military.
Date: 2026-03-01T07:44:30Z
Network: openweb
Published URL: https://www.bankinfosecurity.com/salt-typhoon-hackers-hit-congressional-emails-in-new-breach-a-30484
Screenshots:
None
Threat Actors: Unknown
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Indonesian data
Category: Data Breach
Content: The threat actor claims to have leaked a database containing 2 million records from Indonesia, allegedly including names, office address, mobile numbers, home addresses, city, West Java, tax numbers, national ID numbers (NIK), and more.
Date: 2026-03-01T07:39:44Z
Network: openweb
Published URL: https://breachforums.as/Thread-Indonesia-2mil-database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8663902d-fa55-44e8-9ed4-d3cb433557a1.png
Threat Actors: Kim200p
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
InDoM1nuS Team targets the website of Hi-Pro Technology
Category: Defacement
Content: The group claims to have defaced the website of Hi-Pro Technology.
Date: 2026-03-01T07:22:50Z
Network: telegram
Published URL: https://t.me/InDoM1nusTe4m/104
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9b3baad9-1eee-4e88-acf4-d01c3a573ee5.png
Threat Actors: InDoM1nuS Team
Victim Country: Zimbabwe
Victim Industry: Publishing Industry
Victim Organization: hi-pro technology
Victim Site: hipro.co.zw
Alleged database leak of Israel User
Category: Data Breach
Content: The group claims to have leaked database of Israel Users.
Date: 2026-03-01T07:10:23Z
Network: telegram
Published URL: https://t.me/c/2337310341/350
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b3f19bd8-184c-4b65-822c-f314ae978926.png
Threat Actors: Evil Markhors -Dark Side of Pakistan Alliance
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Handala Hack claims to target Saudi Arabia
Category: Alert
Content: A recent post by the threat actor indicates that they intends to target Saudi Arabia next.
Date: 2026-03-01T07:03:32Z
Network: openweb
Published URL: https://x.com/HANDALA_RSS/status/2027998758206636275?s=20
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d0e751a4-8fca-44d5-9055-0485b5f5db6d.png
Threat Actors: Handala Hack
Victim Country: Saudi Arabia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
MAD GHOST claims to target multiple countries
Category: Alert
Content: A recent post by the group indicates that they are targeting multiple countries including Israel, USA, Saudi Arabia, UAE.
Date: 2026-03-01T06:41:10Z
Network: telegram
Published URL: https://t.me/ARABIAN_GHOSTS/1757
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c4c21f31-790c-4b3c-b70b-b165e6ba99c5.png
Threat Actors: MAD GHOST
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Canada Investors Club
Category: Data Breach
Content: The threat actor claims to have leaked data from Canada Investors Club on 30 January 2026. The compromised data reportedly business, user, and staff records, including email addresses, phone numbers, names, roles, and platform related account information.Note: This Organization previously breached on December 2024
Date: 2026-03-01T06:22:52Z
Network: openweb
Published URL: https://breachforums.as/Thread-SELLING-LOL-Canada-Investors-Club-v2
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b807e745-3759-4c49-a2da-5fb13bf485a2.png
https://d34iuop8pidsy8.cloudfront.net/b276ac65-1f61-40b8-97de-dfa62d0675ad.png
https://d34iuop8pidsy8.cloudfront.net/39e79654-2cdd-4bb5-9dca-2822db58ec91.png
https://d34iuop8pidsy8.cloudfront.net/9d7ef964-aa12-4023-a3a6-5af2e903467b.png
Threat Actors: Sorb
Victim Country: Canada
Victim Industry: Business and Economic Development
Victim Organization: canada investors club
Victim Site: investorsclub.io
Cyber Wolf claims to target Israel and USA
Category: Alert
Content: A recent post by the group claims they intend to target Israel and USA.
Date: 2026-03-01T05:58:27Z
Network: openweb
Published URL: https://x.com/CyberWolfGuard/status/2027939513369030704
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bd2a1bc3-1d8c-4f21-8239-950ff4d1766a.png
Threat Actors: Cyber Wolf
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of BE‑ATEX
Category: Data Breach
Content: The threat actor claims to be leaked data from BE‑ATEX. The compromised data reportedly contain 2200 customer records and 300 employers records including Email, IP address, Company, First name, Last name, Address
Date: 2026-03-01T05:49:46Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-FR-BE-ATEX-COM-with-private-key-recaptcha-valid–189824
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4ff6315e-16aa-481c-b2ea-600b16078e2e.png
Threat Actors: toky019
Victim Country: France
Victim Industry: Other Industry
Victim Organization: be‑atex
Victim Site: be-atex.com
Alleged leak of Indonesian Vehicle Registration Data
Category: Data Breach
Content: The threat actor claims to be leaked Indonesian Vehicle Registration Data. The compromised data reportedly contain 80,692 records includes No (record number), Nomor Polisi (Vehicle license plate number), NIK (National Identification Number), No. Telp (Phone number)
Date: 2026-03-01T04:58:48Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-Indonesia-Vehicles-Data-80k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dc14d2dc-902e-46a2-9949-91395818c01a.png
Threat Actors: CrowStealer
Victim Country: Indonesia
Victim Industry: Government Relations
Victim Organization: Unknown
Victim Site: Unknown
APT IRAN claims to target multiple countries
Category: Alert
Content: A recent post by the group indicates that they are targeting multiple countries including Israel, America, Jordan, UAE, Saudi Arabia.
