[March-19-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

This report analyzes a concentrated wave of 92 cybersecurity incidents recorded on or around March 19, 2026. The threat landscape during this period was highly active, characterized by a mix of massive data breaches involving terabytes of sensitive data, widespread and coordinated mass defacement campaigns, and the commercial sale of advanced malware and initial access vectors. The data reveals distinct geopolitical targeting, heavily focusing on Israeli infrastructure and Indian educational sectors, alongside high-profile corporate and military breaches globally.

A. Coordinated Mass Defacement Campaigns

A significant portion of the incidents involved mass website defacements, primarily functioning as hacktivism or low-tier cyber vandalism. Two distinct campaigns dominated this category:

  • The Israeli Campaign (r0ckin & B2Hunters): The threat actor “r0ckin” executed a highly focused campaign against Israeli educational institutions. Victims included the Hebrew University of Jerusalem , Wolfson Faculty of Chemical Engineering , and Campus IL. Simultaneously, the B2Hunters team (operating as Anon.idh) targeted Israeli technology and general websites, indicating a coordinated ideological or geopolitical push against Israeli digital infrastructure.
  • The Indian Campaign (XSQDD PHILIPPINE): The threat actor “PredixorX,” affiliated with the XSQDD PHILIPPINE team, launched a sweeping mass defacement operation targeting Indian websites. This campaign predominantly struck the education and technology training sectors, compromising Linux-based servers to alter content on sites like Zeenet Education , Apna Computer Centre , and HTS Digital.

B. High-Impact Data Breaches and Extortion

Data breaches represented the most severe threat to operational security and privacy, with threat actors leaking or selling massive datasets:

  • Defense & Military Compromises: The most critical incident was claimed by “APT IRAN,” alleging unauthorized access to U.S. defense contractor Lockheed Martin, resulting in the supposed leak of 375 terabytes (TB) of sensitive data related to military programs and personnel. Additionally, the Israeli military suffered severe breaches; the Guardium Hacker Group claimed to have leaked the coordinates of 64 critical IDF bases , while another report detailed the compromise of secure communication codes used by the Israeli army, derived from foreign telecommunications hardware.
  • Corporate & Financial Sector: Financial data was a prime target. ShinyHunters claimed to have breached Berkadia, extracting over 5 million Salesforce records containing PII and corporate data. The threat actor “clavicular” claimed a breach of Polymarket, exposing user account and activity details. In the Middle East, “gtaviispeak” leaked 430,000 user records from the UAE real estate platform Dubizzle.
  • Mass Consumer Data Sales: Threat actor “Shinchan” attempted to sell a massive database containing 70 million U.S. consumer marketing records. Other significant sales included a 2-million-record Australian database and a Swiss citizen database containing 34,000 records with detailed personal and employment information.

C. Initial Access Brokering and Malware as a Service (MaaS)

The underground economy for access and tools remains robust:

  • Malware Sales: Advanced tools were actively marketed on open web forums. “platovoplomo” advertised a C++ based loader featuring GPU-based encryption, token obfuscation, and anti-debugging techniques. Another actor, “Melatonin,” sold the Atroposia RAT, a suite featuring HVNC, vulnerability scanning, and credential harvesting. The “Aphrobyte RAT 2026” was also leaked, offering remote command execution and real-time C2 communication.
  • Initial Access & Credentials: Threat actors frequently sold unauthorized access to content management systems, specifically targeting WordPress sites for U.S. and Israeli online stores. The group “RASHTRIYA CYBER SENA” leaked administrative credentials for Indonesian government portals , while the “Z-PENTEST ALLIANCE” compromised the CCTV systems of a Canadian cannabis facility, gaining real-time control of 16 cameras.

3. Sector Impact Analysis

  • Education: Disproportionately targeted by defacement campaigns, particularly in India and Israel. While mostly resulting in reputational damage and temporary downtime, the sheer volume indicates systemic vulnerabilities in academic web hosting. The Académie de Créteil in France also suffered a severe breach, exposing data on 262,000 teachers.
  • Government & Military: High-value targets suffered severe breaches. The Iraqi Independent High Electoral Commission’s database was put up for sale , and personal emails from the Ministry of Internal Affairs of Ukraine were allegedly leaked. The military sector saw unprecedented alleged leaks regarding Lockheed Martin and the IDF.
  • Critical Infrastructure: The energy sector was targeted, notably with the defacement of SAPPCO (a Saudi petrochemical company) and a massive 937 GB data breach claimed against the Rumaila Operating Organisation in Iraq, potentially exposing oil infrastructure data.
  • Public Safety: A disruptive cyberattack hit Intoxalock, taking systems offline and preventing customers from accessing essential device monitoring and compliance services for ignition interlock devices.

4. Notable Threat Actors

  • r0ckin: Highly active defacer focused exclusively on Israeli educational and institutional domains.
  • PredixorX (XSQDD PHILIPPINE): Prolific actor responsible for a wide-scale Linux server compromise campaign targeting Indian tech and education sites.
  • CoinbaseCartel: A ransomware/extortion group claiming data breaches against multiple corporate entities via Tor networks, including Petra Industries , Ariston Group , and Onyx Graphics.
  • APT IRAN: Claimed responsibility for the massive 375 TB Lockheed Martin data breach, indicating state-sponsored or highly advanced persistent threat capabilities.

5. Conclusion

The threat landscape documented in this dataset highlights a bifurcated cybersecurity environment. On one end of the spectrum, low-sophistication mass defacement campaigns continue to plague poorly secured Linux servers and educational institutions, driven largely by regional or geopolitical hacktivism. On the other end, highly sophisticated actors are successfully extracting terabytes of military, defense, and corporate data, causing severe operational disruptions (such as the Intoxalock incident) and posing massive national security risks (IDF and Lockheed Martin).

Furthermore, the active commercialization of sophisticated malware (like GPU-encrypted C++ loaders) and the steady supply of Initial Access offerings (WordPress admin panels, CCTV networks) guarantee that the barrier to entry for lower-tier cybercriminals remains low, ensuring a continuous volume of future attacks. Organizations must prioritize securing third-party communications hardware, patching outward-facing CMS platforms, and hardening cloud/Salesforce environments to mitigate these prevailing vectors.

Detected Incidents Draft Data

  1. Alleged data leak of Artists & Clients
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Artists & Clients. The compromised data reportedly includes emails, names/usernames, hashed passwords, ip addresses etc.
    Date: 2026-03-19T23:59:16Z
    Network: openweb
    Published URL: https://spear.cx/Thread-Database-Artists-Clients-Leaked-Download
    Screenshots:
    None
    Threat Actors: anonmooose
    Victim Country: USA
    Victim Industry: Hospitality & Tourism
    Victim Organization: artists & clients
    Victim Site: artistsnclients.com
  2. Alleged unauthorized access to Starlink
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to the website of Starlink.
    Date: 2026-03-19T23:57:38Z
    Network: telegram
    Published URL: https://t.me/musicarusaesp/11332
    Screenshots:
    None
    Threat Actors: Desinformador ruso
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: starlink
    Victim Site: starlink.com
  3. Alleged sale of Hotmail email credentials
    Category: Combo List
    Content: Threat actor redcloud is allegedly selling 7.3K valid Hotmail email credentials described as private and high quality, distributed via Telegram and file sharing platform.
    Date: 2026-03-19T23:57:03Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69220/
    Screenshots:
    None
    Threat Actors: redcloud
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
  4. Alleged leak of unauthorized access to Lockheed Martin
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to systems associated with Lockheed Martin, a U.S.-based aerospace and defense organization, and to have leaked sensitive data related to military programs, personnel records, and internal communications. According to the claims, the compromised dataset is estimated to be approximately 375 terabytes (TB).
    Date: 2026-03-19T23:28:25Z
    Network: telegram
    Published URL: https://t.me/c/3575098403/42
    Screenshots:
    None
    Threat Actors: APT IRAN
    Victim Country: USA
    Victim Industry: Defense & Space
    Victim Organization: lockheed martin
    Victim Site: lockheedmartin.com
  5. LAPSUS claims to target companies from USA
    Category: Alert
    Content: A recent post by the group indicates that they are targeting big companies from USA.
    Date: 2026-03-19T23:20:44Z
    Network: telegram
    Published URL: https://t.me/lapsus_groupo/8
    Screenshots:
    None
    Threat Actors: LAPSUS
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  6. Alleged data leak of emails from Ministry of Internal Affairs of Ukraine
    Category: Data Breach
    Content: The group claims to have leaked personal emails belonging to an official associated with the Ministry of Internal Affairs of Ukraine.
    Date: 2026-03-19T23:14:20Z
    Network: telegram
    Published URL: https://t.me/musicarusaesp/11330
    Screenshots:
    None
    Threat Actors: Desinformador ruso
    Victim Country: Ukraine
    Victim Industry: Government Administration
    Victim Organization: ministry of internal affairs of ukraine
    Victim Site: mvs.gov.ua
  7. Alleged Sale of Aphrobyte RAT
    Category: Malware
    Content: Threat actor claims to be selling Aphrobyte RAT 2026, a Remote Access Trojan (RAT) designed for unauthorized control of compromised systems. The malware includes features such as remote command execution, surveillance, credential theft, persistence mechanisms, and real-time communication with command-and-control servers, highlighting evolving sophisticated malware threats.
    Date: 2026-03-19T22:32:37Z
    Network: openweb
    Published URL: https://demonforums.net/Thread-Leak-Aphrobyte-RAT-2026
    Screenshots:
    None
    Threat Actors: rippors
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  8. Alleged Data Breach of Kencana Sari
    Category: Data Breach
    Content: The group claims to have accessed the data of Kencana Sari.
    Date: 2026-03-19T22:25:48Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/281
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: kencana sari
    Victim Site: kencanasari.jakarta.go.id
  9. Alleged Sale of Unauthorized WordPress Access to an Unidentified Medicine Shop in USA
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized WordPress access to an unidentified medicine shop in the USA. The shop has processed approximately 9,443 orders, with recent activity including 139 orders in February and 99 in March, and uses payment methods such as Authorize.Net AIM and PayPal.
    Date: 2026-03-19T22:10:42Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278722/
    Screenshots:
    None
    Threat Actors: Emperorcvv
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  10. r0ckin targets the website of Wolfson Faculty of Chemical Engineering
    Category: Defacement
    Content: The group claims to have defaced the website of Wolfson Faculty of Chemical Engineering.
    Date: 2026-03-19T22:08:38Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609235
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: wolfson faculty of chemical engineering
    Victim Site: chemeng.technion.ac.il
  11. Alleged Sale of Unauthorized WordPress Access to an Unidentified Medicine Shop in Israel
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized WordPress access to an unidentified medicine shop in Israel, stating that the platform has recorded a total of 15,823 orders, with approximately 101 orders per month, and supports payments via card and PayPal.
    Date: 2026-03-19T21:56:08Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278723/
    Screenshots:
    None
    Threat Actors: Emperorcvv
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  12. r0ckin targets the website of The Academic College of Ramat Gan
    Category: Defacement
    Content: The group claims to have defaced the website of The Academic College of Ramat Gan.
    Date: 2026-03-19T21:54:06Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609234
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: the academic college of ramat gan
    Victim Site: iac.ac.il
  13. r0ckin targets the website of Hebrew University of Jerusalem
    Category: Defacement
    Content: The Group claims to have defaced the website of Hebrew University of Jerusalem.
    Date: 2026-03-19T21:44:09Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609237?hz=1
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: hebrew university of jerusalem
    Victim Site: law.huji.ac.il
  14. r0ckin targets the website of ORT Braude College of Engineering
    Category: Defacement
    Content: The Group claims to have defaced the website of ORT Braude College of Engineering.
    Date: 2026-03-19T21:43:22Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609239
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: ort braude college of engineering
    Victim Site: w3.braude.ac.il
  15. r0ckin targets the website of Kaye Academic College of Education
    Category: Defacement
    Content: The group claims to have defaced the website of Kaye Academic College of Education.
    Date: 2026-03-19T21:42:45Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609232
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: kaye academic college of education
    Victim Site: kaye.ac.il
  16. r0ckin targets the website of Shaarei Mishpat Academic Center
    Category: Defacement
    Content: The group claims to have defaced the website of Shaarei Mishpat Academic Center.
    Date: 2026-03-19T21:42:31Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609236
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: shaarei mishpat academic center
    Victim Site: mishpat.ac.il
  17. r0ckin targets the website of Campus IL
    Category: Defacement
    Content: Group claims to have defaced the website of Campus IL
    Date: 2026-03-19T21:40:53Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609213?hz=1
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: E-Learning
    Victim Organization: campus il
    Victim Site: campus.gov.il
  18. r0ckin targets the website of Academic Center for Law and Business
    Category: Defacement
    Content: The group claims to have defaced the website of Academic Center for Law and Business.
    Date: 2026-03-19T21:40:18Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609231
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: academic center for law and business
    Victim Site: clb.ac.il
  19. Alleged Sale of Luxembourg Private Leads
    Category: Data Breach
    Content: A threat actor claims to be selling 35,000 Luxembourg private leads, allegedly collected from advertising campaigns. The dataset reportedly includes client names, phone numbers, mobile numbers, email addresses, and country information.
    Date: 2026-03-19T21:37:41Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278716/
    Screenshots:
    None
    Threat Actors: betway
    Victim Country: Luxembourg
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  20. r0ckin targets the website of The Center for Educational Technology
    Category: Defacement
    Content: Group claims to have defaced the website of The Center for Educational Technology
    Date: 2026-03-19T21:37:20Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609230
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: E-Learning
    Victim Organization: the center for educational technology
    Victim Site: cet.ac.il
  21. r0ckin targets the website of Western Galilee College
    Category: Defacement
    Content: The group claims to have defaced the website of Western Galilee College.
    Date: 2026-03-19T21:34:14Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41609233
    Screenshots:
    None
    Threat Actors: r0ckin
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: western galilee college
    Victim Site: wgalil.ac.il
  22. Website defacement of Space Cinema by Zod
    Category: Defacement
    Content: The attacker Zod successfully defaced the Space Cinema website on March 20, 2026. The defacement targeted a specific page rather than the homepage and was archived for documentation purposes.
    Date: 2026-03-19T21:25:32Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248045
    Screenshots:
    None
    Threat Actors: Zod, Zod
    Victim Country: Nigeria
    Victim Industry: Entertainment
    Victim Organization: Space Cinema
    Victim Site: live.spacecinema.com.ng
  23. Mass defacement of SpaceCinema website by Zod
    Category: Defacement
    Content: The attacker Zod conducted a mass defacement campaign targeting the SpaceCinema entertainment website in Nigeria. This incident was part of a broader mass defacement operation rather than a targeted single-site attack.
    Date: 2026-03-19T21:24:43Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248046
    Screenshots:
    None
    Threat Actors: Zod, Zod
    Victim Country: Nigeria
    Victim Industry: Entertainment
    Victim Organization: SpaceCinema
    Victim Site: cinema.spacecinema.com.ng
  24. Alleged Sale of Unauthorized WordPress Access to an Unidentified Auto Parts Shop in the United States
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized WordPress access to an unidentified auto parts shop in the United States, stating that payments are processed via Stripe and Authorize.Net through a frame-based setup, with reported transactions of 971 in January, 1000 in February, and 1000 in December.
    Date: 2026-03-19T20:40:10Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278714/
    Screenshots:
    None
    Threat Actors: citizenfour
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  25. Alleged Sale of C++ Loader
    Category: Malware
    Content: Threat Actor claims to be selling a C++ based loader bundled with a GitHub-based command-and-control (C2) mechanism and GPU-based encryption capabilities. The tool includes features such as token obfuscation, indirect syscalls, custom hash-based API resolution, in-memory execution, remote process injection, anti-debugging and anti-sandbox techniques, GPU-assisted encryption using compute shaders, and a control panel for deployment, payload management, and real-time command execution.
    Date: 2026-03-19T19:35:56Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278709/
    Screenshots:
    None
    Threat Actors: platovoplomo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  26. Alleged Sale of HTX, MEXC, and Stake Accounts
    Category: Data Breach
    Content: A threat actor claims to be selling ready-made HTX, MEXC, and Stake accounts with completed KYC levels . The actor also offers to complete KYC on existing accounts and accepts individual orders, with pricing stated as negotiable per account.
    Date: 2026-03-19T18:45:17Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278704/
    Screenshots:
    None
    Threat Actors: LOGS_KING
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. INDOHAXSEC targets the website of standfor.org.il
    Category: Defacement
    Content: The group claims to have defaced the website of standfor.org.il.
    Date: 2026-03-19T18:02:21Z
    Network: telegram
    Published URL: https://t.me/IndoHaxSec3/78
    Screenshots:
    None
    Threat Actors: INDOHAXSEC
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: standfor.org.il
  28. White System./404 targets the website of GoSEO
    Category: Defacement
    Content: The group claims to have defaced the website of GoSEO.
    Date: 2026-03-19T17:34:16Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41607937
    Screenshots:
    None
    Threat Actors: White System./404
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: goseo
    Victim Site: goseo.co.il
  29. Alleged Sale of Switzerland citizen Database
    Category: Data Breach
    Content: A threat actor claims to be selling a Swiss citizen database containing approximately 34,000 records. The dataset reportedly includes personal information such as names, birthdates, phone numbers, email addresses, and detailed address information, along with employment-related details.
    Date: 2026-03-19T17:33:31Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278701/
    Screenshots:
    None
    Threat Actors: Andropa1221
    Victim Country: Switzerland
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  30. Alleged data breach of Académie de Créteil
    Category: Data Breach
    Content: The threat actor claims to have breached 262,000 of data from Académie de Créteil, The dataset reportedly includes 206,169 addresses, 262,651 emails, and 231,941 phone numbers, with proof links to verify the dataset.
    Date: 2026-03-19T17:26:55Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-FR-AC-Cretail-262K-Teachers
    Screenshots:
    None
    Threat Actors: HexDex
    Victim Country: France
    Victim Industry: Education
    Victim Organization: académie de créteil
    Victim Site: ac-creteil.fr
  31. Alleged unauthorized access to unidentified organizations in Brazil
    Category: Initial Access
    Content: The threat actor claims to have selling unauthorized access to unidentified organization, The post mentions two separate targets first target is a Food & Beverage retail/distribution company with 74.96 GB of data being sold for $500. The second is a Meat/Butcher company with 37.19 GB of data priced at $200.
    Date: 2026-03-19T17:26:45Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Corporate-Cloud-Accesses-2
    Screenshots:
    None
    Threat Actors: vexin
    Victim Country: Brazil
    Victim Industry: Food & Beverages
    Victim Organization: Unknown
    Victim Site: Unknown
  32. Alleged data leak of organizations in China
    Category: Data Breach
    Content: The threat actor claims to have leaked the database related to Chinas organisations. The post indicates interest in acquiring previously unused or unsold datasets, suggesting potential intent to obtain sensitive financial and user-related information.
    Date: 2026-03-19T17:01:04Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Buying-Looking-for-China-region-data-online-loan-overdue-records-gambling-user-withdrawal
    Screenshots:
    None
    Threat Actors: loveusd
    Victim Country: China
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  33. Alleged data breach of Ron Shpigel Architects
    Category: Data Breach
    Content: The group claims to have deleted data from Ron Shpigel Architects.
    Date: 2026-03-19T16:57:10Z
    Network: telegram
    Published URL: https://t.me/Anon_Israel35/42
    Screenshots:
    None
    Threat Actors: Anonymous For Justice
    Victim Country: Israel
    Victim Industry: Architecture & Planning
    Victim Organization: ron shpigel architects
    Victim Site: shpigelarch.co.il
  34. TEGAL CYBER TEAM targets the website of Nextgen Laser Tech
    Category: Defacement
    Content: The group claims to have defaced the website of Nextgen Laser Tech.
    Date: 2026-03-19T16:52:24Z
    Network: telegram
    Published URL: https://t.me/tegalcyberteamch/260
    Screenshots:
    None
    Threat Actors: TEGAL CYBER TEAM
    Victim Country: India
    Victim Industry: Machinery Manufacturing
    Victim Organization: nextgen laser tech
    Victim Site: nextgenlaser.in
  35. Alleged Leak of Coruna RCE
    Category: Data Breach
    Content: The threat actor claims that a leaked version of the “Coruna” exploit is currently being used against iOS 26.3 devices.
    Date: 2026-03-19T16:14:08Z
    Network: openweb
    Published URL: https://xss.pro/threads/146488/
    Screenshots:
    None
    Threat Actors: ski
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  36. Website defacement of mepwer.com by systemdarkdenied
    Category: Defacement
    Content: The attacker systemdarkdenied successfully defaced the mepwer.com website on March 19, 2026. This was an isolated single-target defacement incident targeting a Linux-based web server.
    Date: 2026-03-19T15:56:09Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248044
    Screenshots:
    None
    Threat Actors: systemdarkdenied
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: mepwer.com
  37. Alleged data breach of Berkadia
    Category: Data Breach
    Content: The threat actor claims to have obtained and leaked a database from Berkadia. The leaked data reportedly includes over 5 million Salesforce records containing PII and internal corporate information.
    Date: 2026-03-19T15:26:36Z
    Network: tor
    Published URL: http://toolatedhs5dtr2pv6h5kdraneak5gs3sxrecqhoufc5e45edior7mqd.onion/
    Screenshots:
    None
    Threat Actors: ShinyHunters
    Victim Country: USA
    Victim Industry: Financial Services
    Victim Organization: berkadia
    Victim Site: berkadia.com
  38. Alleged leak of LinkedIn data from Iraq
    Category: Data Breach
    Content: The group claims to have leaked 76.8 MB of LinkedIn data from Iraq.
    Date: 2026-03-19T15:13:03Z
    Network: telegram
    Published URL: https://t.me/c/3398932380/1106
    Screenshots:
    None
    Threat Actors: Escanors Official
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  39. Website defacement of SAPPCO by systemdarkdenied
    Category: Defacement
    Content: The attacker systemdarkdenied defaced the SAPPCO website on March 19, 2026. SAPPCO is a Saudi Arabian petrochemical company, making this an attack against critical energy infrastructure.
    Date: 2026-03-19T15:08:22Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248043
    Screenshots:
    None
    Threat Actors: systemdarkdenied
    Victim Country: Saudi Arabia
    Victim Industry: Oil and Gas
    Victim Organization: SAPPCO
    Victim Site: www.sappco.com.sa
  40. Cyberattack Hits Intoxalock
    Category: Cyber Attack
    Content: A cyberattack disrupted the services of Intoxalock after its systems were taken offline, impacting customers’ ability to access essential functions such as device monitoring, account management, and support services. The incident caused widespread inconvenience, particularly for users dependent on ignition interlock devices for compliance requirements. While the exact nature of the attack has not been fully disclosed, the company acknowledged the disruption and has been working to restore services. No confirmation of data compromise has been reported, and an investigation into the incident is ongoing.
    Date: 2026-03-19T14:21:50Z
    Network: openweb
    Published URL: https://www.ceoutlook.com/2026/03/18/cyberattack-disrupts-intoxalock-services/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: USA
    Victim Industry: Public Safety
    Victim Organization: intoxalock
    Victim Site: intoxalock.com
  41. Hax.or targets the website of sof-sof.co.il
    Category: Defacement
    Content: The group claims to have defaced the website of sof-sof.co.il.
    Date: 2026-03-19T13:30:48Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129263
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: sof-sof.co.il
  42. Alleged leak of login credentials to SIPPELA
    Category: Initial Access
    Content: The group claims to have leaked the login credentials to SIPPELA.
    Date: 2026-03-19T13:26:51Z
    Network: telegram
    Published URL: https://t.me/CinCauGhast404/16
    Screenshots:
    None
    Threat Actors: CinCauGhast
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: sippela
    Victim Site: sippela.bandung.go.id
  43. Israeli Army’s Secure Communications Suffers Breach
    Category: Data Breach
    Content: Tasnim News Agency reports that specialized communications groups have allegedly compromised secure-communication codes used by the Israeli army. According to the report, the breach occurred after gaining insight into the companies and telecommunications hardware supporting the military’s encrypted infrastructure—equipment sourced from Italy, Germany, Austria, and France.Critical battlefield communications, including long-range wireless connectivity with command-and-control systems, reportedly rely on an encrypted internet-based telephony system built on these foreign platforms. Following the leak of underlying infrastructure data, cyber specialists are said to have obtained associated encryption systems.The Israeli army has reportedly acknowledged awareness of the leaked information and is considering deploying a new communications system, although such a transition is expected to be difficult and slow.
    Date: 2026-03-19T13:20:27Z
    Network: openweb
    Published URL: https://tasnimnews.ir/en/news/2026/03/19/3544754/codes-of-secure-communication-infrastructure-in-israeli-army-leaked
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Israel
    Victim Industry: Military Industry
    Victim Organization: israel defense forces
    Victim Site: idf.il
  44. Alleged Data Breach of Polymarket
    Category: Data Breach
    Content: The threat actor claims to have breached data from Polymarket.The compromised data includes account details, activity information, and other associated records.
    Date: 2026-03-19T13:17:09Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278688/
    Screenshots:
    None
    Threat Actors: clavicular
    Victim Country: USA
    Victim Industry: Financial Services
    Victim Organization: polymarket
    Victim Site: polymarket.com
  45. Hax.or targets the website of SunTech
    Category: Defacement
    Content: The group claims to have defaced the website of SunTech.
    Date: 2026-03-19T13:15:56Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129262
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Israel
    Victim Industry: Events Services
    Victim Organization: suntech
    Victim Site: suntech.org.il
  46. Alleged Sale of Atroposia RAT Malware Suite
    Category: Malware
    Content: The threat actor claims to be selling a multifunctional malware toolkit named Atroposia RAT, featuring remote access, data exfiltration, credential harvesting, and system control capabilities. The tool reportedly includes modules for HVNC, file management, vulnerability scanning, and network manipulation, enabling attackers to monitor, control, and extract sensitive data from compromised systems.
    Date: 2026-03-19T13:09:20Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278681/
    Screenshots:
    None
    Threat Actors: Melatonin
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  47. Mass defacement targeting Israeli websites by B2Hunters team member Anon.idh
    Category: Defacement
    Content: B2Hunters team member Anon.idh conducted a mass defacement campaign targeting Israeli websites including sof-sof.co.il on March 19, 2026. The attack was part of a broader mass defacement operation rather than targeting a specific organization.
    Date: 2026-03-19T12:23:32Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248041
    Screenshots:
    None
    Threat Actors: Anon.idh, B2Hunters
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: sof-sof.co.il
  48. Mass defacement targeting Israeli technology organizations by B2Hunters team
    Category: Defacement
    Content: The B2Hunters team, operating under the alias Anon.idh, conducted a mass defacement campaign targeting Israeli websites including suntech.org.il on March 19, 2026. This attack was part of a broader coordinated effort against multiple Israeli technology sector websites rather than an isolated incident.
    Date: 2026-03-19T12:23:03Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248042
    Screenshots:
    None
    Threat Actors: Anon.idh, B2Hunters
    Victim Country: Israel
    Victim Industry: Technology
    Victim Organization: Suntech
    Victim Site: suntech.org.il
  49. Alleged Leak of Israeli Military Sites data
    Category: Data Breach
    Content: The Guardium Hacker Group announced that it has continued its cyber-operations by allegedly uncovering the precise coordinates of 24 critical military bases belonging to Israel Defense Forces in Israel. According to the group’s statement, a total of 64 locations—comprising primary IDF bases, strategic military installations, and factories associated with defense production—were disclosed.
    Date: 2026-03-19T12:10:28Z
    Network: telegram
    Published URL: https://t.me/cyberbannews_ir/20621?single
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Israel
    Victim Industry: Military Industry
    Victim Organization: israel defense forces
    Victim Site: idf.il
  50. Alleged Sale of Identity Documents and Personal Data Packages
    Category: Data Breach
    Content: The threat actor claims to be selling identity document packages and personal data, including UK and US records. The offering reportedly includes scanned IDs, passports, selfies, and text files containing sensitive information such as full names, dates of birth, addresses, SSNs, and other identification details, along with data search services.
    Date: 2026-03-19T11:57:42Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278676/
    Screenshots:
    None
    Threat Actors: My_World
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  51. Aleged data breach of Petra Industries, LLC.
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-19T11:44:42Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/petra
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: USA
    Victim Industry: Wholesale
    Victim Organization: petra industries, llc.
    Victim Site: petra.com
  52. Alleged data breach of Government Post Graduate Collage
    Category: Data Breach
    Content: Threat actor claims to have breached data from Government Post Graduate Collage.
    Date: 2026-03-19T11:42:00Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/98
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: India
    Victim Industry: Education
    Victim Organization: government post graduate collage
    Victim Site: thalisaingdc.ac.in
  53. Aleged data breach of Ariston Group
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-19T11:39:35Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/ariston
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: Italy
    Victim Industry: Manufacturing
    Victim Organization: ariston group
    Victim Site: ariston.com
  54. Aleged data breach of Onyx Graphics, Inc.
    Category: Data Breach
    Content: The group claims to have breached the organizations data.
    Date: 2026-03-19T11:34:22Z
    Network: tor
    Published URL: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/onyx
    Screenshots:
    None
    Threat Actors: CoinbaseCartel
    Victim Country: USA
    Victim Industry: Software Development
    Victim Organization: onyx graphics, inc.
    Victim Site: onyxgfx.com
  55. Alleged leak of login credentials to WM Center
    Category: Initial Access
    Content: The group claims to have leaked login credentials to WM Center.
    Date: 2026-03-19T10:41:09Z
    Network: telegram
    Published URL: https://t.me/teamRcs/150
    Screenshots:
    None
    Threat Actors: RASHTRIYA CYBER SENA
    Victim Country: Indonesia
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: wm center
    Victim Site: wmcenter.id
  56. Alleged admin access to unidentified organization in Bangladesh
    Category: Initial Access
    Content: The group claims to have gained unauthorized admin access to unidentified organization in Bangladesh.
    Date: 2026-03-19T10:39:44Z
    Network: telegram
    Published URL: https://t.me/teamRcs/148
    Screenshots:
    None
    Threat Actors: RASHTRIYA CYBER SENA
    Victim Country: Bangladesh
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  57. Alleged data breach of Tanda Tangan Elektronik Pemerintah Kabupaten Badung
    Category: Data Breach
    Content: The group claims to have breached internal data from Tanda Tangan Elektronik Pemerintah Kabupaten Badung.
    Date: 2026-03-19T10:38:48Z
    Network: telegram
    Published URL: https://t.me/teamRcs/151
    Screenshots:
    None
    Threat Actors: RASHTRIYA CYBER SENA
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: tanda tangan elektronik pemerintah kabupaten badung
    Victim Site: tte.badungkab.go.id
  58. Alleged leak of login credentials to DKI Jakarta Population and Civil Registration Service
    Category: Initial Access
    Content: The group claims to have leaked the login credentials to Dinas Kependudukan dan Pencatatan Sipil DKI Jakarta.
    Date: 2026-03-19T10:33:38Z
    Network: telegram
    Published URL: https://t.me/CinCauGhast404/13
    Screenshots:
    None
    Threat Actors: CinCauGhast
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: dki jakarta population and civil registration service
    Victim Site: datawarga-dukcapil.jakarta.go.id
  59. Alleged data leak of unidentified US organisation
    Category: Data Breach
    Content: The threat actor claims to have accessed and extracted data from an unidentified US organisation. They allege possession of ‘official data’ and additional sensitive information obtained over a two-month intrusion into an unspecified internal system.
    Date: 2026-03-19T10:11:20Z
    Network: telegram
    Published URL: https://t.me/petrusinformation/449
    Screenshots:
    None
    Threat Actors: Petrusnism
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  60. InDoM1nus Team targets the website of PTUN
    Category: Defacement
    Content: The group claims to have defaced the website of PTUN.
    Date: 2026-03-19T09:55:33Z
    Network: telegram
    Published URL: https://t.me/InDoM1nusTe4m/118
    Screenshots:
    None
    Threat Actors: InDoM1nus Team
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: ptun
    Victim Site: latun.or.id
  61. Alleged data leak of Israel
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly containing email addresses and phone numbers of individuals based in Israel.
    Date: 2026-03-19T08:38:37Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-EMAIL-CONTACT-ISRAEL
    Screenshots:
    None
    Threat Actors: D4nzXploit
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  62. Alleged Leak of SQL Injection Vulnerability in Department of Environment and Forestry of Riau Province
    Category: Vulnerability
    Content: The group claims to have leaked SQL injection vulnerability in Department of Environment and Forestry of Riau Province website.
    Date: 2026-03-19T08:23:32Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/93
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: department of environment and forestry of riau province
    Victim Site: dislhk.riau.go.id
  63. Website defacement of latun.or.id by AmbaZy
    Category: Defacement
    Content: The website latun.or.id was defaced by an individual attacker identified as AmbaZy on March 19, 2026. The attack targeted a Linux-based server and appears to be an isolated defacement rather than part of a mass campaign.
    Date: 2026-03-19T07:59:12Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248040
    Screenshots:
    None
    Threat Actors: Hacked By AmbaZy
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: latun.or.id
  64. Alleged Sale of Australia Data
    Category: Data Breach
    Content: Threat actor claims to be selling a database containing approximately 2 million records from Australia. The leaked data reportedly includes personal information such as names, email addresses, and phone numbers.
    Date: 2026-03-19T06:37:19Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278663/
    Screenshots:
    None
    Threat Actors: Goldstones
    Victim Country: Australia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  65. Alleged data breach of Dubizzle
    Category: Data Breach
    Content: Threat actor claims to have leaked data from Dubizzle. The compromised dataset reportedly contains approximately 430,000 user records, including email addresses, phone numbers, names, gender, location details (city, neighborhood, address, ZIP code, coordinates), as well as transaction-related information such as total spending, transaction counts, account activity, and device details.
    Date: 2026-03-19T06:36:35Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-430k-United-Arab-Emirates-https-www-dubizzle-com-User-profiles-email-phonetrans
    Screenshots:
    None
    Threat Actors: gtaviispeak
    Victim Country: UAE
    Victim Industry: Real Estate
    Victim Organization: dubizzle
    Victim Site: dubizzle.com
  66. Alleged Data Leak of ntlworld.com
    Category: Data Breach
    Content: Threat actor claims to be leaking a database containing approximately 6,000+ email:password combinations allegedly associated with the ntlworld.com domain.
    Date: 2026-03-19T06:12:40Z
    Network: openweb
    Published URL: http://niflheim.world/threads/6-035-lines-ntlworld-com-domain-target.164329/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: ntlworld
    Victim Site: ntlworld.com
  67. Alleged Sale of Unauthorized Admin Access to bimehnovingilan.ir
    Category: Initial Access
    Content: Threat Actor claims to have leaked unauthorized admin access to bimehnovingilan.ir
    Date: 2026-03-19T05:54:35Z
    Network: openweb
    Published URL: https://xforums.st/threads/bimehnovingilan-ir-admin-wp-login.538537/
    Screenshots:
    None
    Threat Actors: X Forum Bot
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: bimehnovingilan.ir
  68. BABAYO EROR SYSTEM targets the website of Dulwich College School Tondano
    Category: Defacement
    Content: The group claims to have defaced the website of Dulwich College School Tondano.
    Date: 2026-03-19T05:37:00Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/273
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: dulwich college school tondano
    Victim Site: mail.smadcs-tdo.sch.id
  69. Alleged Leak of US Driver’s License and Selfie Data
    Category: Data Breach
    Content: The threat actor claims to have leaked the dataset allegedly containing identity-related documents from Arkansas, USA.
    Date: 2026-03-19T05:28:06Z
    Network: openweb
    Published URL: https://spear.cx/Thread-Free-USA-Arkansas-DL-Selfie-FRESH
    Screenshots:
    None
    Threat Actors: DataIntel
    Victim Country: USA
    Victim Industry: Government Relations
    Victim Organization: Unknown
    Victim Site: Unknown
  70. Alleged Sale of Akrunow Securities Investment Database
    Category: Data Breach
    Content: The threat actor claims to be selling a dataset allegedly associated with Akrunow Securities investment platform. The dataset contains personal and investment related user data.
    Date: 2026-03-19T04:42:05Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-Malaysian-Akrunow-Securities-stock-investment-1300k
    Screenshots:
    None
    Threat Actors: DDying
    Victim Country: Malaysia
    Victim Industry: Financial Services
    Victim Organization: akrunow securities
    Victim Site: akrunow.com
  71. Alleged Sale of U.S. Consumer Marketing Database
    Category: Data Breach
    Content: The threat actor claims to be selling a large-scale dataset containing over 70 million U.S. consumer records.
    Date: 2026-03-19T03:51:51Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-USA-70M-PERSONAL-DATA-INFORMATION-CONSUMER-MARKETING-RECORDS
    Screenshots:
    None
    Threat Actors: Shinchan
    Victim Country: USA
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: Unknown
    Victim Site: Unknown
  72. Alleged Sale of Iraqi Election Database
    Category: Data Breach
    Content: The threat actor claims to be selling Iraqi Election Database. The dataset contains Iraqi election-related data sourced from the Independent High Electoral Commission (IHEC).
    Date: 2026-03-19T03:36:51Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-USA-70M-PERSONAL-DATA-INFORMATION-CONSUMER-MARKETING-RECORDS
    Screenshots:
    None
    Threat Actors: Shinchan
    Victim Country: Iraq
    Victim Industry: Government Relations
    Victim Organization: independent high electoral commission (ihec)
    Victim Site: ihec.iq
  73. Mass defacement targeting Indian educational institutions by XSQDD PHILIPPINE team member PredixorX
    Category: Defacement
    Content: The XSQDD PHILIPPINE team, specifically attacker PredixorX, conducted a mass defacement campaign targeting Indian educational websites including zeenetedu.in. This incident was part of a broader coordinated attack affecting multiple educational institutions rather than an isolated single-site compromise.
    Date: 2026-03-19T03:24:39Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248029
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: Zeenet Education
    Victim Site: www.zeenetedu.in
  74. Mass website defacement by PredixorX (XSQDD PHILIPPINE) targeting Indian computer center
    Category: Defacement
    Content: PredixorX from XSQDD PHILIPPINE team conducted a mass defacement campaign targeting multiple websites including Apna Computer Centre in India. The attack occurred on March 19, 2026 against a Linux-based server hosting the computer training centers website.
    Date: 2026-03-19T03:24:10Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248030
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education/Technology Training
    Victim Organization: Apna Computer Centre
    Victim Site: apnacomputercentre.in
  75. Mass website defacement by XSQDD PHILIPPINE targeting htsdigital.in
    Category: Defacement
    Content: The threat actor PredixorX from XSQDD PHILIPPINE team conducted a mass defacement campaign targeting htsdigital.in on March 19, 2026. The attack was part of a broader mass defacement operation rather than a targeted single-site attack.
    Date: 2026-03-19T03:23:40Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248031
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Technology
    Victim Organization: HTS Digital
    Victim Site: htsdigital.in
  76. Alleged data breach of VUCE Colombia
    Category: Data Breach
    Content: The threat actor claims to be breached VUCE Colombia. The exposed data fields includes Company name, company address, company email, company number, address, name, home address, phone number, email and much more information.
    Date: 2026-03-19T03:22:46Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-CO-50K-PBN-VUCE-GOV-CO
    Screenshots:
    None
    Threat Actors: darkso
    Victim Country: Colombia
    Victim Industry: Government & Public Sector
    Victim Organization: vuce colombia
    Victim Site: pbn.vuce.gov.co
  77. Website defacement of MCEC by PredixorX (XSQDD PHILIPPINE team)
    Category: Defacement
    Content: The website mcec.in was defaced by attacker PredixorX from the XSQDD PHILIPPINE team on March 19, 2026. This was part of a mass defacement campaign targeting multiple websites.
    Date: 2026-03-19T03:22:37Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248032
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: MCEC
    Victim Site: mcec.in
  78. Mass website defacement of M2 Institute by PredixorX/XSQDD PHILIPPINE
    Category: Defacement
    Content: PredixorX from the XSQDD PHILIPPINE team conducted a mass defacement attack targeting M2 Institutes website on March 19, 2026. The attack was part of a broader mass defacement campaign rather than a targeted single-site attack.
    Date: 2026-03-19T03:22:12Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248034
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: M2 Institute
    Victim Site: m2institute.in
  79. Mass defacement campaign by XSQDD PHILIPPINE targeting scilm.in
    Category: Defacement
    Content: XSQDD PHILIPPINE threat group conducted a mass defacement campaign targeting scilm.in on March 19, 2026. The attack was carried out by threat actor PredixorX as part of a broader mass defacement operation affecting multiple websites.
    Date: 2026-03-19T03:21:39Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248035
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: scilm.in
  80. Mass defacement targeting Indian technology company by XSQDD Philippine team member PredixorX
    Category: Defacement
    Content: The website of Xectiq India was defaced by PredixorX, a member of the XSQDD Philippine team, as part of a mass defacement campaign. The attack targeted the Indian technology companys website on March 19, 2026.
    Date: 2026-03-19T03:21:08Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248036
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Technology
    Victim Organization: Xectiq India
    Victim Site: www.xectiqindia.in
  81. Mass defacement campaign by XSQDD PHILIPPINE targeting malikcomputers.in
    Category: Defacement
    Content: XSQDD PHILIPPINE threat group conducted a mass defacement campaign targeting multiple websites including malikcomputers.in on March 19, 2026. The attack was executed by threat actor PredixorX as part of a broader coordinated defacement operation.
    Date: 2026-03-19T03:20:18Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248037
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Technology/Computer Services
    Victim Organization: Malik Computers
    Victim Site: malikcomputers.in
  82. Mass defacement campaign by XSQDD PHILIPPINE targeting pkcomputerpvtltd.in
    Category: Defacement
    Content: The XSQDD PHILIPPINE team conducted a mass defacement campaign targeting multiple websites including PK Computer Pvt Ltds website. The attack was executed by threat actor PredixorX on March 19, 2026, compromising a Linux-based server.
    Date: 2026-03-19T03:19:46Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248039
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Technology
    Victim Organization: PK Computer Pvt Ltd
    Victim Site: pkcomputerpvtltd.in
  83. Mass website defacement campaign by XSQDD PHILIPPINE targeting indiasiit.in
    Category: Defacement
    Content: XSQDD PHILIPPINE threat actor conducted a mass defacement campaign targeting indiasiit.in on March 19, 2026. The attack was executed by PredixorX and represents part of a broader mass defacement operation rather than a targeted single-site attack.
    Date: 2026-03-19T03:14:02Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248024
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: SIIT India
    Victim Site: indiasiit.in
  84. Mass defacement campaign by XSQDD PHILIPPINE targeting educational institutions
    Category: Defacement
    Content: The XSQDD PHILIPPINE group conducted a mass defacement campaign targeting educational websites, with attacker PredixorX compromising the NCEP Computer website as part of a broader coordinated attack. The incident was part of a mass defacement operation rather than a targeted individual attack.
    Date: 2026-03-19T03:13:35Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248025
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: NCEP Computer
    Victim Site: www.ncepcomputer.in
  85. Mass website defacement by XSQDD PHILIPPINE targeting educational institution
    Category: Defacement
    Content: XSQDD PHILIPPINE group conducted a mass defacement attack targeting multiple websites including Hojai Computer Academys educational platform. The attack was executed by threat actor PredixorX on March 19, 2026.
    Date: 2026-03-19T03:12:59Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248026
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: Hojai Computer Academy
    Victim Site: old.hojaicomputeracademy.in
  86. Mass defacement campaign by XSQDD PHILIPPINE targeting rcppindia.in
    Category: Defacement
    Content: The threat actor PredixorX from XSQDD PHILIPPINE team conducted a mass defacement campaign targeting rcppindia.in on March 19, 2026. The attack was part of a broader mass defacement operation rather than targeting a specific homepage.
    Date: 2026-03-19T03:12:20Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248027
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: RCPP India
    Victim Site: rcppindia.in
  87. Mass website defacement by PredixorX/XSQDD PHILIPPINE targeting byteinstitute.in
    Category: Defacement
    Content: PredixorX from the XSQDD PHILIPPINE team conducted a mass defacement attack targeting byteinstitute.in on March 19, 2026. The attack was part of a larger mass defacement campaign rather than targeting this specific educational institution.
    Date: 2026-03-19T03:11:59Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248028
    Screenshots:
    None
    Threat Actors: PredixorX, XSQDD PHILIPPINE
    Victim Country: India
    Victim Industry: Education
    Victim Organization: Byte Institute
    Victim Site: byteinstitute.in
  88. Alleged Sale of Classified U.S. Intelligence Document
    Category: Data Breach
    Content: The threat actor claims to be selling a classified intelligence document reportedly produced by a U.S. intelligence entity.
    Date: 2026-03-19T03:10:15Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Document-TOP-SECRET-Classified-US-intelligence-document-for-sale
    Screenshots:
    None
    Threat Actors: dsdave
    Victim Country: USA
    Victim Industry: Government Administration
    Victim Organization: u.s. intelligence community
    Victim Site: Unknown
  89. Alleged Unauthorized Access to the CCTV System of The Green Bouquet Cannabis Inc.
    Category: Initial Access
    Content: The threat actor claims to have gained unauthorized access to the CCTV system of The Green Bouquet Cannabis Inc., a cannabis facility reportedly in Australia. They report real-time access and full control over 16 CCTV cameras, monitoring key areas of the premises, indicating a potential complete compromise of the surveillance system.
    Date: 2026-03-19T01:55:06Z
    Network: telegram
    Published URL: https://t.me/c/3792806777/24
    Screenshots:
    None
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Canada
    Victim Industry: Retail Industry
    Victim Organization: the green bouquet cannabis inc
    Victim Site: thegreenbouquetcannabis.com
  90. BABAYO EROR SYSTEM targets the website of Ribersol Aquecedores
    Category: Defacement
    Content: The group claims to have defaced the website of Ribersol Aquecedores .
    Date: 2026-03-19T00:44:19Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/272
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Brazil
    Victim Industry: Energy & Utilities
    Victim Organization: ribersol aquecedores
    Victim Site: ribersolaquecedores.com.br
  91. Alleged unauthorized access to CCTV Systems
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to multiple CCTV Systems
    Date: 2026-03-19T00:43:36Z
    Network: telegram
    Published URL: https://t.me/op_morningstar/556?single
    Screenshots:
    None
    Threat Actors: MORNING STAR
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  92. Alleged data breach of Rumaila Operating Organisation
    Category: Data Breach
    Content: The threat actor claims to have breached 937 GB of internal data from Rumaila Operating Organization, reportedly including sensitive information related to oil infrastructure and operational systems.
    Date: 2026-03-19T00:17:03Z
    Network: openweb
    Published URL: http://nasir.cc/pages/rumaila.html
    Screenshots:
    None
    Threat Actors: Nasir Security
    Victim Country: Iraq
    Victim Industry: Oil & Gas
    Victim Organization: rumaila operating organisation
    Victim Site: rumaila.iq

Related Posts