[March-12-2026] Daily Cybersecurity Threat Report

Posted on

Executive Summary

The provided dataset outlines a high volume of cyber incidents recorded on March 12, 2026. The incidents span a wide array of attack vectors, predominantly featuring Data Breaches, Initial Access sales or claims, and website Defacements. Targets include international government entities, retail corporations, educational institutions, critical infrastructure (including nuclear power plants and SCADA systems), and various software and e-commerce platforms. Key threat actors identified include groups like Rakyat Digital Crew, L4663R666H05T, Homeland Justice, and Team1722.

1. Critical Infrastructure and Government Compromises

A significant trend in the dataset is the targeting of critical infrastructure, government organizations, and highly sensitive state-level databases across multiple nations.

Government Administration and Services

  • Albanian Parliament: The group Homeland Justice claimed to have breached and maintained long-term access to the internal cyber infrastructure of the Albanian Parliament, gaining months of communications involving parliament members. The group also claimed initial access to the Parliament and posted an alert targeting Albania generally.
  • France: A threat actor named ExnExn claimed to leak French tax records (Impôts) containing names, email addresses, phone numbers, and dates of birth. Another actor, BlitzGroup, claimed to have breached the French Ministry of Health, exposing 174,989 lines of data including names, emails, and user certificates.
  • Sweden: ByteToBreach leaked source code, staff databases, and citizen PII related to Sweden’s e-government platform through infrastructure belonging to CGI Sverige AB.
  • Russia: The actor Shinchan offered 120,000 records from the State Traffic Safety Inspectorate (GIBDD), potentially exposing VIN details, IDs, addresses, and registration data.
  • Ukraine: The group Perun Svaroga leaked data from the Khmelnytskyi City Council’s Administrative Services Center, compromising an MFC-like platform used for government services.
  • Indonesia: Shenira6core breached the PPID Satpol PP Kalteng database, exposing contractor profiles and financial metrics.
  • Thailand: Nullsec Philippines defaced the website of the Department of Probation.
  • Germany & USA (Local Government): Stadt Herne in Germany shut down several IT systems preventatively due to a suspected cyber incident. Rusk County in Wisconsin, USA, reported a cyberattack affecting its network, though public websites remained accessible via third-party providers.

Critical Infrastructure (Energy, Nuclear, and SCADA)

  • Nuclear Facilities: The group We are MONARCH claimed unauthorized access to operational components of Unit 2’s secondary coolant loop at the Golfech Nuclear Power Plant in France. The same group issued an alert targeting three European nuclear energy facilities. Furthermore, the group Cardinal claimed to have breached data from an Israeli Nuclear Power Plant’s infrastructure.
  • SCADA Systems: * Romania:Z-PENTEST ALLIANCE claimed unauthorized access to an industrial SCADA/HMI system controlling pumping equipment and thermal processes, allowing modification of pump parameters and process control, which could affect operational safety.
    • Ukraine: The actor OverFlame claimed control over a temperature-regulation SCADA system at a food-production facility, alleging they spoiled food products and damaged equipment by forcing sustained heating.
  • Oil & Gas: The actor CVDEAD claimed to have leaked a dataset of roughly 68,000 employee records from Saudi Aramco, noting a previous breach on March 3, 2026. In Brazil, the actor Chucky claimed to have breached Consigaz Gas Distributor Ltd, leaking an 8GB dataset containing customer and operational records.
  • Energy Access: DaveGrol91 offered access to Spain’s Family Energy.

Military and Surveillance

  • Pakistan: ModernStealer claimed to be selling classified military documents belonging to the Pakistan Army, including correspondence from the COAS Secretariat and personnel information.
  • Israel (NSO Group): A cyberattack targeted the infrastructure of the NSO Group. Attackers claimed unauthorized access to the development environment, sharing screenshots of IntelliJ IDEA and configuration artifacts referencing internal domains, though no customer data or full source code leaks were confirmed.
  • Israel (Security Personnel): Handala Hack claimed to compromise the accounts and materials of Raz Zimmt, alleging access to over 50,000 emails, strategic plans regarding Iran, and communications with senior security officials.

2. Large-Scale Corporate & Platform Data Breaches

A massive volume of corporate data, customer PII, and financial information was reportedly exposed or offered for sale.

  • Retail & E-commerce: * Loblaw Companies Limited (Canada): Suffered a low-level data breach in a non-critical IT segment. An unauthorized third party accessed names, phone numbers, and email addresses, though passwords and credit cards were not compromised. The security team secured the systems.
    • Electronic City (Indonesia): CaoMa breached a database exposing 618,000 customers, releasing 54,000 rows of data.
    • e-shop Ltd (Israel): Banei Ishmael penetrated backend systems, accessing information on over 1,000 companies and roughly 60 GB of private data, order records, and financial documents.
    • Speedway (France): The database was offered for sale by vibrant00.
  • Tech, Software, and Social Platforms:
    • BreachForums: Actor Insider005 claimed to sell a database containing 346,323 user records from BreachForums itself, including private messages and escrow details.
    • Doxbin: The1F breached the platform, leaking roughly 367,000 lines of data.
    • Crunchyroll (USA): ExnExn leaked a small dataset of emails and IP addresses.
    • WhatsApp (Indonesia): CyznetAdel leaked a dataset containing 21 million WhatsApp phone numbers of Indonesian citizens.
  • Financial & Professional Services:
    • Credit Freedom & Restoration (USA): Loki accessed a CRM database containing highly sensitive PII for over 30,000 members, including SSNs, driver’s licenses, and credit reports.
    • MetaTrader Accounts: FFFV sold 547 verified trading accounts with email credentials and KYC/PII documents.
    • Dukascopy Bank SA (Switzerland): Internal access was sold by actor admin.
    • CGPEY (India): Sorb sold a database with payment processing logs and customer data.
    • Centre d’Intégration Socioprofessionnelle (CIS): Dreamer8000 leaked financial records, employment contracts, NDAs, and correspondence from this Swiss non-profit.
  • Education: Breaches affected the Cyber University of Uzbekistan , Nyaya Nagar Public School in India (651 MB stolen) , Izmir Institute of Technology in Turkey (600 GB of data sold) , and Chaoxin Xuexitong in China containing college student records.
  • Healthcare: HexDex sold a database from French platform Medoucine, affecting roughly 813,866 registered users and practitioners.

3. Initial Access Brokering (IAB) Activity

Threat actors actively marketed initial access to various corporate networks, content management systems, and specialized software.

RDP & Administrative Access Sales

  • sudo: Sold unauthorized RDP access to unidentified holding companies in Australia (1,000+ hosts using Windows Defender) , an unidentified US manufacturing company (approx. 160 hosts) , and another US manufacturing company.
  • William Black: Sold full admin RDP access to multiple industries in Italy (including manufacturing), noting revenue under $5 million.
  • ed1n1ca: Specialized in e-commerce access, selling unauthorized PrestaShop access in the UK (with recorded Stripe transactions) , PrestaShop admin access in France (noting hundreds of redirect transactions) , and unauthorized access to a WordPress shop in Japan.
  • hubert: Sold admin access to an OpenCart platform in France and an unidentified logistics company in Malaysia.
  • samy01: Sold RDWeb access to an Australian dental software provider.