Date: 2026-03-01T04:57:18Z
Network: telegram
Published URL: https://t.me/AdvancedPersistentThreatIran/49
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eb576cbe-2409-4871-88cc-0d98d0c6f163.png
Threat Actors: APT IRAN
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Admin Access to Tunisian Lawyer Mobile/Web Application
Category: Initial Access
Content: The threat actor claims to be selling unauthorized admin access to a Tunisian lawyer mobile/web application. The compromised system reportedly involves 327 databases with HFSql level access.
Date: 2026-03-01T04:42:09Z
Network: openweb
Published URL: https://breachforums.as/Thread-tunisia-lawyer-database-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0c57bd73-dfef-403f-9f4d-c368899f3f66.png
Threat Actors: yukoxploit
Victim Country: Tunisia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Webmin Access to Unidentified Organization in Malasyia
Category: Initial Access
Content: Threat actor claims to be selling access to a Malaysia-based Webmin panel associated with an online shop. The listing alleges access to approximately 3.07 million customer records, including UID, member number, email, hashed passwords, names, addresses, city, postcode, state, country, and phone numbers, along with a reported 2.93 million total orders.
Date: 2026-03-01T04:30:39Z
Network: openweb
Published URL: https://forum.exploit.in/topic/277150/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9b0ee5cd-fdb8-4c15-95a1-9acd92cb54b2.png
Threat Actors: AckLine
Victim Country: Malaysia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of unauthorized access to CCTV surveillance access in Iran
Category: Initial Access
Content: The group claims to have leak of unauthorized access to CCTV surveillance access in Iran
Date: 2026-03-01T04:27:47Z
Network: telegram
Published URL: https://t.me/crewcyber/825
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c1808143-7153-467a-bf26-00f4d96158ee.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized SSH Access to Catloga
Category: Initial Access
Content: The threat actor claims to be selling Unauthorized SSH Access to Catloga
Date: 2026-03-01T04:24:58Z
Network: openweb
Published URL: https://breachforums.as/Thread-indian-company-SSH-access
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ed8f20a7-17ba-468a-a1fa-a7acce38558f.png
Threat Actors: yukoxploit
Victim Country: India
Victim Industry: Unknown
Victim Organization: catloga
Victim Site: catloga.com
Alleged unauthorized access to aquatic farm control system in USA
Category: Initial Access
Content: The group claims to have leaked unauthorized access to aquatic farm control system in USA.
Date: 2026-03-01T04:22:38Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1108
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6fb1c9eb-a8ad-4712-9c40-2f52dabc0c9c.png
https://d34iuop8pidsy8.cloudfront.net/77c22785-92bd-44fa-a1d9-3e2a0dcb5097.png
https://d34iuop8pidsy8.cloudfront.net/b39d1c24-376c-4df2-acdb-13bfb753f530.png
https://d34iuop8pidsy8.cloudfront.net/7b791433-82cc-4723-be94-cf96df9b50de.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Hermosillo
Category: Data Breach
Content: The group claims to have leaked data of Hermosillo
Date: 2026-03-01T04:19:29Z
Network: telegram
Published URL: https://t.me/crewcyber/827
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0d1959e9-0713-4f1e-aa35-b244e985783d.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: Mexico
Victim Industry: Building and construction
Victim Organization: hermosillo
Victim Site: hermosillo.com
EXADOS targets the website of Khet Udomsak Foundation
Category: Defacement
Content: The group claims to have defaced the website of Khet Udomsak Foundation
Date: 2026-03-01T02:27:00Z
Network: telegram
Published URL: https://t.me/EXA_DOS_KH/174
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bf5067f6-246b-4cf8-bec1-6c9ad2dffb6b.png
https://d34iuop8pidsy8.cloudfront.net/31fa49e8-8084-439d-8a1e-ebeac748ef95.png
Threat Actors: EXADOS
Victim Country: Thailand
Victim Industry: Unknown
Victim Organization: khet udomsak foundation
Victim Site: khetudomsak.com
Alleged data brecah of Universidad de Ciencias y Artes de Chiapas
Category: Data Breach
Content: The threat actor claims to be leaked data from Universidad de Ciencias y Artes de Chiapas. The compromised data reportedly includes personally identifiable information (PII), academic related records, national ID codes (CURP), contact details, and residential information.