Credential Leaks by Rakyat Digital Crew

The group Rakyat Digital Crew was highly active in leaking login credentials across various sectors, primarily utilizing Telegram. Their targets included:

  • Audio Club (USA)
  • Integrative Psychiatry Institute (USA)
  • University of Nairobi (UoN – Kenya)
  • Needrom
  • Penzitamu (Kenya)
  • Mundo Programas
  • Legion Programas
  • Compartiendo Full
  • lms.ays-plugins.com
  • PetrPikora.com (Czech Republic)

4. Defacement Campaigns

Multiple threat actor groups engaged in mass website defacements, often relying on Telegram or Zone-H/Zone-Xsec for publication.

  • L4663R666H05T: This actor heavily targeted e-commerce and retail sites in Chile and other locations, including: StoneCenter , Rip Curl (Chile & Peru) , Poste Italiane S.p.A. , Anticipa , Casaideas Chile , and A3D.
  • Team1722: Targeted Iranian websites, including botikariya.ir , PosPars (Financial Services) , and Iran Part Lent (Automotive).
  • Cyber Islamic resistance: Defaced seapearlsshipping.com and Purple Search (USA). They also issued an alert targeting Israel’s banking infrastructure and claimed a data breach of Meginim data services.
  • BabayoErorSystem: Defaced metagatesinnovation.com , vbk.saurabhsakhuja.com , and cms.trueott.com.
  • Indonesian Threat Actors: DEFACER INDONESIAN TEAM targeted Cart Rescue PRO (USA) and The Gardens Foundation (India). BROTHERHOOD CAPUNG INDONESIA targeted Spicy Web in India.

5. Additional Notable Incidents (Malware, Alerts, and Misc.)

  • Malware Sale: The actor Jaxx advertised the Azury Modern Infostealer, a C#-based application designed to steal browser passwords, cookies, crypto wallets, and VPN tokens, which features anti-debug, anti-VM, and anti-antivirus protections.
  • IoT/Camera Leaks: CVDEAD leaked a dataset containing 26,500 publicly accessible IoT devices and 3,000 RTSP-enabled cameras in Saudi Arabia, potentially exposing video streams due to misconfigurations.
  • Large-Scale Chinese PII: ALTGIANT leaked an 11.7 GB dataset containing Chinese personal and financial information, including ID cards and credit cards.
  • Anonymous For Justice (Israel Targeting): This group claimed destructive attacks, stating they deleted 2 TB of data from City Garden Management and 1 TB of data from Avodot Biuv VeMayim Ltd. They also issued an alert targeting Netanel Sharfi & Co legal offices.
  • Combo Lists: Luntik sold email:password credential pairs for Swiss users of Ricardo.ch and Tutti.ch.

Conclusion

The data from March 12, 2026, reveals a highly active and fragmented cyber threat landscape. Threat actors are demonstrating significant capabilities against critical infrastructure, as evidenced by compromises affecting nuclear facilities in France and Israel, as well as SCADA systems in Romania and Ukraine. The proliferation of Initial Access Brokers (IABs) selling RDP, PrestaShop, and VPN access highlights the commercialization of network intrusions. Furthermore, politically or ideologically motivated groups (such as Homeland Justice, Anonymous For Justice, and Cyber Islamic resistance) continue to leverage data destruction, strategic data leaks, and website defacements to target specific nation-states (notably Albania, Israel, and Iran). Organizations across all sectors must prioritize securing exposed remote access points, enforcing robust multi-factor authentication, and segmenting operational technology (OT/SCADA) from standard IT networks.

Detected Incidents Draft Data

  1. Loblaw Companies Limited suffers Data Breach
    Category: Data Breach
    Content: Loblaw Companies Limited was reportedly subjected to a data breach after the company detected suspicious activity within a contained, non-critical segment of its IT network. According to the company’s statement, an unauthorized third party gained access to limited customer information, including names, phone numbers, and email addresses. The company stated that its security team secured the affected systems and initiated an investigation into the incident. Loblaw also noted that sensitive data such as passwords, health information, and credit card details were not compromised, and services related to PC Financial were not impacted by the breach.
    Date: 2026-03-12T23:45:26Z
    Network: openweb
    Published URL: https://www.loblaw.ca/en/loblaw-notifies-customers-of-a-low-level-data-breach/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Canada
    Victim Industry: Retail Industry
    Victim Organization: loblaw companies limited
    Victim Site: loblaw.ca
  2. Alleged leak of login credentials to Audio Club
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Audio Club.
    Date: 2026-03-12T22:31:21Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: USA
    Victim Industry: Music
    Victim Organization: audio club
    Victim Site: audioclub.store
  3. Alleged Data Breach of Consigaz Gas Distributor Ltd
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Consigaz Gas Distributor Ltd in Brazil. The dataset is approximately 8GB in size and contains around 500 files. The leaked data is reportedly provided in multiple formats including CSV, LOG, XLSX, and TXT files dated 2026, and includes customer-related information and operational records associated with the organization.
    Date: 2026-03-12T22:21:29Z
    Network: openweb
    Published URL: https://leakbase.bz/threads/database-leaked-consigaz-com-br-8gb-500files.49277/
    Screenshots:
    None
    Threat Actors: Chucky
    Victim Country: Brazil
    Victim Industry: Oil & Gas
    Victim Organization: consigaz gas distributor ltd
    Victim Site: consigaz.com.br
  4. Alleged leak of login credentials to Integrative Psychiatry Institute
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Integrative Psychiatry Institute.
    Date: 2026-03-12T22:21:15Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: USA
    Victim Industry: Education
    Victim Organization: integrative psychiatry institute
    Victim Site: psychiatryinstitute.com
  5. Alleged access to University of Nairobi (UoN)
    Category: Initial Access
    Content: The group claims to have gained access to University of Nairobi (UoN).
    Date: 2026-03-12T22:12:52Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Kenya
    Victim Industry: Education
    Victim Organization: university of nairobi (uon)
    Victim Site: summerschool.uonbi.ac.ke
  6. Alleged leak of login credentials to Needrom
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Needrom.
    Date: 2026-03-12T22:06:41Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Unknown
    Victim Industry: Software
    Victim Organization: needrom
    Victim Site: needrom.com
  7. Alleged leak of login credentials to Penzitamu
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Penzitamu
    Date: 2026-03-12T22:04:07Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Kenya
    Victim Industry: Online Publishing
    Victim Organization: penzitamu
    Victim Site: penzitamu.com
  8. Alleged Sale of Unauthorized RDP Access to unidentified multiple industries in Italy
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized full admin RDP access associated with unidentified organizations across multiple industries in Italy, including manufacturing and testing and measurement equipment, noting that the estimated revenue is less than $5 million.
    Date: 2026-03-12T22:03:47Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278181/
    Screenshots:
    None
    Threat Actors: William Black
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  9. Alleged leak of login credentials to Mundo Programas
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Mundo Programas.
    Date: 2026-03-12T21:58:49Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Unknown
    Victim Industry: Software
    Victim Organization: mundo programas
    Victim Site: mundoprogramas.net
  10. Alleged leak of login credentials to Legion Programas
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Legion Programas.
    Date: 2026-03-12T21:51:43Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Unknown
    Victim Industry: Software
    Victim Organization: legion programas
    Victim Site: legionprogramas.org
  11. Alleged leak of login credentials to Compartiendo Full
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Compartiendo Full.
    Date: 2026-03-12T21:51:32Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/84
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Unknown
    Victim Industry: Media Production
    Victim Organization: compartiendo full
    Victim Site: compartiendofull.org
  12. Team1722 targets the website of botikariya.ir
    Category: Defacement
    Content: The group claims to have defaced the website of botikariya.ir
    Date: 2026-03-12T20:52:21Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41118320
    Screenshots:
    None
    Threat Actors: Team1722
    Victim Country: Iran
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: botikariya.ir
  13. Alleged Sale of Unauthorized PrestaShop Access to an Unidentified Shop in the United Kingdom
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized PrestaShop access to a unidentified shop in the United Kingdom, stating that the site has recorded credit card Stripe (frame) transactions with reported counts of 142 in February and 122 in January.
    Date: 2026-03-12T20:46:57Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278165/
    Screenshots:
    None
    Threat Actors: ed1n1ca
    Victim Country: UK
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  14. Alleged Sale of Unauthorized PrestaShop Admin Access to an Unidentified Shop in France
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized PrestaShop access to an unidentified shop in France, stating that the site has recorded credit card redirect activity with reported counts of 723 transactions in February, 880 in January, and 700 in December.
    Date: 2026-03-12T20:43:09Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278170/
    Screenshots:
    None
    Threat Actors: ed1n1ca
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  15. Alleged unauthorized access to an unidentified industrial SCADA/HMI system in Romania
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to an industrial SCADA/HMI system in Romania responsible for monitoring and controlling pumping equipment and thermal processes. The system monitors operational parameters such as temperature, pressure, and the status of pumps and valves, while allowing real-time configuration of equipment. Access to the interface enables modification of pump parameters, monitoring of alarm signals, and direct process control, which could potentially affect operational stability and safety.
    Date: 2026-03-12T20:42:15Z
    Network: telegram
    Published URL: https://t.me/c/3792806777/17
    Screenshots:
    None
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Romania
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  16. Team1722 targets the website of PosPars
    Category: Defacement
    Content: The group claims to have defaced the website of Iran PosPars.
    Date: 2026-03-12T20:35:38Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41118319
    Screenshots:
    None
    Threat Actors: Team1722
    Victim Country: Iran
    Victim Industry: Financial Services
    Victim Organization: pospars
    Victim Site: pospars.ir/1722.html
  17. Alleged Sale of Unauthorized Access to an Unidentified WordPress Shop in Japan
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized access to an unidentified WordPress shop in Japan.
    Date: 2026-03-12T20:34:20Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278168/
    Screenshots:
    None
    Threat Actors: ed1n1ca
    Victim Country: Japan
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  18. Team1722 targets the website of Iran Part Lent
    Category: Defacement
    Content: The group claims to have defaced the website of Iran Part Lent.
    Date: 2026-03-12T20:31:54Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41118315
    Screenshots:
    None
    Threat Actors: Team1722
    Victim Country: Iran
    Victim Industry: Automotive
    Victim Organization: iran part lent
    Victim Site: iranpartlent.ir/1722.html
  19. Cyber ​​Islamic resistance claims to target Israel
    Category: Alert
    Content: A recent post by the group indicates that they are targeting banking infrastructure of Israel.
    Date: 2026-03-12T19:11:33Z
    Network: telegram
    Published URL: https://t.me/CIR48/1712
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  20. Alleged data leak of French tax records
    Category: Data Breach
    Content: A threat actor claims to have leaked a dataset allegedly related to French tax records (Impôts). The leaked data contains personal information such as names, email addresses, phone numbers, postal codes, cities, and dates of birth.
    Date: 2026-03-12T19:11:10Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-French-Impot
    Screenshots:
    None
    Threat Actors: ExnExn
    Victim Country: France
    Victim Industry: Government & Public Sector
    Victim Organization: Unknown
    Victim Site: Unknown
  21. Alleged data breach of Crunchyroll
    Category: Data Breach
    Content: A threat actor claims to have leaked a small dataset allegedly linked to Crunchyroll users. The leaked data reportedly includes email addresses and associated IP addresses.
    Date: 2026-03-12T18:58:10Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Crunchyroll-email-and-IP
    Screenshots:
    None
    Threat Actors: ExnExn
    Victim Country: USA
    Victim Industry: Entertainment & Movie Production
    Victim Organization: crunchyroll
    Victim Site: crunchyroll.com
  22. Alleged sale of 547 Verified MetaTrader Trading Accounts
    Category: Data Breach
    Content: A threat actor claims to be selling 547 verified trading accounts linked to MetaTrader. the dataset includes email and password credentials, as well as KYC/PII documents such as ID cards, passports, and proof of address.
    Date: 2026-03-12T18:43:47Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-547-Verified-Trading-Accounts-%E2%80%93-140K-Total-Equity
    Screenshots:
    None
    Threat Actors: FFFV
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  23. Alleged sale of Azury Modern Infostealer
    Category: Malware
    Content: A threat actor is advertising the sale of a malware tool called Azury Modern Infostealer. The actor claims the stealer is a C#-based application designed to run on victim machines and collect sensitive data such as browser passwords, cookies, cryptocurrency wallets, VPN/FTP credentials, messaging platform tokens, and system information.which includes anti-debug, anti-VM, anti-sandbox, and anti-antivirus protections.
    Date: 2026-03-12T18:31:57Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-MALWARE-Azury-Modern-Infostealer-BEST-CHEAP-STEALER
    Screenshots:
    None
    Threat Actors: Jaxx
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  24. Alleged access to The Parliament of Albania
    Category: Initial Access
    Content: The group claims to have gained access to The Parliament of Albania.
    Date: 2026-03-12T18:29:47Z
    Network: telegram
    Published URL: https://t.me/JusticeHomeland1/571
    Screenshots:
    None
    Threat Actors: Homeland Justice
    Victim Country: Albania
    Victim Industry: Government Administration
    Victim Organization: the parliament of albania
    Victim Site: parlament.al
  25. Alleged data breach of CGI Sverige AB
    Category: Data Breach
    Content: A threat actor claims to have leaked source code and internal data related to Sweden’s e-government platform through infrastructure belonging to CGI Sverige AB. The leaked data includes staff databases, citizen PII, and electronic document-signing files.
    Date: 2026-03-12T18:25:21Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Source-Code-SE-Sweden-E-Gov-CGI-Sverige-AB–68829
    Screenshots:
    None
    Threat Actors: ByteToBreach
    Victim Country: Sweden
    Victim Industry: Information Technology (IT) Services
    Victim Organization: cgi sverige ab
    Victim Site: cgi.com
  26. Homeland Justice claims to target Albania
    Category: Alert
    Content: A recent post by the group indicates that they are targeting Albania.
    Date: 2026-03-12T18:23:36Z
    Network: telegram
    Published URL: https://t.me/JusticeHomeland1/572
    Screenshots:
    None
    Threat Actors: Homeland Justice
    Victim Country: Albania
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. Alleged data breach of Nyaya Nagar Public School
    Category: Data Breach
    Content: The threat actor claims to have hacked and defaced the website of Nyaya Nagar Public School. The threat actor claims to have stolen about 651 MB of data and gave the school 48 hours to respond.
    Date: 2026-03-12T18:15:52Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-ShadowByt3-Defaces-and-Hacks-School
    Screenshots:
    None
    Threat Actors: BlackVortex1
    Victim Country: India
    Victim Industry: Education
    Victim Organization: nyaya nagar public school
    Victim Site: nyayanagarpublicschool.in
  28. Alleged data breach of Cyber University of Uzbekistan
    Category: Data Breach
    Content: A threat actor claims to have breached systems belonging to the Cyber University of Uzbekistan.
    Date: 2026-03-12T18:09:43Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Cyber-University-Of-UZ-Hacked
    Screenshots:
    None
    Threat Actors: tocyber
    Victim Country: Uzbekistan
    Victim Industry: Education
    Victim Organization: cyber university of uzbekistan
    Victim Site: csu.uz
  29. Alleged data breach of Credit Freedom & Restoration
    Category: Data Breach
    Content: A threat actor claims to have breached Credit Freedom & Restoration and accessed a Vtiger CRM 6.4.0 database allegedly containing information on more than 30,000 U.S. members. the compromised data includes highly sensitive personally identifiable information (PII) such as driver’s licenses, Social Security numbers (including images), credit card details (both images and plaintext), utility bills, and credit reports.
    Date: 2026-03-12T18:02:28Z
    Network: tor
    Published URL: http://dzkxxcsbrg7bwnlwwer563yuxd5pesr42dx634w5xvofm5z6qjw72ayd.onion/
    Screenshots:
    None
    Threat Actors: Loki
    Victim Country: USA
    Victim Industry: Financial Services
    Victim Organization: credit freedom & restoration
    Victim Site: creditfreedomrestoration.com
  30. Alleged data breach of Centre d’Intégration Socioprofessionnelle (CIS)
    Category: Data Breach
    Content: A threat actor claims to have leaked data belonging to Centre d’Intégration Socioprofessionnelle (CIS), a Swiss non-profit organization that supports people with disabilities and individuals seeking employment integration in Switzerland.The leaked data includes financial records, bank statements, employment contracts containing personal details, business case files, employer agreements, client and partner databases, NDAs, confidential documents, and internal as well as external email correspondence.
    Date: 2026-03-12T17:50:45Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Data-exposure-involving-Centre-d%E2%80%99Int%C3%A9gration-Socioprofessionnelle-CIS
    Screenshots:
    None
    Threat Actors: Dreamer8000
    Victim Country: USA
    Victim Industry: Financial Services
    Victim Organization: centre d’intégration socioprofessionnelle (cis)
    Victim Site: creditfreedomrestoration.com
  31. DEFACER INDONESIAN TEAM targets the website of Cart Rescue PRO
    Category: Defacement
    Content: The group claims to have defaced the website of Cart Rescue PRO.
    Date: 2026-03-12T17:30:59Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1219
    Screenshots:
    None
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: USA
    Victim Industry: Software
    Victim Organization: cart rescue pro
    Victim Site: cartrescuepro.com
  32. Alleged data leak of Hans Brantner & Sohn Fahrzeugbaugesellschaft m.b.H Database
    Category: Data Breach
    Content: A threat actor claims that Hans Brantner & Sohn Fahrzeugbaugesellschaft m.b.H. suffered a data breach in which attackers allegedly exfiltrated sensitive corporate information. The reportedly compromised data includes customer data, internal emails, NDAs, vehicle documentation, and confidential technical drawings and files. The exposed information could reveal internal operations and business relationships, potentially affecting partners, customers, employees, and contractors.
    Date: 2026-03-12T17:30:52Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Hans-Brantner-Sohn-Fahrzeugbaugesellschaft-breach-Cybersecurity-Ignored
    Screenshots:
    None
    Threat Actors: Dreamer8000
    Victim Country: Austria
    Victim Industry: Manufacturing
    Victim Organization: Unknown
    Victim Site: Unknown
  33. Alleged data breach of Meginim data services
    Category: Data Breach
    Content: The group claims to have breached the database of Meginim data services.
    Date: 2026-03-12T17:22:08Z
    Network: telegram
    Published URL: https://t.me/CIR48/1709
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  34. BROTHERHOOD CAPUNG INDONESIA targets the website of Spicy Web
    Category: Defacement
    Content: The group claims to have defaced the website of Spicy Web.
    Date: 2026-03-12T17:02:33Z
    Network: telegram
    Published URL: https://t.me/c/3800744258/88
    Screenshots:
    None
    Threat Actors: BROTHERHOOD CAPUNG INDONESIA
    Victim Country: India
    Victim Industry: Information Technology (IT) Services
    Victim Organization: spicy web
    Victim Site: spicyweb.in
  35. Alleged Data Breach of BreachForums
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly belonging to BreachForums. The dataset reportedly contains 346,323 user records, including user information, private messages, logs, posts, threads, invoices, and escrow transaction details.
    Date: 2026-03-12T16:41:59Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278148/
    Screenshots:
    None
    Threat Actors: Insider005
    Victim Country: Unknown
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: breachforums
    Victim Site: breachforums.as
  36. Alleged Data Breach of Emotis
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Emotis in France. The dataset is in SQL format and reportedly contains approximately 300 tables and around 35,000 user records, with the database size being about 87 MB.
    Date: 2026-03-12T16:40:50Z
    Network: openweb
    Published URL: https://darknetarmy.io/threads/database-emotis-fr-full-dump-shop-35k-customer.89450/
    Screenshots:
    None
    Threat Actors: Shadow Warrior
    Victim Country: France
    Victim Industry: Information Technology (IT) Services
    Victim Organization: emotis
    Victim Site: emotis.fr
  37. Alleged Sale of Unauthorized RDP Access to Unidentified Holding Companies in Australia
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized RDP access to unidentified holding companies in Australia. The environment uses Windows Defender as antivirus and allegedly includes access to more than 1,000 hosts.
    Date: 2026-03-12T16:32:15Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278151/
    Screenshots:
    None
    Threat Actors: sudo
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  38. DARK 07x claims to target Tunisia
    Category: Alert
    Content: A recent post by the group indicates that they are targetting Tunisia.
    Date: 2026-03-12T16:30:37Z
    Network: telegram
    Published URL: https://t.me/DarK07xxxxxxx/1720
    Screenshots:
    None
    Threat Actors: DARK 07x
    Victim Country: Tunisia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  39. Alleged data leak of Khmelnytskyi City Council’s Administrative Services Center
    Category: Data Breach
    Content: A recent post by the group indicates that they have leaked data from Khmelnytskyi City Council’s Administrative Services Center of Ukraine by compromising a system described as similar to a Multi-Functional Center (MFC) platform used for government service delivery.
    Date: 2026-03-12T16:28:28Z
    Network: telegram
    Published URL: https://t.me/perunswaroga/1272
    Screenshots:
    None
    Threat Actors: Perun Svaroga
    Victim Country: Ukraine
    Victim Industry: Government Relations
    Victim Organization: khmelnytskyi city council’s administrative services center
    Victim Site: cnap.khm.gov.ua
  40. Alleged Sale of Unauthorized RDP Access to an Unidentified Manufacturing Company in USA
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized RDP access to an unidentified manufacturing company in USA. The network environment includes around 160 hosts, with antivirus protection present and access providing user-level privileges.
    Date: 2026-03-12T16:14:29Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278146/
    Screenshots:
    None
    Threat Actors: sudo
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  41. Alleged Data Leak of JDI Global PII Inventory Database from Multiple Countries
    Category: Data Breach
    Content: A threat actor claiming affiliation with Jaysx Digital Insurgency (JDI), announced the availability of multiple PII datasets allegedly containing personal information from several countries.
    Date: 2026-03-12T16:04:36Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-OFFICIAL-JDI-GLOBAL-PII-INVENTORY-DATA-RELEASE-IL-ID-US-IN
    Screenshots:
    None
    Threat Actors: 053o
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  42. Alleged data leak of Doxbin Website Database
    Category: Data Breach
    Content: A threat actor claims to have breached the platform Doxbin and leaked a dataset containing approximately 367,000 lines of data.
    Date: 2026-03-12T15:33:03Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-2025-Doxbin-367k-lines
    Screenshots:
    None
    Threat Actors: The1F
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  43. Alleged data breach of Medoucine
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly belonging to Medoucine. the dataset contains information on approximately 813,866 registered users, including patients associated with thousands of practitioners on the platform.the leaked data include personal details such as names, email addresses, phone numbers, and reservation counts.
    Date: 2026-03-12T15:10:40Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-FR-Medoucine-com-813K
    Screenshots:
    None
    Threat Actors: HexDex
    Victim Country: France
    Victim Industry: Health & Fitness
    Victim Organization: medoucine
    Victim Site: medoucine.com
  44. Cyberattack hits Stadt Herne IT Systems
    Category: Cyber Attack
    Content: Stadt Herne in Germany has preventively shut down several IT systems following a suspected cyber incident, resulting in restrictions to certain public services for citizens. Authorities stated that the move was taken as a precaution while technical teams investigate the situation and analyze recovery measures.
    Date: 2026-03-12T15:00:09Z
    Network: openweb
    Published URL: https://www.waz.de/lokales/herne-wanne-eickel/article411437410/cyberangriff-stadt-herne-schaltet-it-systeme-ab-buergerservice-eingeschraenkt.html
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Germany
    Victim Industry: Government Administration
    Victim Organization: stadt herne
    Victim Site: herne.de
  45. Cyberattack Hits Rusk County
    Category: Cyber Attack
    Content: Rusk County in northwest Wisconsin reported a cyberattack affecting its network and has engaged forensic experts to investigate and assist with recovery. While the county’s public website and online payment services remain accessible through third-party providers, officials have not yet confirmed which systems were impacted or whether any data was compromised.
    Date: 2026-03-12T14:55:03Z
    Network: openweb
    Published URL: https://dysruptionhub.com/rusk-county-cyber-incident-wisconsin/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: USA
    Victim Industry: Government Administration
    Victim Organization: rusk county
    Victim Site: ruskcountywi.com
  46. L4663R666H05T targets the website of StoneCenter.
    Category: Defacement
    Content: The group claims to have defaced the website of StoneCenter.
    Date: 2026-03-12T14:33:42Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/808995
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: Chile
    Victim Industry: E-commerce & Online Stores
    Victim Organization: stonecenter.
    Victim Site: tienda.stonecenter.cl
  47. Alleged data breach of Electronic City
    Category: Data Breach
    Content: The threat actor claims to have breached Electronic City database (March 10, 2026), exposing 618,000 customers. 54,000 rows released with internal customer and order data.
    Date: 2026-03-12T14:27:57Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-eci-id-Indonesia-electronic-city-website-customer-breach-database
    Screenshots:
    None
    Threat Actors: CaoMa
    Victim Country: Indonesia
    Victim Industry: Consumer Electronics
    Victim Organization: electronic city
    Victim Site: eci.id
  48. Alleged Sale of Unauthorized RDP Access to US Manufacturing Company
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized RDP access to a U.S.-based manufacturing company.
    Date: 2026-03-12T14:25:52Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278146/
    Screenshots:
    None
    Threat Actors: sudo
    Victim Country: USA
    Victim Industry: Manufacturing
    Victim Organization: Unknown
    Victim Site: Unknown
  49. L4663R666H05T targets the website of Rip Curl
    Category: Defacement
    Content: The group claims to have defaced the website of Rip Curl.
    Date: 2026-03-12T14:25:42Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/802687
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: Chile
    Victim Industry: E-commerce & Online Stores
    Victim Organization: rip curl
    Victim Site: ripcurl.cl
  50. Alleged sale of Izmir Institute of Technology
    Category: Data Breach
    Content: The group claims to be selling 600 GB of data from Izmir Institute of Technology.
    Date: 2026-03-12T14:16:25Z
    Network: telegram
    Published URL: https://t.me/c/2705921599/207
    Screenshots:
    None
    Threat Actors: Z-Root
    Victim Country: Turkey
    Victim Industry: Higher Education/Acadamia
    Victim Organization: izmir institute of technology
    Victim Site: iyte.edu.tr
  51. L4663R666H05T targets the website of Poste Italiane S.p.A.
    Category: Defacement
    Content: The group claims to have defaced the website of Poste Italiane S.p.A.
    Date: 2026-03-12T14:12:41Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/800545
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: poste italiane s.p.a.
    Victim Site: filatelia.poste.it
  52. L4663R666H05T targets the website of Rip Curl. Ltd.
    Category: Defacement
    Content: The group claims to have defaced the website of Rip Curl. Ltd.
    Date: 2026-03-12T14:04:34Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/802688
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: rip curl. ltd.
    Victim Site: ripcurl.com.pe
  53. Alleged breach of Albanian Parliament communications
    Category: Data Breach
    Content: The threat actor claims to have breached and maintained access to the internal cyber infrastructure of Albanian Parliament, asserting long-term access to months of communications and correspondence involving Albanian parliament members. They further state that the stolen data is being leaked in parts, with additional releases expected as their extraction process continues.
    Date: 2026-03-12T14:01:09Z
    Network: telegram
    Published URL: https://t.me/JusticeHomeland1/548
    Screenshots:
    None
    Threat Actors: Homeland Justice
    Victim Country: Albania
    Victim Industry: Government Administration
    Victim Organization: albanian parliament
    Victim Site: parlament.al
  54. Alleged leak of publicly accessible IoT devices and RTSP cameras in Saudi Arabia
    Category: Initial Access
    Content: The threat actor claims to have leaked a dataset allegedly containing a list of publicly accessible IoT devices and RTSP cameras in Saudi Arabia, reportedly including approximately 26,500 IoT systems and 3,000 RTSP-enabled cameras that may expose video streams and administrative interfaces due to unsecured or misconfigured services.
    Date: 2026-03-12T13:58:45Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Saudi-Arabia-26-5K-IoT-3K-RTSP-CAM
    Screenshots:
    None
    Threat Actors: CVDEAD
    Victim Country: Saudi Arabia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  55. Alleged data breach of French Ministry of Health
    Category: Data Breach
    Content: The threat actor claims to have breached data of French Ministry of Health, exposing 174,989 lines of data including names, emails, units, and user certs.
    Date: 2026-03-12T13:53:01Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-FR-Database-sante-gouv-fr-related
    Screenshots:
    None
    Threat Actors: BlitzGroup
    Victim Country: France
    Victim Industry: Government Administration
    Victim Organization: french ministry of health
    Victim Site: sante.gouv.fr
  56. Alleged data breach of PPID Satpol PP Kalteng
    Category: Data Breach
    Content: The threat actor claims to have breached the database of PPID Satpol PP Kalteng, exposing contractor profiles, financial metrics for consultative services, and site-supervision reports.
    Date: 2026-03-12T13:42:02Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DOCUMENTS-EXPOSURE-APBD-PROCUREMENT-AUDIT-SATPOL-PP-KALTENG
    Screenshots:
    None
    Threat Actors: Shenira6core
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: ppid satpol pp kalteng
    Victim Site: satpolpp.kalteng.go.id
  57. L4663R666H05T targets the website of Anticipa
    Category: Defacement
    Content: The group claims to have defaced the website of Anticipa.
    Date: 2026-03-12T13:38:42Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/808984
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: Chile
    Victim Industry: E-commerce & Online Stores
    Victim Organization: anticipa
    Victim Site: tienda.anticipa.cl
  58. Alleged sale of access to Family Energy
    Category: Initial Access
    Content: Threat actor claims to be selling access to Family Energy.
    Date: 2026-03-12T13:20:48Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278133/
    Screenshots:
    None
    Threat Actors: DaveGrol91
    Victim Country: Spain
    Victim Industry: Energy & Utilities
    Victim Organization: family energy
    Victim Site: familyenergy.com
  59. Alleged leak of login access to lms.ays-plugins.com
    Category: Initial Access
    Content: The group claims to have leaked login access to lms.ays-plugins.com
    Date: 2026-03-12T13:07:57Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/82
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: lms.ays-plugins.com
  60. Alleged leak of login access to PetrPikora.com
    Category: Initial Access
    Content: The group claims to have leaked login access to PetrPikora.com
    Date: 2026-03-12T13:04:04Z
    Network: telegram
    Published URL: https://t.me/Rakyat_DigitalCrew/80
    Screenshots:
    None
    Threat Actors: Rakyat Digital Crew
    Victim Country: Czech Republic
    Victim Industry: Information Technology (IT) Services
    Victim Organization: petrpikora.com
    Victim Site: petrpikora.com
  61. L4663R666H05T targets the website of Casaideas Chile
    Category: Defacement
    Content: Group claims to have defaced the website of Casaideas Chile.
    Date: 2026-03-12T12:59:49Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/801582
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: Chile
    Victim Industry: Retail Industry
    Victim Organization: casaideas chile
    Victim Site: casaideas.cl
  62. L4663R666H05T targets the website of A3D
    Category: Defacement
    Content: Group claims to have defaced the website of A3D.
    Date: 2026-03-12T12:56:15Z
    Network: openweb
    Published URL: https://zone-xsec.com/mirror/id/808523
    Screenshots:
    None
    Threat Actors: L4663R666H05T
    Victim Country: Chile
    Victim Industry: Retail Industry
    Victim Organization: a3d
    Victim Site: a3d.cl
  63. Alleged breach of the Golfech Nuclear Power Plant
    Category: Data Breach
    Content: The threat actor claims to have infiltrated systems at the Golfech Nuclear Power Plant. They assert unauthorized access to operational components tied to Unit 2’s secondary coolant loop, claiming that engineers remained unaware during the intrusion.
    Date: 2026-03-12T12:56:01Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/364
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: France
    Victim Industry: Energy & Utilities
    Victim Organization: golfech nuclear power plant
    Victim Site: edf.fr
  64. Alleged leak of login access to The Gardens Foundation
    Category: Initial Access
    Content: The group claims to have leaked login access to The Gardens Foundation.
    Date: 2026-03-12T12:36:05Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1218
    Screenshots:
    None
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: India
    Victim Industry: E-Learning
    Victim Organization: the gardens foundation
    Victim Site: thegardens.co.in.anchor.net.in
  65. Cyber ​​Islamic resistance targets the website of seapearlsshipping.com
    Category: Defacement
    Content: The group claims to have defaced the website of seapearlsshipping.com
    Date: 2026-03-12T11:53:06Z
    Network: telegram
    Published URL: https://t.me/CIR48/1706?single
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: seapearlsshipping
    Victim Site: seapearlsshipping.com
  66. Alleged sale of combolist from Ricardo
    Category: Combo List
    Content: The threat actor claims to be selling email:password credential pairs associated with Ricardo.ch accounts, reportedly targeting users from Switzerland.
    Date: 2026-03-12T11:44:19Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278131/
    Screenshots:
    None
    Threat Actors: Luntik
    Victim Country: Switzerland
    Victim Industry: E-commerce & Online Stores
    Victim Organization: ricardo
    Victim Site: ricardo.ch
  67. Alleged sale of combolist from Tutti.ch
    Category: Combo List
    Content: The threat actor claims to be selling email:password credential pairs associated with Tutti.ch accounts, reportedly targeting users from Switzerland.
    Date: 2026-03-12T11:42:05Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278131/
    Screenshots:
    None
    Threat Actors: Luntik
    Victim Country: Switzerland
    Victim Industry: Other Industry
    Victim Organization: tutti.ch
    Victim Site: tutti.ch
  68. Cyber ​​Islamic resistance targets the website of Purple Search
    Category: Defacement
    Content: The group claims to have defaced the website of Purple Search.
    Date: 2026-03-12T11:39:46Z
    Network: telegram
    Published URL: https://t.me/CIR48/1706
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: purple search
    Victim Site: purplesearchinc.com
  69. Alleged breach of Raz Zimmt’s accounts and confidential Data
    Category: Alert
    Content: The threat actor claims to have compromised the accounts and confidential materials of Raz Zimmt, alleging access to over 50,000 emails and sensitive documents. They assert possession of budget information, strategic plans related to Iran, communications with senior security officials, and details of reported collaborators.
    Date: 2026-03-12T10:53:39Z
    Network: openweb
    Published URL: https://handala-hack.to/raz-zimmt-hacked-head-of-the-iran-desk-at-israeli-security-institutes/
    Screenshots:
    None
    Threat Actors: Handala Hack
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  70. We are MONARCH claims to target European nuclear facilities
    Category: Alert
    Content: A recent post by the group indicating that they are targeting three nuclear energy facilities in Europe.
    Date: 2026-03-12T10:52:54Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/359
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  71. Alleged data breach of State Traffic Safety Inspectorate (GIBDD)
    Category: Data Breach
    Content: The threat actor claims to have breached of 120,000 State Traffic Safety Inspectorate (GIBDD) records, potentially exposing VIN details, personal IDs, birth dates, addresses, vehicle info, and registration data.
    Date: 2026-03-12T10:49:00Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-RUSSIA-120K-PERSONAL-INFORMATION-DATA-OF-VEHICLE-OWNERS-IN-RUSSIA
    Screenshots:
    None
    Threat Actors: Shinchan
    Victim Country: Russia
    Victim Industry: Government Administration
    Victim Organization: state traffic safety inspectorate (gibdd)
    Victim Site: gibdd.ru
  72. BabayoErorSystem targets the website of metagatesinnovation.com
    Category: Defacement
    Content: The group claims to have defaced the website of metagatesinnovation.com
    Date: 2026-03-12T10:20:18Z
    Network: telegram
    Published URL: https://t.me/c/3865526389/135
    Screenshots:
    None
    Threat Actors: BabayoErorSystem
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: metagatesinnovation.com
  73. Alleged sale of classified military documents of Pakistan Army
    Category: Data Breach
    Content: The threat actor claims to be selling classified military documents allegedly belonging to the Pakistan Army, including correspondence from the COAS Secretariat, personnel information of officers, materials from the Senior Command and Staff Course, and reports related to the Composite Air Defence Task Force of Pakistan.
    Date: 2026-03-12T10:14:00Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-PAKISTAN-CLASSIFIED-MILITARY-DOCUMENTS
    Screenshots:
    None
    Threat Actors: ModernStealer
    Victim Country: Pakistan
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  74. BabayoErorSystem targets the website of vbk.saurabhsakhuja.com
    Category: Defacement
    Content: The group claims to have defaced the website of vbk.saurabhsakhuja.com
    Date: 2026-03-12T10:13:30Z
    Network: telegram
    Published URL: https://t.me/c/3865526389/135
    Screenshots:
    None
    Threat Actors: BabayoErorSystem
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: vbk.saurabhsakhuja.com
  75. BABAYO EROR SYSTEM targets the website of cms.trueott.com
    Category: Defacement
    Content: The group claims to have defaced the website of cms.trueott.com
    Date: 2026-03-12T10:07:37Z
    Network: telegram
    Published URL: https://t.me/c/3865526389/135
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: cms.trueott.com
  76. Alleged data breach of City Garden Management
    Category: Data Breach
    Content: Group claims to have deleted 2 TB of data from the systems of City Garden Management.
    Date: 2026-03-12T09:49:33Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/25
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Real Estate
    Victim Organization: city garden management
    Victim Site: Unknown
  77. Alleged data leak a pack of 33 invoice templates
    Category: Data Breach
    Content: The threat actor claims to have leaked of 33 invoice templates (PSD/PDF), editable via Canva, Photoshop, or Photopea.
    Date: 2026-03-12T09:25:09Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-PACK-FACTURE-30-PSD-PDF-MODIFIABLE
    Screenshots:
    None
    Threat Actors: Nzo91
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  78. Alleged unauthorized access to Ukrainian food-facility SCADA system
    Category: Initial Access
    Content: The threat actor claims to have gained unauthorized control over a SCADA system used for temperature regulation at a Ukrainian food-production facility. They allege that by forcing the system into sustained heating mode, food products were spoiled and climate-control equipment was damaged.
    Date: 2026-03-12T08:53:07Z
    Network: telegram
    Published URL: https://t.me/privetOTof223/530
    Screenshots:
    None
    Threat Actors: OverFlame
    Victim Country: Ukraine
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  79. Alleged data breach of TekTreeInc
    Category: Data Breach
    Content: The threat actor claims to have breached a database belonging to TekTreeInc. The compromised data includes names, emails, job titles, resumes, skills, education, experience, work auth status, gender, location, and geographic coordinates.Note: it was previously breached by the threat actor Cipherforce on February 23, 2026.
    Date: 2026-03-12T08:45:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-TekTreeInc-com-552K
    Screenshots:
    None
    Threat Actors: cachecat
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: tektree inc
    Victim Site: tektreeinc.com
  80. Alleged data breach of Avodot Biuv VeMayim Ltd
    Category: Data Breach
    Content: Group claims to have deleted 1TB of data from the systems of Avodot Biuv VeMayim Ltd.
    Date: 2026-03-12T07:11:06Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/24
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Renewables & Environment
    Victim Organization: avodot biuv vemayim ltd.
    Victim Site: Unknown
  81. Alleged breach of e-shop Ltd
    Category: Data Breach
    Content: The threat actor claims to have penetrated the servers and backend systems of e-shop Ltd. The actor states that the intrusion yielded information on more than 1,000 companies and their customers, including access to website-management databases of multiple Israel-based e-commerce brands. The data set allegedly includes over 1,300 SQL backup files and approximately 60 GB of private data, order records, financial documents, and customer-payment information.
    Date: 2026-03-12T06:54:04Z
    Network: telegram
    Published URL: https://t.me/BaneiIshmael4/254
    Screenshots:
    None
    Threat Actors: Banei Ishmael
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: e-shop ltd
    Victim Site: e-shop.co.il
  82. Alleged data leak of 21 million WhatsApp Numbers of Indian Citizens
    Category: Data Breach
    Content: A threat actor claims to have leaked a dataset containing 21 million WhatsApp phone numbers belonging to Indonesian citizens.
    Date: 2026-03-12T06:12:33Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-21-Million-Indonesian-WhatsApp-Number-Data
    Screenshots:
    None
    Threat Actors: CyznetAdel
    Victim Country: Indonesia
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: Unknown
    Victim Site: Unknown
  83. Nullsec Philippines targets the website of Department of Probation
    Category: Defacement
    Content: The group claims to have defaced the website of Department of Probation
    Date: 2026-03-12T05:58:20Z
    Network: telegram
    Published URL: https://t.me/nullsechackers/851
    Screenshots:
    None
    Threat Actors: Nullsec Philippines
    Victim Country: Thailand
    Victim Industry: Government Administration
    Victim Organization: department of probation
    Victim Site: probation.go.th
  84. Alleged sale of 500 credit card records
    Category: Data Breach
    Content: Threat actor claims to be selling 500 credit card records from Australia. The compromised data reportedly includes card number, expiry, cvv, full name, address, city etc.
    Date: 2026-03-12T05:56:05Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278080/
    Screenshots:
    None
    Threat Actors: old_pirat
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  85. Alleged sale of 1000 credit card records
    Category: Data Breach
    Content: Threat actor claims to be selling 1000 credit card records from USA.
    Date: 2026-03-12T05:54:10Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278065/
    Screenshots:
    None
    Threat Actors: kasap
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  86. Alleged sale of data from AR Controls Ltd
    Category: Data Breach
    Content: The threat actor claims to have selling data from AR Controls Ltd . The compromised data reportedly includes employee details, including national insurance number, customer details, company details and supplier credits information.
    Date: 2026-03-12T05:42:05Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-AR-CONTROLS-LTD-Database
    Screenshots:
    None
    Threat Actors: fluffyduck
    Victim Country: UK
    Victim Industry: Industrial Automation
    Victim Organization: ar controls ltd
    Victim Site: arcontrols.com
  87. Alleged sale of database from wedding planning platform in USA
    Category: Data Breach
    Content: Threat actor claims to have leaked a database from an unidentified U.S.-based wedding planning platform. The compromised dataset reportedly contains approximately 22 million records, including first names, last names, email addresses, partner names, partner last names, and wedding dates.
    Date: 2026-03-12T05:39:21Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278041/
    Screenshots:
    None
    Threat Actors: NewMember
    Victim Country: USA
    Victim Industry: Events Services
    Victim Organization: Unknown
    Victim Site: Unknown
  88. Alleged Sale of Speedway Database
    Category: Data Breach
    Content: The threat actor claims to be selling the database of Speedway.
    Date: 2026-03-12T05:16:10Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-speedway-fr-360K
    Screenshots:
    None
    Threat Actors: vibrant00
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: speedway
    Victim Site: speedway.fr
  89. Anonymous For Justice claims to target Netanel Sharfi & Co
    Category: Alert
    Content: A recent post by the group indicating that they are targeting Netanel Sharfi & Co legal offices in Israel
    Date: 2026-03-12T05:14:31Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/23
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Legal Services
    Victim Organization: netanel sharfi & co
    Victim Site: Unknown
  90. Alleged data breach of Saudi Aramco
    Category: Data Breach
    Content: The threat actor claims to have leaked workforce data from Saudi Aramco, the compromised dataset reportedly containing approximately 68,000 employee records, including employee identification numbers, names, corporate email addresses, nationality information, residential country details, and hiring dates.Note: Aramco was previously breached on March 3, 2026
    Date: 2026-03-12T05:13:18Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SA-ARAMCO-68K-workforce
    Screenshots:
    None
    Threat Actors: CVDEAD
    Victim Country: Saudi Arabia
    Victim Industry: Oil & Gas
    Victim Organization: saudi aramco
    Victim Site: aramco.com
  91. Alleged sale of unauthorized RDWeb access to unidentified dental software provider network
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized RDWeb access to an unidentified dental software provider network.
    Date: 2026-03-12T04:45:29Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278054/
    Screenshots:
    None
    Threat Actors: samy01
    Victim Country: Australia
    Victim Industry: Hospital & Health Care
    Victim Organization: Unknown
    Victim Site: Unknown
  92. Alleged sale of unauthorized admin access to unidentified shop
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified shop in Taiwan.
    Date: 2026-03-12T04:32:35Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278052/
    Screenshots:
    None
    Threat Actors: Zimmer
    Victim Country: Taiwan
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  93. Alleged sale of unauthorized admin access to unidentified store
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified online store in France.
    Date: 2026-03-12T04:14:36Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278050/
    Screenshots:
    None
    Threat Actors: TreeWater
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  94. Alleged sale of unauthorized admin access to unidentified Logistics company
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified logistics company in Malaysia.
    Date: 2026-03-12T04:07:26Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278048/
    Screenshots:
    None
    Threat Actors: hubert
    Victim Country: Malaysia
    Victim Industry: Transportation & Logistics
    Victim Organization: Unknown
    Victim Site: Unknown
  95. Alleged leak of personal and financial information from China.
    Category: Data Breach
    Content: The threat actor claims to be leaked a large data set containing 11.7 GB of Chinese personal and financial information.
    Date: 2026-03-12T04:06:55Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-Part-2-CHINA-ID-Cards-Credit-Cards-Business-Information-11-7-GB
    Screenshots:
    None
    Threat Actors: ALTGIANT
    Victim Country: China
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  96. Cyberattack hit NSO Group
    Category: Cyber Attack
    Content: A cyberattack has reportedly targeted the infrastructure of NSO Group, an Israel-based software development company known for producing surveillance technologies. Attackers claim to have gained unauthorized access to the company’s development environment, with shared screenshots allegedly showing instances of IntelliJ IDEA and related license information, along with configuration artifacts referencing internal NSO-related domains and identifiers. These materials suggest a potential compromise of the company’s development and licensing infrastructure; however, no exploit code, customer data, or full source code leaks have been confirmed so far, though the alleged exposure of developer-level accounts or tools could represent a significant security concern if verified.
    Date: 2026-03-12T02:54:26Z
    Network: openweb
    Published URL: https://x.com/vxunderground/status/2031870122982273184
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Israel
    Victim Industry: Software Development
    Victim Organization: nso group
    Victim Site: nsogroup.com
  97. Alleged Sale of Unauthorized Admin Access to OpenCart in France
    Category: Initial Access
    Content: Threat Actor claims to be selling Admin Access to OpenCart in France
    Date: 2026-03-12T02:16:45Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278107/
    Screenshots:
    None
    Threat Actors: hubert
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  98. Alleged Data Breach of Chaoxin Xuexitong
    Category: Data Breach
    Content: The threat actor claims to have breached the dataset of Chaoxin Xuexitong, and the dataset contains college student records.
    Date: 2026-03-12T01:59:08Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Chaoxin-Xuexitong-2022-140M-Leak
    Screenshots:
    None
    Threat Actors: Tink3rTech
    Victim Country: China
    Victim Industry: E-Learning
    Victim Organization: chaoxin
    Victim Site: chaoxing.com
  99. Alleged Sale of Dukascopy Bank Internal Access
    Category: Data Breach
    Content: The threat actor claims to be selling the Dukascopy Bank Internal Access.
    Date: 2026-03-12T01:45:03Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-VERIFIED-Dukascopy-Bank-SA-Online-Forex-Broker
    Screenshots:
    None
    Threat Actors: admin
    Victim Country: Switzerland
    Victim Industry: Banking & Mortgage
    Victim Organization: dukascopy bank sa
    Victim Site: dukascopy.com
  100. Alleged Sale of Cisco Intranet Portal Access
    Category: Initial Access
    Content: The threat actor claims to be selling the Intranet Portal Access of Cisco.
    Date: 2026-03-12T01:34:22Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-VERIFIED-CISCO-INTRANET-PORTAL
    Screenshots:
    None
    Threat Actors: admin
    Victim Country: USA
    Victim Industry: Network & Telecommunications
    Victim Organization: cisco
    Victim Site: cisco.com
  101. Alleged Sale of CGPEY Database
    Category: Data Breach
    Content: The threat actor claims to be selling the database of CGPEY, and the dataset containing payment processing logs and customer-related data from various merchants.
    Date: 2026-03-12T01:22:43Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-cgpey-com-India-3-850-000
    Screenshots:
    None
    Threat Actors: Sorb
    Victim Country: India
    Victim Industry: Financial Services
    Victim Organization: cgpey international private limited
    Victim Site: cgpey.com
  102. Alleged Leak of Email Database
    Category: Data Breach
    Content: The threat actor claims to have leaked a dataset containing thousands of email addresses.
    Date: 2026-03-12T01:10:51Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-7-6k-Emails
    Screenshots:
    None
    Threat Actors: formousny
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  103. Alleged Data Breach of Oticket
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Oticket, and the dataset contains user personal informations.
    Date: 2026-03-12T01:05:21Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-oticket-com-br-dumped-users
    Screenshots:
    None
    Threat Actors: lula
    Victim Country: Brazil
    Victim Industry: Events Services
    Victim Organization: oticket
    Victim Site: oticket.com.br
  104. Alleged data breach of Israeli Nuclear Power Plant infrastructure
    Category: Data Breach
    Content: The group claims to have breached data from Israeli Nuclear Power Plant infrastructure
    Date: 2026-03-12T00:59:24Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/358
    Screenshots:
    None
    Threat Actors: Cardinal
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  105. Alleged Data Breach of Ninebot
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Ninebot, and the dataset contains user account information like user id, username, email address, and passwords.
    Date: 2026-03-12T00:55:58Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-ninebot-cn
    Screenshots:
    None
    Threat Actors: Wadjet
    Victim Country: China
    Victim Industry: Consumer Electronics
    Victim Organization: ninebot
    Victim Site: ninebot.cn
  106. Alleged Data Breach of EURL CONEXLOG
    Category: Data Breach
    Content: The threat actor claims to have breached the database of EURL CONEXLOG.
    Date: 2026-03-12T00:35:21Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Algeria-EURL-CONEXLOG-All-Databases-Download
    Screenshots:
    None
    Threat Actors: V1rusNo1r
    Victim Country: Algeria
    Victim Industry: Transportation & Logistics
    Victim Organization: eurl conexlog
    Victim Site: conexlog.com

Related Posts