Date: 2026-03-01T02:24:31Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-M%C3%89XICO-UNIVERSIDAD-DE-CIENCIAS-Y-ARTES-DE-CHIAPAS-5-201
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3ca9ef9d-4d86-4385-bfbe-12c7045dbdcb.png
Threat Actors: MagoSpeak
Victim Country: Mexico
Victim Industry: Higher Education/Acadamia
Victim Organization: universidad de ciencias y artes de chiapas
Victim Site: unicach.mx
ALTOUFAN TEAM claims to target SCA Group
Category: Alert
Content: A recent post by the group indicates that they are targeting SCA Group
Date: 2026-03-01T02:05:15Z
Network: telegram
Published URL: https://t.me/ALTOUFANTEAM/176
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5e3efa73-71ab-47c8-bb47-719d6ee6396b.png
https://d34iuop8pidsy8.cloudfront.net/1a3b19e3-6c4d-4efd-b9c7-b7bdb2a324c8.png
Threat Actors: ALTOUFAN TEAM
Victim Country: UK
Victim Industry: Transportation & Logistics
Victim Organization: sca group
Victim Site: scagroup.net
ALTOUFAN TEAM claims to target Navy MWR bahrain
Category: Alert
Content: A recent post by the group indicates that they are Navy MWR bahrain
Date: 2026-03-01T01:54:13Z
Network: telegram
Published URL: https://t.me/ALTOUFANTEAM/176
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9be7e7dd-9f55-4dfa-b3c3-5b14c8c7ad3c.png
https://d34iuop8pidsy8.cloudfront.net/cbaeaa4b-a216-4147-a375-3ee8b151cb7a.png
Threat Actors: ALTOUFAN TEAM
Victim Country: Bahrain
Victim Industry: Government Administration
Victim Organization: navy mwr bahrain
Victim Site: navymwrbahrain.com
Alleged data breach of Operateur112
Category: Data Breach
Content: The threat actor claims to be leaked data from Operateur112. The compromised data reportedly includes platform user account metadata and Discord member profile information, usernames, roles, profile links
Date: 2026-03-01T01:45:05Z
Network: openweb
Published URL: https://breachforums.as/Thread-DATABASE-SCRAPE-operateur112-fr-users-discordmembers
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0bbf5c7b-d928-48b0-a156-0be9190a1117.png
Threat Actors: suicid
Victim Country: France
Victim Industry: Other Industry
Victim Organization: operateur112
Victim Site: operateur112.fr
ALTOUFAN TEAM claims to target Bahrain USA
Category: Alert
Content: A recent post by the group indicates that they are targeting Bahrain USA
Date: 2026-03-01T01:33:27Z
Network: telegram
Published URL: https://t.me/ALTOUFANTEAM/176
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4e8c6c9f-d433-4612-bc59-63bba68b58da.png
https://d34iuop8pidsy8.cloudfront.net/7f674763-8f75-4f29-8b93-5c50de956721.png
Threat Actors: ALTOUFAN TEAM
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: bahrain usa
Victim Site: bahrainusa.com
Alleged data breach of Aix‑Marseille Université (AMU)
Category: Data Breach
Content: The threat actor claims to be leaked data from Aix‑Marseille Université (AMU). The compromised data reportedly includes administrative mailing list directory information associated with AMU organizational accounts
Date: 2026-03-01T01:23:22Z
Network: openweb
Published URL: https://breachforums.as/Thread-COLLECTION-Administrative-mailing-lists-of-the-University-of-Aix-Marseille-univ-amu-fr
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ecbc03fb-595b-4267-80af-283c99e281d9.png
Threat Actors: suicid
Victim Country: France
Victim Industry: Higher Education/Acadamia
Victim Organization: aix‑marseille université (amu)
Victim Site: univ-amu.fr
TFA Team teams claims to target Israel Government officials
Category: Cyber Attack
Content: A recent post by the group indicates that they are targeting Zionist officials, politicians, and officers from hacked Zionist phone numbers, which instilled terror in their fragile entity.
Date: 2026-03-01T00:10:04Z
Network: telegram
Published URL: https://t.me/thetfa/496
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8d67f342-1655-4714-a0fb-b3f8e91ec51f.png
Threat Actors: TFA Team
Victim Country: Israel
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown