[March-21-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report details a series of recent cyber incidents, providing key information for each event strictly based on the provided data. Over a 24-hour monitoring period spanning March 21 to March 22, 2026, 140 distinct cybersecurity incidents were recorded. The threat landscape is overwhelmingly dominated by the distribution of credential “Combo Lists,” highlighting a massive, ongoing campaign of credential harvesting and recycling targeting major technology providers. Furthermore, the period saw significant data breaches affecting government entities, telecommunications, and healthcare, alongside a persistent wave of politically or ideologically motivated website defacements.

2. Threat Landscape & Attack Categorization

The incidents observed can be classified into several primary categories, each representing different phases and methodologies of cybercriminal activity.

2.1 Credential Combo Lists (The Dominant Vector)

The vast majority of the recorded incidents involve the distribution of credential combolists on underground forums (primarily CrackingX) and Telegram channels.

• Targeted Platforms: Major email providers are the primary targets. There were massive, repeated leaks targeting Microsoft’s Outlook and Hotmail services. Google’s Gmail was also explicitly targeted, with one list containing over 306,000 unique combinations. Yahoo accounts were targeted with lists exceeding 1.4 million and 1.9 million records.
• Corporate & Regional Targeting: Threat actors did not solely focus on general consumers. HQcomboSpace leaked over 145,000 corporate email credentials. Furthermore, specific geographic targeting was evident, with multiple massive combolists specifically containing German (.de) domain credentials and German shopping site credentials.
• Scale of Distribution: The volume of compromised records is staggering. Threat actor CODER distributed lists containing 12 million corporate credentials , 21 million SMTP credentials , and a massive list of 23 million mixed entries.

2.2 High-Impact Data Breaches & Leaks

Several high-profile organizations suffered alleged data breaches, resulting in the exposure of sensitive Personally Identifiable Information (PII), financial data, and internal corporate infrastructure.

• Telecommunications: Threat actor Tanaka claimed to have breached Orange Romania, leaking customer records, source code, internal documents, and credit card details. A separate actor, PeakyBlinders, claimed a leak of 10.9 million records from Rogers Communications and Fido in Canada.
• Healthcare & Pharmaceuticals: The LAPSUS-GROUP claimed to sell leaked data from UK-based AstraZeneca, reportedly containing Azure, AWS, and Terraform source code alongside employee data. In the US, actor uawrongteam claimed a breach of Healthcare.com and Pivot Health, exposing 2 million records including insurance details and password hashes. A medical record database from a Naval Hospital was also allegedly leaked by XZeeoneOfc.
• Financial Services: Actor Blastoize claimed to have breached 243 million records from Brazilian financial protection service Credilink, exposing CPF numbers, income, and federal status records. Dedale Office claimed a leak of 7 million records from Santander Bank Mexico.
• Government & International Bodies: Actor XZeeoneOfc claimed multiple breaches related to the United Nations, including the UN Committee on the Rights of the Child (CRC) and the Lebanon Crisis Response Plan (LCRP). NyxarGroup allegedly sold a dataset from Colombia’s national civil registry system.

2.3 Hacktivism and Website Defacement

Defacement campaigns remain a visible, though often lower-impact, form of cyber attack. These were heavily concentrated geographically and driven by specific groups.

• konco Indonesian Team official: This group was highly active, defacing multiple global targets including the Graphic Design Association in Saudi Arabia , Depok City Government in Indonesia , and various educational and real estate sites.
• Anti-Israel Campaigns: Several groups focused on Israeli infrastructure. GORZ ROSTAM defaced multiple Israeli businesses, including Sea Kayak Israel, Alumatt, and Even Niyar VeMisparayim. DieNet targeted the Open University of Israel , and VandaTheGod defaced Eventbuzz.
• Shadow Cyber Indonesia: Focused primarily on the hospitality sector, defacing The Queeny Hotel and Hotel Citadel Surat in India, and the Embryo Hotel in Thailand.

2.4 Initial Access and Infrastructure Compromise

Beyond data theft, threat actors were observed selling or claiming initial access to sensitive networks.

• Government Access: Threat actor ZvokxGustav claimed unauthorized administrative access to the Ministry of Health and Family Welfare portal in India. Another actor claimed administrator-level access to an Indonesian government system under the .go.id domain.
• CCTV and Surveillance: The NetStrike group and the TFA Team claimed unauthorized access to multiple CCTV systems in the USA and Israel. A group named Guardium was also reported to have attacked CCTV cameras in Israel.
• Corporate Access: Actor klatre was observed soliciting access to Office 365 accounts within valid corporate networks.

3. Key Threat Actor Profiles

• CODER: A highly prolific distributor of credential combolists utilizing Telegram as a distribution network. They focus on massive volume, offering lists containing tens of millions of records (corporate, SMTP, mixed countries, and platforms like Facebook).
• HQcomboSpace: A specialized combolist actor operating on the CrackingX forum. They focus on targeted datasets, particularly Yahoo credentials and European/German domains and corporate accounts.
• Blackcloud: Another high-volume combolist distributor on the CrackingX forum, repeatedly releasing lists containing hundreds of thousands to millions of supposedly “ultra-high quality” (UHQ) records.
• XZeeoneOfc: This actor focuses on high-value, institutional data leaks. Their targets during this period included United Nations divisions, naval hospital medical records, and environmental sector contact databases.
• Dedale Office: This group targeted national and financial infrastructure, claiming leaks from Santander Mexico, Bangladesh Bank customers, and the Iraq National Security Database.

4. Conclusion and Strategic Assessment

The cyber incidents recorded between March 21 and 22, 2026, reveal a highly active and commoditized cybercriminal ecosystem. The sheer volume of combo lists being distributed for free on forums like CrackingX and via Telegram suggests that credential stuffing attacks will remain a persistent, high-volume threat against enterprise and consumer services. Organizations must prioritize Multi-Factor Authentication (MFA) to mitigate this risk.

Furthermore, the scale of alleged data breaches—ranging from telecommunications source code to sensitive UN planning documents and national registries—demonstrates that actors are actively seeking out misconfigurations, unpatched vulnerabilities, or compromised credentials to exfiltrate massive datasets.

Finally, the localized clusters of defacement and infrastructure attacks (particularly targeting Israel, Indonesia, and India) indicate that geopolitical tensions and regional hacktivism continue to drive a significant portion of surface-level cyber attacks. Security postures must account for both financially motivated data brokers and ideologically motivated disruptors.

Detected Incidents Draft Data

1. Alleged leak of Outlook and Hotmail credentials
   Category: Combo List
   Content: Actor karaokecloud leaked a combolist containing 2,770 Outlook and Hotmail email credentials on CrackingX forum. The credentials are being distributed as a free download.
   Date: 2026-03-21T23:37:38Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69421/
   Screenshots:
   None
   Threat Actors: karaokecloud
   Victim Country: Unknown
   Victim Industry: Technology
   Victim Organization: Microsoft
   Victim Site: outlook.com
2. Alleged leak of credential combolist containing 529K records
   Category: Combo List
   Content: Threat actor shared a fresh credential combolist containing 529,000 records described as ultra-high quality (UHQ) for free download on underground forum.
   Date: 2026-03-21T23:19:25Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69419/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
3. Alleged leak of credential combolist containing 697K records
   Category: Combo List
   Content: A threat actor shared a fresh credential combolist containing 697,000 username and password combinations on a cybercriminal forum. The data is being distributed for free download.
   Date: 2026-03-21T23:10:22Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69418/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
4. Alleged leak of credential combolist containing 812,000 records
   Category: Combo List
   Content: Threat actor shared a fresh credential combolist containing 812,000 records for free download on underground forum. The post advertises the credentials as ultra-high quality and recently obtained.
   Date: 2026-03-21T23:00:07Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69417/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
5. Alleged leak of UHQ credential combolist
   Category: Combo List
   Content: Threat actor Blackcloud made available a fresh credential combolist containing 1.1 million records described as ULP UHQ FRESH for free download on CrackingX forum.
   Date: 2026-03-21T22:50:54Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69415/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
6. Alleged leak of credential combolist containing 60,000 entries
   Category: Combo List
   Content: A threat actor shared a credential combolist containing 60,000 URL:username:password combinations on a cybercriminal forum. The data is made available for free download to registered forum users.
   Date: 2026-03-21T22:50:18Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69416/
   Screenshots:
   None
   Threat Actors: Seaborg
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
7. Alleged distribution of credential combolist on CrackingX forum
   Category: Combo List
   Content: User Blackcloud allegedly distributed a high-quality credential combolist containing 2.8 million entries on the CrackingX forum. The post indicates the data is described as UHQ FRESH suggesting recent and high-quality credential pairs.
   Date: 2026-03-21T22:41:05Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69413/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
8. Alleged Sale of Unified Electricity Services Platform Database in Egypt
   Category: Data Leak
   Content: Threat Actor claims to be selling a database allegedly sourced from the Egyptian Unified Electricity Services Platform, containing approximately 1,900 records. The dataset reportedly includes usernames, phone numbers and passwords, full names, national ID numbers, IP addresses, and detailed user profile information such as nationality, account creation data, and device/browser details.
   Date: 2026-03-21T22:41:00Z
   Network: openweb
   Published URL: https://forum.exploit.biz/topic/278869/
   Screenshots:
   None
   Threat Actors: rythem
   Victim Country: Egypt
   Victim Industry: Energy & Utilities
   Victim Organization: Unknown
   Victim Site: Unknown
9. Alleged leak of credential combolist
   Category: Combo List
   Content: A threat actor shared a fresh credential combolist containing 2.7 million username and password combinations on a cybercriminal forum for free download.
   Date: 2026-03-21T22:40:18Z
   Network: openweb
   Published URL: https://crackingx.com/threads/69414/
   Screenshots:
   None
   Threat Actors: Blackcloud
   Victim Country: Unknown
   Victim Industry: Unknown
   Victim Organization: Unknown
   Victim Site: Unknown
10. Alleged data breach of Credilink
    Category: Data Breach
    Content: The threat actor claims to have breached 243 millions of data from Credilink. The dataset reportedly contains personal and financial data, including CPF numbers, names, addresses, DOBs, emails, income, vehicle info, and federal status records.Note: it was previously breached by the threat actor Buddha on jan 22, 2025.
    Date: 2026-03-21T22:30:20Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Selling-Brazil-credilink-com-br-Financial-Protection-Services-Customers-243-Million
    Screenshots:
    None
    Threat Actors: Blastoize
    Victim Country: Brazil
    Victim Industry: Financial Services
    Victim Organization: credilink
    Victim Site: credilink.com.br
11. Website defacement of FATEC São Paulo by Mizun0/RATMAN team
    Category: Defacement
    Content: The attacker Mizun0, associated with the RATMAN team, successfully defaced a subdomain of FATEC São Paulos website on March 22, 2026. The compromised system was running on Linux infrastructure.
    Date: 2026-03-21T22:23:42Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248061
    Screenshots:
    None
    Threat Actors: Mizun0, RATMAN
    Victim Country: Brazil
    Victim Industry: Education
    Victim Organization: FATEC São Paulo
    Victim Site: patrimonio.fatecsp.br
12. Alleged leak of German domain credentials combolist
    Category: Combo List
    Content: A threat actor shared a credentials combolist containing 959,432 lines of alleged German domain email and password combinations via a file-sharing service.
    Date: 2026-03-21T22:23:19Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69412/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Germany
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
13. Alleged Unauthorized Admin Access to Ministry of Health and Family Welfare Portal in India
    Category: Initial Access
    Content: Threat Actor claims to have obtained unauthorized administrative access, including login credentials, to the Ministry of Health and Family Welfare portal in India.
    Date: 2026-03-21T22:16:06Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Ministry-of-Health-and-Family-Welfare-Free-Admin-Access
    Screenshots:
    None
    Threat Actors: ZvokxGustav
    Victim Country: India
    Victim Industry: Government Administration
    Victim Organization: ministry of health and family welfare
    Victim Site: ncd.mohfw.gov.in
14. Alleged Data Breach of CSL Freight
    Category: Data Breach
    Content: A threat actor claims to be selling a database containing 2,366 user records along with admin access to the website of CSL Freight. The leaked data reportedly includes user details such as names, emails, phone numbers, and client-related information, along with backend access.
    Date: 2026-03-21T22:06:11Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-CSL-Freight-2366-Users-Database-Website-Access-Admin-by-Zvok-x-Gustav
    Screenshots:
    None
    Threat Actors: ZvokxGustav
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
15. konco Indonesian Team official targets the website of velqip.com
    Category: Defacement
    Content: The group claims to have defaced the website of velqip.com
    Date: 2026-03-21T22:00:13Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: velqip.com
16. konco Indonesian Team official targets the website of Graphic Design Association
    Category: Defacement
    Content: The group claims to have defaced the website of Graphic Design Association.
    Date: 2026-03-21T21:57:27Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Saudi Arabia
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: graphic design association
    Victim Site: gda.org.sa
17. Alleged leak of mixed email-password combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 170,000 email and password combinations described as fresh and high quality. The credentials appear to be from mixed sources and are being distributed for free download.
    Date: 2026-03-21T21:56:31Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69409/
    Screenshots:
    None
    Threat Actors: steeve75
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
18. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 317,232 credentials specifically targeting Hotmail.com email accounts. The data was made available as a free download on a cybercriminal forum.
    Date: 2026-03-21T21:56:13Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69410/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
19. HellR00ters Team targets the website of Prefeitura Municipal de Macaíba
    Category: Defacement
    Content: The group claims to have defaced the website of Prefeitura Municipal de Macaíba.
    Date: 2026-03-21T21:55:28Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/1153
    Screenshots:
    None
    Threat Actors: HellR00ters Team
    Victim Country: Brazil
    Victim Industry: Government Administration
    Victim Organization: prefeitura municipal de macaíba
    Victim Site: antigo.macaiba.rn.gov.br
20. konco Indonesian Team official targets the website of Skills PTE Academic
    Category: Defacement
    Content: The group claims to have defaced the website of Skills PTE Academic.
    Date: 2026-03-21T21:53:54Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: India
    Victim Industry: Education
    Victim Organization: skills pte academic
    Victim Site: skillsproai.com
21. Alleged Data Breach of OkayHai
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of OkayHai in Pakistan, containing approximately 3,500 records. The dataset reportedly includes information such as names, email addresses, contact details, dates of birth, income data, and status indicator.
    Date: 2026-03-21T21:52:54Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-Pakistan-okayhai-com-is-an-online-store-3-5k-for-you
    Screenshots:
    None
    Threat Actors: blackwinter99
    Victim Country: Pakistan
    Victim Industry: E-commerce & Online Stores
    Victim Organization: okayhai
    Victim Site: okayhai.com
22. Alleged Data Leak of Rogers Communications & Fido
    Category: Data Leak
    Content: A threat actor claims to be selling a database containing 10.9 million records allegedly sourced from Rogers Communications and its subsidiary Fido. The dataset include mobile-related data, with samples provided.
    Date: 2026-03-21T21:44:36Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278868/
    Screenshots:
    None
    Threat Actors: PeakyBlinders
    Victim Country: Canada
    Victim Industry: Network & Telecommunications
    Victim Organization: Unknown
    Victim Site: Unknown
23. konco Indonesian Team official targets the website of Baitengfei Tech
    Category: Defacement
    Content: The group claims to have defaced the website of Baitengfei Tech.
    Date: 2026-03-21T21:44:14Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: China
    Victim Industry: E-commerce & Online Stores
    Victim Organization: baitengfei tech
    Victim Site: baitengfei.com
24. konco Indonesian Team official targets the website of Skademy
    Category: Defacement
    Content: The group claims to have defaced the website of Skademy
    Date: 2026-03-21T21:40:53Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Unknown
    Victim Industry: E-Learning
    Victim Organization: skademy
    Victim Site: skademy.com/googleb06d891fe6196a69.html
25. konco Indonesian Team official targets the website of South Delhi Flats
    Category: Defacement
    Content: The group claims to have defaced the website of South Delhi Flats.
    Date: 2026-03-21T21:38:36Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Unknown
    Victim Industry: Real Estate
    Victim Organization: south delhi flats
    Victim Site: southdelhiflats.com
26. Alleged data leak of USA 133K
    Category: Data Leak
    Content: The threat actor claims to have leaked a database containing approximately 133k records from the United States. The exposed dataset reportedly includes email addresses and password combinations.
    Date: 2026-03-21T21:36:42Z
    Network: openweb
    Published URL: https://xss.pro/threads/146541/
    Screenshots:
    None
    Threat Actors: Immanuel_Kant
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
27. konco Indonesian Team official targets the website of Depok City Government
    Category: Defacement
    Content: The group claims to have defaced the website of Depok City Government.
    Date: 2026-03-21T21:33:53Z
    Network: telegram
    Published URL: https://t.me/c/3807888281/187
    Screenshots:
    None
    Threat Actors: konco Indonesian Team official
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: depok city government
    Victim Site: helpdesk.depok.go.id
28. Website defacement of South Delhi Flats by VOID2401/ANTI VOID team
    Category: Defacement
    Content: The attacker VOID2401 from the ANTI VOID team defaced the South Delhi Flats real estate website on March 22, 2026. The incident targeted a single page rather than being part of a mass defacement campaign.
    Date: 2026-03-21T21:30:13Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248060
    Screenshots:
    None
    Threat Actors: VOID2401, ANTI VOID
    Victim Country: India
    Victim Industry: Real Estate
    Victim Organization: South Delhi Flats
    Victim Site: southdelhiflats.com
29. Alleged leak of Hotmail credentials on CrackingX forum
    Category: Combo List
    Content: A threat actor named ValidMail allegedly leaked a combolist containing 41,000 Hotmail credentials on the CrackingX forum. The credentials are claimed to be valid and sourced from forums.
    Date: 2026-03-21T21:27:39Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69408/
    Screenshots:
    None
    Threat Actors: ValidMail
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
30. Alleged leak of credential logs collection
    Category: Combo List
    Content: A threat actor shared a 3GB collection of private credential logs through a file sharing service. The logs are distributed freely via Mega.nz with password access provided through a Telegram channel.
    Date: 2026-03-21T21:09:39Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69407/
    Screenshots:
    None
    Threat Actors: maicolpg19
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
31. Shadow Cyber Indonesia targets the website of The Queeny Hotel
    Category: Defacement
    Content: The group claims to have defaced the website of The Queeny Hotel.
    Date: 2026-03-21T20:42:31Z
    Network: telegram
    Published URL: https://t.me/Shadow_Cyber_Indonesia/7
    Screenshots:
    None
    Threat Actors: Shadow Cyber Indonesia
    Victim Country: India
    Victim Industry: Hospitality & Tourism
    Victim Organization: the queeny hotel
    Victim Site: thequeeny.com
32. Alleged data leak of European corporate data
    Category: Combo List
    Content: Threat actor Immanuel_Kant shared European corporate data for free download on CrackingX forum, requesting additional data requests from users.
    Date: 2026-03-21T20:27:34Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69405/
    Screenshots:
    None
    Threat Actors: Immanuel_Kant
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
33. Alleged leak of US credentials combolist
    Category: Combo List
    Content: Threat actor Immanuel_Kant leaked a combolist containing 133,000 US email and password combinations for free download on CrackingX forum.
    Date: 2026-03-21T20:27:15Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69406/
    Screenshots:
    None
    Threat Actors: Immanuel_Kant
    Victim Country: United States
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
34. Shadow Cyber Indonesia targets the website of Embryo Hotel
    Category: Defacement
    Content: The group claims to have defaced the website of Embryo Hotel.
    Date: 2026-03-21T20:18:00Z
    Network: telegram
    Published URL: https://t.me/Shadow_Cyber_Indonesia/5
    Screenshots:
    None
    Threat Actors: Shadow Cyber Indonesia
    Victim Country: Thailand
    Victim Industry: Hospitality & Tourism
    Victim Organization: embryo hotel
    Victim Site: embryohotel.com
35. Shadow Cyber Indonesia targets the website of Hotel Citadel Surat
    Category: Defacement
    Content: The group claims to have defaced the website of Hotel Citadel Surat
    Date: 2026-03-21T20:16:35Z
    Network: telegram
    Published URL: https://t.me/Shadow_Cyber_Indonesia/6
    Screenshots:
    None
    Threat Actors: Shadow Cyber Indonesia
    Victim Country: India
    Victim Industry: Hospitality & Tourism
    Victim Organization: hotel citadel surat
    Victim Site: hotelcitadelsurat.com
36. Fatimion cyber team claims to Lebanon and Iraq
    Category: Alert
    Content: A recent post by the group indicates that theyre targeting Lebanon and Iraq.
    Date: 2026-03-21T20:10:22Z
    Network: telegram
    Published URL: https://t.me/hak994/5435
    Screenshots:
    None
    Threat Actors: Fatimion cyber team
    Victim Country: Lebanon
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
37. Alleged leak of Yahoo credentials combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 712,987 Yahoo credential combinations via a cloud storage link. The actor claims these are fresh leaks targeting Yahoo streaming services.
    Date: 2026-03-21T20:08:42Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69404/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Yahoo
    Victim Site: yahoo.com
38. Cardinal claims to target UK
    Category: Alert
    Content: A recent post by the group indicates that they are targeting UK.
    Date: 2026-03-21T20:02:48Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/392
    Screenshots:
    None
    Threat Actors: Cardinal
    Victim Country: UK
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
39. Alleged Unauthorized Access to Indonesian Government System
    Category: Initial Access
    Content: A threat actor claims to have obtained administrator-level access to an Indonesian government system under the .go.id domain. The shared screenshots appear to display internal dashboards, administrative panels, and sensitive operational data, suggesting potential unauthorized access to government-managed platforms.
    Date: 2026-03-21T20:01:46Z
    Network: telegram
    Published URL: https://t.me/CinCauGhast405/32
    Screenshots:
    None
    Threat Actors: CinCauGhast
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: go.id
40. Alleged distribution of mixed country credential combolists
    Category: Combo List
    Content: Threat actor CODER is distributing free credential combolists containing mixed country accounts for various services including Twitter, cryptocurrency platforms, Facebook ads and other services through Telegram channels.
    Date: 2026-03-21T19:45:09Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69403/
    Screenshots:
    None
    Threat Actors: CODER
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
41. BABAYO EROR SYSTEM targets the website of BDK Travel & Tourism L.L.C
    Category: Defacement
    Content: The group claims to have defaced the website of BDK Travel & Tourism L.L.C.
    Date: 2026-03-21T19:36:09Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/295
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: UAE
    Victim Industry: Hospitality & Tourism
    Victim Organization: bdk travel & tourism l.l.c
    Victim Site: portal.bdktravels.com
42. Alleged leak of crypto-banking credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 1.235 million credentials allegedly targeting crypto-banking platforms through a file sharing service.
    Date: 2026-03-21T19:34:39Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69402/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
43. Alleged leak of Gmail credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 306,250 unique Gmail email and password combinations on a cybercriminal forum.
    Date: 2026-03-21T19:12:03Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69401/
    Screenshots:
    None
    Threat Actors: UniqueCombo
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Google
    Victim Site: gmail.com
44. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 1,600 Hotmail email credentials with alleged full email access validation dated March 21st.
    Date: 2026-03-21T18:33:25Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69398/
    Screenshots:
    None
    Threat Actors: MailAccesss
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
45. Alleged leak of mixed country credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 60,000 mixed country credentials on a cybercrime forum. The content is hidden and only available to registered users of the forum.
    Date: 2026-03-21T18:32:10Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69399/
    Screenshots:
    None
    Threat Actors: RandomUpload
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
46. Mass defacement targeting Indonesian government site by Death Networks (Kize1337)
    Category: Defacement
    Content: The Death Networks group, through attacker Kize1337, conducted a mass defacement campaign targeting the Indonesian Religious Court of Kendal website. This attack was part of a broader mass defacement operation affecting multiple sites.
    Date: 2026-03-21T18:15:02Z
    Network: openweb
    Published URL: https://haxor.id/archive/mirror/248059
    Screenshots:
    None
    Threat Actors: Kize1337, Death Networks
    Victim Country: Indonesia
    Victim Industry: Government
    Victim Organization: Religious Court of Kendal
    Victim Site: www.pa-kendal.go.id
47. VandaTheGod targets the website of Eventbuzz
    Category: Defacement
    Content: The group claims to have defaced the website of Eventbuzz.
    Date: 2026-03-21T18:00:47Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41611334
    Screenshots:
    None
    Threat Actors: VandaTheGod
    Victim Country: Israel
    Victim Industry: Events Services
    Victim Organization: eventbuzz
    Victim Site: cdnpad.eventbuzz.co.il
48. Alleged leak of Target Germany credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 108,184 credentials allegedly associated with Target Germany customers. The data is being distributed for free via a file sharing platform.
    Date: 2026-03-21T17:58:01Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69397/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Germany
    Victim Industry: Retail
    Victim Organization: Target
    Victim Site: Unknown
49. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a link to what appears to be a fresh collection of Hotmail credentials on a cybercriminal forum. The data is being made available for free download through an external paste service.
    Date: 2026-03-21T17:49:42Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69395/
    Screenshots:
    None
    Threat Actors: viqhiboy2001
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
50. BABAYO EROR SYSTEM targets the website of RFontes
    Category: Defacement
    Content: The group claims to have defaced the website of RFontes.
    Date: 2026-03-21T17:48:07Z
    Network: telegram
    Published URL: https://t.me/BabayoErorSyteam/295
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Brazil
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: rfontes
    Victim Site: actus.rfontes.com
51. Alleged leak of mixed domain credential list
    Category: Combo List
    Content: A credential list containing 8,414 lines targeting mixed domains was leaked and made available for download via a file sharing service.
    Date: 2026-03-21T17:24:49Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69394/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
52. Alleged leak of mixed email credentials combolist
    Category: Combo List
    Content: User alphaxdd shared a combolist containing 3,955 mixed email credentials including Hotmail accounts for free download on March 21, 2026.
    Date: 2026-03-21T17:16:23Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69393/
    Screenshots:
    None
    Threat Actors: alphaxdd
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
53. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 950 Hotmail email and password combinations on a cybercriminal forum. The credentials are described as fresh and high quality.
    Date: 2026-03-21T17:00:15Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69390/
    Screenshots:
    None
    Threat Actors: KiwiShio
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
54. Alleged leak of Hotmail credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 1,000 allegedly valid Hotmail email credentials through a file sharing service. The credentials are being distributed for free on a cybercriminal forum.
    Date: 2026-03-21T16:59:37Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69391/
    Screenshots:
    None
    Threat Actors: Kommander0
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
55. GORZ ROSTAM targets the website of Sea Kayak Israel
    Category: Defacement
    Content: The group claims to have defaced the website of Sea Kayak Israel.
    Date: 2026-03-21T16:53:13Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41611309
    Screenshots:
    None
    Threat Actors: GORZ ROSTAM
    Victim Country: Israel
    Victim Industry: Recreational Facilities & Services
    Victim Organization: sea kayak israel
    Victim Site: seakayak.co.il
56. Alleged Sale of Documents from Asian and South American Countries
    Category: Data Leak
    Content: Threat Actor claims to be selling a large number of documents originating from various countries in Asia and South America.
    Date: 2026-03-21T16:52:19Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278853/
    Screenshots:
    None
    Threat Actors: LOGS_KING
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
57. Alleged leak of mixed email credentials combolist
    Category: Combo List
    Content: Threat actor klyne05 distributed a mixed email combolist described as private, fresh, and checked credentials on a cybercriminal forum.
    Date: 2026-03-21T16:35:51Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69388/
    Screenshots:
    None
    Threat Actors: klyne05
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
58. Alleged leak of Hotmail credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 1,845 allegedly valid Hotmail email and password combinations on a cybercrime forum. The credentials are described as premium hits from private cloud sources with mixed email types.
    Date: 2026-03-21T16:35:12Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69389/
    Screenshots:
    None
    Threat Actors: alphaxdd
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
59. GORZ ROSTAM targets the website of Alumatt
    Category: Defacement
    Content: The group claims to have defaced the website of Alumatt.
    Date: 2026-03-21T16:25:28Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41611302?hz=1
    Screenshots:
    None
    Threat Actors: GORZ ROSTAM
    Victim Country: Israel
    Victim Industry: Manufacturing & Industrial Products
    Victim Organization: alumatt
    Victim Site: alumatt.co.il
60. GORZ ROSTAM targets the website of Even Niyar VeMisparayim
    Category: Defacement
    Content: The group claims to have defaced the website of Even Niyar VeMisparayim.
    Date: 2026-03-21T16:18:22Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41611301?hz=1
    Screenshots:
    None
    Threat Actors: GORZ ROSTAM
    Victim Country: Israel
    Victim Industry: Events Services
    Victim Organization: even niyar vemisparayim
    Victim Site: evenniar.co.il
61. GORZ ROSTAM targets the website of Tuv Haaretz Adei Ad Ltd
    Category: Defacement
    Content: The group claims to have defaced the website of Tuv Haaretz Adei Ad Ltd.
    Date: 2026-03-21T16:12:12Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41611300
    Screenshots:
    None
    Threat Actors: GORZ ROSTAM
    Victim Country: Israel
    Victim Industry: Retail Industry
    Victim Organization: tuv haaretz adei ad ltd
    Victim Site: tuv-haaretz.co.il
62. Alleged distribution of Facebook credential combolists via Telegram
    Category: Combo List
    Content: Threat actor CODER is distributing Facebook credential combolists for free through Telegram channels, along with associated programs for credential stuffing attacks.
    Date: 2026-03-21T16:09:32Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69387/
    Screenshots:
    None
    Threat Actors: CODER
    Victim Country: Unknown
    Victim Industry: Social Media
    Victim Organization: Facebook
    Victim Site: facebook.com
63. Alleged data leak of Santander bank Mexico
    Category: Data Leak
    Content: The group claims to have leaked 7 millions of data from Santander bank Mexico. The exposed dataset reportedly includes Social Security Number or ID, Address Line 1, Address Line 2, Municipality or District, State, City, ZIP/Postal Code, Area Code 1, Phone Number 1, Area Code 2, Phone Number 2, Name, Tax ID (RFC), Record Creation Date.
    Date: 2026-03-21T15:57:56Z
    Network: telegram
    Published URL: https://t.me/DedaleOffice/1180
    Screenshots:
    None
    Threat Actors: Dedale Office
    Victim Country: Mexico
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
64. Alleged leak of Yahoo credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing approximately 1.9 million credential pairs allegedly targeting Yahoo users. The data is being distributed for free via a file sharing platform.
    Date: 2026-03-21T15:53:07Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69386/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Yahoo
    Victim Site: yahoo.com
65. Alleged data leak of Bangladesh Bank Customers Data
    Category: Data Leak
    Content: The group claims to have leaked 100,677 of data from Bangladesh Bank Customers Data. The exposed dataset reportedly includes Prefix FullName FatherName MotherName DOB Age MailingAddr ContactNo PermanentAddr HomeDivision HomeDist HomeUpazila Quota PositionSLNo LastAppDate AdmitSLNo Qualified PostDateTime Email.
    Date: 2026-03-21T15:52:42Z
    Network: telegram
    Published URL: https://t.me/DedaleOffice/1177
    Screenshots:
    None
    Threat Actors: Dedale Office
    Victim Country: Bangladesh
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
66. Alleged leak of Hotmail credentials and mixed account data
    Category: Combo List
    Content: Threat actor noir shared what appears to be a collection of valid Hotmail credentials and mixed account data through their Telegram channel. The post indicates high-quality validated credential lists are being distributed.
    Date: 2026-03-21T15:43:35Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69385/
    Screenshots:
    None
    Threat Actors: noir
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
67. Alleged data leak of Iraq National Security Database
    Category: Data Leak
    Content: The group claims to have leaked 6.1 GB of data from Iraq National Security Database. The exposed dataset reportedly includes Full Name, City, Date of birth, national ID, National office ID, document number, very detailed address and other ID number.
    Date: 2026-03-21T15:38:45Z
    Network: telegram
    Published URL: https://t.me/DedaleOffice/1176
    Screenshots:
    None
    Threat Actors: Dedale Office
    Victim Country: Iraq
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
68. Alleged unauthorized access to multiple CCTV systems from USA and Israel
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to multiple CCTV systems from USA and Israel.
    Date: 2026-03-21T15:36:55Z
    Network: telegram
    Published URL: https://t.me/netstrikegroup/45
    Screenshots:
    None
    Threat Actors: NetStrike
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
69. Alleged leak of Russian email credentials
    Category: Combo List
    Content: A forum user shared access to 5,700 Russian email credentials dated March 21st. The credentials are described as valid mail access and appear to be made available for free to registered forum users.
    Date: 2026-03-21T15:35:01Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69384/
    Screenshots:
    None
    Threat Actors: MailAccesss
    Victim Country: Russia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
70. Alleged leak of mixed email credentials from multiple domains
    Category: Combo List
    Content: A threat actor shared a combolist containing 4,437 email credentials from mixed domains including Polish and French origins. The credentials are being distributed as a free download on a cybercriminal forum.
    Date: 2026-03-21T15:25:51Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69382/
    Screenshots:
    None
    Threat Actors: karaokecloud
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
71. Alleged leak of Japanese military access credentials
    Category: Combo List
    Content: A threat actor shared 2,300 allegedly valid military access credentials from Japan dated March 21st on an underground forum.
    Date: 2026-03-21T15:25:17Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69383/
    Screenshots:
    None
    Threat Actors: MailAccesss
    Victim Country: Japan
    Victim Industry: Military/Defense
    Victim Organization: Unknown
    Victim Site: Unknown
72. Alleged SMS OTP bypass service offering
    Category: Initial Access
    Content: RatelSMS advertises an SMS receiving service for OTP bypass with multiple countries and services available at low prices. No post content was available for detailed analysis.
    Date: 2026-03-21T15:16:43Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69374/
    Screenshots:
    None
    Threat Actors: RatelSMS
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
73. Alleged solicitation for Office 365 access on corporate networks
    Category: Initial Access
    Content: Threat actor soliciting access to Office 365 accounts within valid corporate networks, requesting private and unique materials from sellers.
    Date: 2026-03-21T15:15:59Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69381/
    Screenshots:
    None
    Threat Actors: klatre
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
74. Alleged leak of mixed country credential combolist
    Category: Combo List
    Content: A threat actor leaked a combolist containing 1,883,302 credentials from mixed countries via a free download link on a file sharing platform.
    Date: 2026-03-21T15:08:18Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69378/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
75. Alleged leak of mixed email credentials combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing 22,000 valid email credentials from mixed sources dated March 21st. The credentials are being distributed for free to registered forum users.
    Date: 2026-03-21T15:07:59Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69379/
    Screenshots:
    None
    Threat Actors: MailAccesss
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
76. Alleged leak of German email credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 90,000 German email credentials dated March 21st on an underground forum.
    Date: 2026-03-21T14:59:01Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69375/
    Screenshots:
    None
    Threat Actors: MailAccesss
    Victim Country: Germany
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
77. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a sample combolist containing 1,074 Hotmail credentials on a cybercrime forum. The credentials appear to be distributed as a free download.
    Date: 2026-03-21T14:41:20Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69373/
    Screenshots:
    None
    Threat Actors: HollowKnight07
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
78. Alleged leak of email credentials combolist
    Category: Combo List
    Content: Forum post claims to offer 33,000 valid email credentials through hidden content available to registered users, with additional access via private Telegram contact.
    Date: 2026-03-21T14:32:10Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69372/
    Screenshots:
    None
    Threat Actors: TeraCloud1
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
79. Alleged data breach of Kramnycja
    Category: Data Breach
    Content: The threat actor claims to have breached data from Kramnycja.
    Date: 2026-03-21T14:25:47Z
    Network: telegram
    Published URL: https://t.me/QuietSecurity/12
    Screenshots:
    None
    Threat Actors: QuietSec
    Victim Country: Ukraine
    Victim Industry: Food Production
    Victim Organization: kramnycja
    Victim Site: kramnytsia.com
80. Alleged leak of Hotmail credentials on cybercriminal forum
    Category: Combo List
    Content: A threat actor shared a combolist containing 41,000 Hotmail email credentials on a cybercriminal forum. The post indicates these are valid credentials sourced from forums.
    Date: 2026-03-21T14:15:49Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69371/
    Screenshots:
    None
    Threat Actors: ValidMail
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
81. Alleged cyberattack targeting CCTV cameras in Israel
    Category: Cyber Attack
    Content: A threat group named Guardium has reportedly carried out cyberattack on CCTV cameras in Israel.
    Date: 2026-03-21T14:03:16Z
    Network: telegram
    Published URL: https://t.me/cyberbannews_ir/20690?single
    Screenshots:
    None
    Threat Actors:
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
82. Alleged leak of Gmail credentials combolist
    Category: Combo List
    Content: Forum post claims to offer a combolist containing 304,334 unique Gmail email and password combinations from 2026. The actual content is hidden behind registration requirements.
    Date: 2026-03-21T13:59:19Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69370/
    Screenshots:
    None
    Threat Actors: UniqueCombo
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Google
    Victim Site: gmail.com
83. Alleged data breach of French Scrabble Federation
    Category: Data Breach
    Content: The threat actor claims to have breached 1,498,871 lines of data from the Fédération Française de Scrabble, allegedly containing title, last name, first name, date of birth, address, postal code, city, phone number, and email.
    Date: 2026-03-21T13:36:42Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-FR-FF-SCRABBLE
    Screenshots:
    None
    Threat Actors: kazutlg
    Victim Country: France
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: french scrabble federation
    Victim Site: ffscrabble.fr
84. Alleged leak of Yahoo credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing over 1.46 million credential pairs specifically targeting Yahoo domain accounts. The data was made available for free download via a file sharing service.
    Date: 2026-03-21T13:34:03Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69369/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Yahoo
    Victim Site: yahoo.com
85. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: Threat actor claims to have leaked 2,100 fresh Hotmail credentials in a combolist format. The credentials are described as high quality and recently obtained.
    Date: 2026-03-21T13:24:52Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69368/
    Screenshots:
    None
    Threat Actors: Lexser
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
86. Alleged leak of mixed country credential combolist
    Category: Combo List
    Content: A threat actor shared a combolist containing approximately 2.4 million credentials from mixed countries through a file sharing service. The credentials are described as high quality and originate from multiple geographic regions.
    Date: 2026-03-21T12:58:39Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69365/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
87. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 13,000 allegedly valid Hotmail email credentials through a Pastebin-style service on a cybercriminal forum.
    Date: 2026-03-21T12:57:59Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69367/
    Screenshots:
    None
    Threat Actors: Cir4d
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
88. Alleged leak of Comcast, AT&T, and Hotmail credential lists
    Category: Combo List
    Content: Threat actor CODER is distributing credential lists containing approximately 3.8 million accounts from Comcast, AT&T, and Hotmail through Telegram channels. The actor is offering free access to these combolists and associated cracking tools via dedicated Telegram groups.
    Date: 2026-03-21T11:38:11Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69363/
    Screenshots:
    None
    Threat Actors: CODER
    Victim Country: United States
    Victim Industry: Telecommunications
    Victim Organization: Comcast, AT&T, Microsoft
    Victim Site: comcast.net, att.net, hotmail.com
89. Alleged Sale of Unauthorized Admin Panel Access to frostdigi
    Category: Initial Access
    Content: The threat actor claims to be selling Unauthorized Admin Panel Access to frostdigi
    Date: 2026-03-21T11:33:02Z
    Network: telegram
    Published URL: https://t.me/kittysearchnews/236
    Screenshots:
    None
    Threat Actors: Kitty Search
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: frostdigi
    Victim Site: frostdigi.ai
90. Alleged leak of corporate email credentials
    Category: Combo List
    Content: A threat actor shared a combolist containing 145,744 corporate email and password combinations through a file hosting service. The credentials appear to target corporate email accounts across various organizations.
    Date: 2026-03-21T11:23:20Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69362/
    Screenshots:
    None
    Threat Actors: HQcomboSpace
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
91. Alleged data leak of Ion Creangă State Pedagogical University of Chișinău
    Category: Data Breach
    Content: Group claims to have leaked data from Ion Creangă State Pedagogical University of Chișinău
    Date: 2026-03-21T11:14:38Z
    Network: telegram
    Published URL: https://t.me/c/3731684343/3721
    Screenshots:
    None
    Threat Actors: Escanors Files
    Victim Country: Moldova
    Victim Industry: Education
    Victim Organization: ion creangă state pedagogical university of chișinău
    Victim Site: upsc.md
92. Alleged leak of mixed email credentials combolist
    Category: Combo List
    Content: Threat actor claims to have leaked a mixed combolist containing 2,100 email credentials with access capabilities.
    Date: 2026-03-21T11:13:29Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69360/
    Screenshots:
    None
    Threat Actors: Cl0ud0wner
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
93. Alleged leak of Hotmail credential combolist
    Category: Combo List
    Content: Threat actor claims to have leaked a combolist containing 2,400 Hotmail email credentials on a cybercrime forum.
    Date: 2026-03-21T11:12:11Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69361/
    Screenshots:
    None
    Threat Actors: Cl0ud0wner
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
94. Alleged leak of mixed email credentials combolist
    Category: Combo List
    Content: Actor shared a combolist containing 11.1k mixed email credentials through a private cloud service.
    Date: 2026-03-21T10:55:17Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69359/
    Screenshots:
    None
    Threat Actors: Cl0ud0wner
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
95. Alleged leak of Hotmail credential lists
    Category: Combo List
    Content: A threat actor shared 459 fresh Hotmail credential combinations organized by country. The credentials are being distributed as free downloads in combolist format.
    Date: 2026-03-21T10:47:58Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69358/
    Screenshots:
    None
    Threat Actors: Hotmail Cloud
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
96. Alleged data leak of fast-anime
    Category: Data Leak
    Content: The group claims to have leaked data from fast-anime
    Date: 2026-03-21T10:40:24Z
    Network: telegram
    Published URL: https://t.me/c/3731684343/3748
    Screenshots:
    None
    Threat Actors: Escanors Files
    Victim Country: Russia
    Victim Industry: Entertainment & Movie Production
    Victim Organization: fast-anime
    Victim Site: fast-anime.ru
97. Alleged leak of Hotmail credential combolist containing 1.5 million records
    Category: Combo List
    Content: A threat actor shared a combolist containing 1,508,481 alleged Hotmail email and password combinations via a file sharing service. The credentials are being distributed for free on a cybercrime forum.
    Date: 2026-03-21T10:32:50Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69357/
    Screenshots:
    None
    Threat Actors: BestCombo
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
98. Alleged leak of Hotmail credentials
    Category: Combo List
    Content: Forum user HollowKnight07 shared a sample of 935 Hotmail credentials as a free download on CrackingX forum.
    Date: 2026-03-21T10:16:11Z
    Network: openweb
    Published URL: https://crackingx.com/threads/69356/
    Screenshots:
    None
    Threat Actors: HollowKnight07
    Victim Country: Unknown
    Victim Industry: Technology
    Victim Organization: Microsoft
    Victim Site: hotmail.com
99. Alleged Data Breach of Healthcare.com
    Category: Data Breach
    Content: The threat actor claims to have leaked 2 million data from Healthcare.com and Pivot Health, which are reportedly connected platforms. The exposed dataset allegedly includes user profiles, leads, and additional S3-stored data, containing personal and sensitive information such as names, emails, addresses, insurance details, and password hashes.
    Date: 2026-03-21T10:15:54Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278837/
    Screenshots:
    None
    Threat Actors: uawrongteam
    Victim Country: USA
    Victim Industry: Hospital & Health Care
    Victim Organization: healthcare.com
    Victim Site: healthcare.com
100. Alleged distribution of credential combolist containing 23 million entries
     Category: Combo List
     Content: Threat actor CODER is distributing a credential combolist containing 23 million entries through Telegram channels, advertising it as good quality credentials.
     Date: 2026-03-21T10:07:53Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69355/
     Screenshots:
     None
     Threat Actors: CODER
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
101. Alleged sale of unidentified PrestaShop E-commerce site data from Vietnam
     Category: Data Breach
     Content: The threat actor claims to be selling a database allegedly containing information on over 190,000 users from a PrestaShop-based clothing and accessories website in Vietnam.
     Date: 2026-03-21T10:04:15Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-Vietnam-database-with-over-190-000-users
     Screenshots:
     None
     Threat Actors: Tamnaamm
     Victim Country: Vietnam
     Victim Industry: E-commerce & Online Stores
     Victim Organization: Unknown
     Victim Site: Unknown
102. Alleged data sale of PrestaShop
     Category: Data Breach
     Content: The threat actor claims to be selling over 190,000 user records allegedly stolen from PrestaShop.
     Date: 2026-03-21T09:54:29Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-Vietnam-database-with-over-190-000-users
     Screenshots:
     None
     Threat Actors: Tamnaamm
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
103. Alleged leak of mixed email credential list
     Category: Combo List
     Content: A threat actor shared a mixed email credential list containing 6,950 entries for free download on an underground forum.
     Date: 2026-03-21T09:36:21Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69353/
     Screenshots:
     None
     Threat Actors: NotSellerxd
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
104. Alleged leak of Hotmail credential combolist
     Category: Combo List
     Content: Actor distributes a combolist containing 1,800 Hotmail email credentials through a Telegram channel, claiming the credentials are fresh and valid with daily updates.
     Date: 2026-03-21T09:36:03Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69354/
     Screenshots:
     None
     Threat Actors: Kokos2846q
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
105. Alleged Data Breach of United Nations Human Rights
     Category: Data Breach
     Content: The threat actor claims to have leaked data related to the United Nations Committee on the Rights of the Child (CRC). The exposed dataset reportedly includes country-level reports, recommendations, and structured documentation derived from official UN human rights records.
     Date: 2026-03-21T09:23:26Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-DATABASE-Committee-on-the-Rights-of-the-Child-CRC
     Screenshots:
     None
     Threat Actors: XZeeoneOfc
     Victim Country: Switzerland
     Victim Industry: Human Resources
     Victim Organization: united nations human rights
     Victim Site: ohchr.org
106. Alleged leak of German domain credentials combolist
     Category: Combo List
     Content: A combolist containing 994,447 credential pairs targeting German (.de) domains was made available for free download on a cybercriminal forum.
     Date: 2026-03-21T09:06:22Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69352/
     Screenshots:
     None
     Threat Actors: HQcomboSpace
     Victim Country: Germany
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
107. Alleged leak of Gmail credential combolist containing 300,000+ accounts
     Category: Combo List
     Content: A threat actor posted a Gmail credential combolist containing 300,764 unique email:password combinations from 2026 on a cybercriminal forum. The credentials are being distributed as a free download to forum members.
     Date: 2026-03-21T08:50:58Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69350/
     Screenshots:
     None
     Threat Actors: UniqueCombo
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Google
     Victim Site: gmail.com
108. Alleged data breach of United Nations Lebanon
     Category: Data Breach
     Content: The threat actor claims to have leaked data from the United Nations Lebanon Lebanon Crisis Response Plan – LCRP. The compromised data reportedly includes internal planning information such as budget allocations, target population details, geographic distribution, and program performance indicators related to humanitarian operations.
     Date: 2026-03-21T08:49:24Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-DATABASE-Lebanon-Crisis-Response-Plan-LCRP
     Screenshots:
     None
     Threat Actors: XZeeoneOfc
     Victim Country: Lebanon
     Victim Industry: Government Administration
     Victim Organization: united nations lebanon
     Victim Site: lebanon.un.org
109. Alleged leak of naval hospital medical data
     Category: Data Leak
     Content: The threat actor claims to have leaked a medical record database from a naval hospital, allegedly containing highly sensitive personal information of patients, including national ID numbers, full names, addresses, contact details, dates of birth, insurance information, and demographic data.
     Date: 2026-03-21T08:46:45Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-DATABASE-complete-medical-record-database-of-Tjiptadi-Mangunkusumo-Naval-Hospital-patients
     Screenshots:
     None
     Threat Actors: XZeeoneOfc
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
110. Alleged sale of Business Registers Agency of Serbia
     Category: Data Breach
     Content: The threat actor claims to be selling a 2.15 GB dataset allegedly associated with business registry records in Serbia. According to the listing, the data reportedly includes scanned identification documents such as passports and national IDs, JMBG numbers, full names, residential addresses, bank statements, credit ratings, beneficial ownership declarations, notarized contracts, and electronic signatures. The dataset is described as primarily related to individuals and entities based in Belgrade, including real estate owners and law firms.
     Date: 2026-03-21T08:39:20Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-2-15GB-Serbia-Business-Registry-2026-%E2%80%94-Scanned-IDs-Passports-JMBG-Bank-Statements
     Screenshots:
     None
     Threat Actors: Zeus_kos
     Victim Country: Serbia
     Victim Industry: Government Administration
     Victim Organization: business registers agency
     Victim Site: apr.gov.rs
111. Alleged leak of contact data of individuals and organizations in the Environmental and Sustainability Sector
     Category: Data Leak
     Content: The threat actor claims to have leaked a database allegedly containing sensitive contact information of over 4,000 individuals and organizations in the environmental and sustainability sector, including academics, researchers, government officials, corporate professionals, NGOs, and consultants across multiple countries.
     Date: 2026-03-21T08:34:36Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-DATABASE-Contact-List-Address-Book-of-individuals-and-orgaanizations-in-the-field-of-Environm
     Screenshots:
     None
     Threat Actors: XZeeoneOfc
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
112. Alleged unauthorized cctv access to an unidentified shop in Israel
     Category: Initial Access
     Content: The group claims to have unauthorized cctv access to an unidentified organization
     Date: 2026-03-21T08:15:16Z
     Network: telegram
     Published URL: https://t.me/thetfa/522
     Screenshots:
     None
     Threat Actors: TFA Team
     Victim Country: Israel
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
113. Alleged sale of multiple cryptocurrency and financial platforms
     Category: Data Leak
     Content: The threat actor claims to be selling a database containing millions of user records allegedly obtained from multiple cryptocurrency and financial platforms, including Gemini, Coinbase, Robinhood, Twitter, Ledger, Cointracker, CoinMarketCap, Gatehub, Hitfinex, and Paxful. The compromised data reportedly includes names, email addresses, phone numbers, country details, and source platform information, totaling over 4 million records.
     Date: 2026-03-21T08:01:18Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-Multiple-platforms-crypto-package-here
     Screenshots:
     None
     Threat Actors: HiddenHq
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
114. Alleged leak of Hotmail credentials
     Category: Combo List
     Content: Threat actor shared a link to allegedly fresh and valid Hotmail credentials containing over 913,000 records. The credentials are being distributed for free via a file hosting service.
     Date: 2026-03-21T07:50:39Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69347/
     Screenshots:
     None
     Threat Actors: williams001
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
115. Alleged leak of Hotmail credentials
     Category: Combo List
     Content: A forum user shared a combolist containing 14,000 unique Hotmail email and password combinations on a cracking forum.
     Date: 2026-03-21T07:50:12Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69348/
     Screenshots:
     None
     Threat Actors: UniqueCombo
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
116. Alleged distribution of mixed corporate credential combolist
     Category: Combo List
     Content: Threat actor CODER is distributing a combolist containing 12 million unique corporate credentials through Telegram channels. The actor operates multiple Telegram groups offering free credential lists and programs to potential users.
     Date: 2026-03-21T07:27:03Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69346/
     Screenshots:
     None
     Threat Actors: CODER
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
117. Alleged leak of Hotmail credentials on CrackingX forum
     Category: Combo List
     Content: A threat actor allegedly shared a combolist containing 41,000 Hotmail credentials on a cybercriminal forum. The post indicates the credentials are valid and sourced from forums.
     Date: 2026-03-21T07:01:42Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69344/
     Screenshots:
     None
     Threat Actors: ValidMail
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
118. Alleged leak of Hotmail credentials combolist
     Category: Combo List
     Content: A threat actor shared a combolist containing approximately 1.9 million Hotmail email and password combinations, claiming the credentials are from fresh leaks. The data is being distributed for free via a file hosting service.
     Date: 2026-03-21T06:54:17Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69343/
     Screenshots:
     None
     Threat Actors: HQcomboSpace
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
119. Alleged Sale of Preferred Hotels Reservation Data
     Category: Data Breach
     Content: The threat actor claims to be selling a dataset allegedly related to hotel reservation systems used by Preferred Hotels & Resorts. The dataset contains sensitive PII, travel and financial metadatas.
     Date: 2026-03-21T06:28:23Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-preferredhotels-com-HNWI-450k-Luxury-hotel
     Screenshots:
     None
     Threat Actors: golovey_team
     Victim Country: USA
     Victim Industry: Hospitality & Tourism
     Victim Organization: preferred hotels & resorts
     Victim Site: preferredhotels.com
120. Website defacement of Marcenaria Tony Arte by ecologyc (LarpBoys team)
     Category: Defacement
     Content: The LarpBoys team member ecologyc defaced the website of Marcenaria Tony Arte, a Brazilian woodworking/carpentry business, on March 21, 2026. The defaced site was running on a Linux server and the incident was archived for documentation purposes.
     Date: 2026-03-21T06:27:19Z
     Network: openweb
     Published URL: https://haxor.id/archive/mirror/248058
     Screenshots:
     None
     Threat Actors: ecologyc, LarpBoys
     Victim Country: Brazil
     Victim Industry: Manufacturing/Woodworking
     Victim Organization: Marcenaria Tony Arte
     Victim Site: www.marcenariatonyarte.com
121. Alleged distribution of SMTP credential combolist
     Category: Combo List
     Content: Threat actor CODER is distributing a combolist containing 21 million SMTP credentials through Telegram channels. The credentials are being shared for free through dedicated Telegram groups.
     Date: 2026-03-21T06:23:55Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69342/
     Screenshots:
     None
     Threat Actors: CODER
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
122. Alleged data leak of DSHG Sonic
     Category: Data Breach
     Content: Threat actor claims to have leaked SQL database of DSHG Sonic. The compromised data reportedly includes users, producers, transactions, and admins.
     Date: 2026-03-21T06:10:48Z
     Network: openweb
     Published URL: https://demonforums.net/Thread-database-of-dshgsonic-com-Full-Dump
     Screenshots:
     None
     Threat Actors: SecKittenMax
     Victim Country: USA
     Victim Industry: Software
     Victim Organization: dshg sonic
     Victim Site: dshgsonic.com
123. Alleged Sale of Registraduría Colombia Database
     Category: Data Breach
     Content: The threat actor claims to be selling a dataset allegedly associated with Colombia’s national civil registry system. The dataset contains highly sensitive government-issued identity information.
     Date: 2026-03-21T06:08:57Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-CO-120K-REGISTRADURIA-GOV-CO
     Screenshots:
     None
     Threat Actors: NyxarGroup
     Victim Country: Colombia
     Victim Industry: Government Administration
     Victim Organization: registraduría nacional del estado civil
     Victim Site: registraduria.gov.co
124. DieNet targets the website of Open University of Israel
     Category: Data Breach
     Content: Proof of Downtime: https://check-host.net/check-report/3c2d4660kaf3
     Date: 2026-03-21T06:08:18Z
     Network: telegram
     Published URL: https://t.me/dienet3/496
     Screenshots:
     None
     Threat Actors: DieNet
     Victim Country: Israel
     Victim Industry: Education
     Victim Organization: open university of israel
     Victim Site: openu.ac.il
125. Alleged data breach of AstraZeneca
     Category: Data Breach
     Content: Threat actor claims to be selling leaked data from AstraZeneca, UK. The compromised data reportedly contains full source code Azure, AWS, Terraform and employee datas.
     Date: 2026-03-21T06:02:15Z
     Network: openweb
     Published URL: https://lapsus.by/
     Screenshots:
     None
     Threat Actors: LAPSUS-GROUP
     Victim Country: UK
     Victim Industry: Healthcare & Pharmaceuticals
     Victim Organization: astrazeneca
     Victim Site: astrazeneca.com
126. Alleged unauthorized access to multiple systems in Israel
     Category: Initial Access
     Content: The group claims to have gained unauthorized access to multiple systems and servers associated with Israel, allegedly exfiltrating sensitive data and conducting data wiping operations across targeted infrastructure.
     Date: 2026-03-21T05:57:43Z
     Network: telegram
     Published URL: https://t.me/Anon_Israel35/46
     Screenshots:
     None
     Threat Actors: Anonymous For Justice
     Victim Country: Israel
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
127. Alleged Data Breach of Orange Romania
     Category: Data Breach
     Content: Threat actor claims to be leaking data associated with Orange Romania, a telecommunications provider. The exposed data is said to include customer records, source code, internal documents, invoices, contracts, project files, support tickets, user data, employee information, messages, credit card details, personally identifiable information (PII), and call logs.
     Date: 2026-03-21T05:56:51Z
     Network: openweb
     Published URL: https://spear.cx/Thread-Database-Orange-ro-leak
     Screenshots:
     None
     Threat Actors: Tanaka
     Victim Country: Romania
     Victim Industry: Network & Telecommunications
     Victim Organization: orange romania
     Victim Site: orange.ro
128. Alleged Sale of Chinese Sports Betting Clients Database
     Category: Data Leak
     Content: The threat actor claims to be selling a dataset allegedly related to Chinese sports betting platform users. The dataset contains personal details of personal details of users.
     Date: 2026-03-21T05:48:17Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-Selling-Chinese-sports-betting-clients-2500K
     Screenshots:
     None
     Threat Actors: datasource
     Victim Country: China
     Victim Industry: Gambling & Casinos
     Victim Organization: Unknown
     Victim Site: Unknown
129. Alleged distribution of business credentials combolist
     Category: Combo List
     Content: Threat actor distributes a combolist containing 7 million business credentials through Telegram channels, offering both free access and private distribution methods.
     Date: 2026-03-21T05:29:14Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69340/
     Screenshots:
     None
     Threat Actors: CODER
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
130. Website defacement of MAN 3 Kota Makassar by 4zz_30/JABAR ERROR SYSTEM
     Category: Defacement
     Content: The website of MAN 3 Kota Makassar, an Indonesian Islamic senior high school, was defaced by attacker 4zz_30 from the JABAR ERROR SYSTEM team on March 21, 2026. The incident targeted a single educational institutions website running on a Linux server.
     Date: 2026-03-21T05:28:55Z
     Network: openweb
     Published URL: https://haxor.id/archive/mirror/248057
     Screenshots:
     None
     Threat Actors: 4zz_30, JABAR ERROR SYSTEM
     Victim Country: Indonesia
     Victim Industry: Education
     Victim Organization: MAN 3 Kota Makassar
     Victim Site: man3kotamakassar.sch.id
131. Alleged leak of German shopping credentials
     Category: Combo List
     Content: A combolist containing 242,621 credentials allegedly targeting German shopping websites has been made available for free download on a cybercrime forum.
     Date: 2026-03-21T04:45:51Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69339/
     Screenshots:
     None
     Threat Actors: HQcomboSpace
     Victim Country: Germany
     Victim Industry: Retail
     Victim Organization: Unknown
     Victim Site: Unknown
132. Alleged distribution of Argentina credential combolist
     Category: Combo List
     Content: Threat actor CODER is distributing an Argentina-focused credential combolist through Telegram channels, offering free access to stolen login credentials.
     Date: 2026-03-21T04:21:36Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69338/
     Screenshots:
     None
     Threat Actors: CODER
     Victim Country: Argentina
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
133. Alleged leak of Gmail credentials combolist
     Category: Combo List
     Content: A threat actor shared a combolist containing over 300,000 Gmail email and password combinations claimed to be unique credentials from 2026.
     Date: 2026-03-21T03:28:49Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69337/
     Screenshots:
     None
     Threat Actors: UniqueCombo
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Google
     Victim Site: gmail.com
134. Alleged distribution of European and US credential combolists
     Category: Combo List
     Content: Threat actor gsmfix claims to be distributing high-quality credential combolists targeting users from Europe and the United States. The post advertises the credentials as fully valid but provides no specific details about the source, volume, or affected services.
     Date: 2026-03-21T03:05:21Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69333/
     Screenshots:
     None
     Threat Actors: gsmfix
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
135. Alleged leak of 350,000 credential combinations
     Category: Combo List
     Content: A threat actor shared a combolist containing 350,000 URL, login, and password combinations via a free download link on a criminal forum.
     Date: 2026-03-21T03:05:02Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69334/
     Screenshots:
     None
     Threat Actors: WashingtonDC
     Victim Country: Unknown
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
136. Alleged leak of German shopping website credentials
     Category: Combo List
     Content: A threat actor shared a combolist containing over 1.1 million credential pairs allegedly targeting German shopping websites. The data is being distributed for free via a file sharing platform.
     Date: 2026-03-21T02:41:10Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69330/
     Screenshots:
     None
     Threat Actors: HQcomboSpace
     Victim Country: Germany
     Victim Industry: Retail
     Victim Organization: Unknown
     Victim Site: Unknown
137. Alleged leak of Hotmail credential combolist
     Category: Combo List
     Content: Actor redcloud shared a combolist containing 9.1K Hotmail email credentials via MediaFire download link on a cybercriminal forum.
     Date: 2026-03-21T01:29:29Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69326/
     Screenshots:
     None
     Threat Actors: redcloud
     Victim Country: Unknown
     Victim Industry: Technology
     Victim Organization: Microsoft
     Victim Site: hotmail.com
138. Alleged data leak of emails from Eran Ortal
     Category: Data Leak
     Content: The group claims to have leaked 100,000 emails belonging to Eran Ortal in Israel, reportedly containing confidential communications, operational plans, strategic discussions, and internal military-related documents.
     Date: 2026-03-21T00:48:41Z
     Network: openweb
     Published URL: https://handala-team.to/architect-of-zionist-warfare-exposed-eran-ortals-hidden-strategies-now-public/
     Screenshots:
     None
     Threat Actors: Handala Hack
     Victim Country: Israel
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
139. Alleged leak of German credential combolist
     Category: Combo List
     Content: A credential combolist containing 722,208 lines targeting German users has been made available for free download. The combolist appears to contain mixed credentials from various sources.
     Date: 2026-03-21T00:30:26Z
     Network: openweb
     Published URL: https://crackingx.com/threads/69325/
     Screenshots:
     None
     Threat Actors: HQcomboSpace
     Victim Country: Germany
     Victim Industry: Unknown
     Victim Organization: Unknown
     Victim Site: Unknown
140. Alleged Data Breach of Métropole dAix-Marseille-Provence
     Category: Data Breach
     Content: The threat actor claims to have breached the database associated with ampmetropole.fr, the dataset contains user account information such as usernames, hashed passwords (WordPress MD5), email addresses, display names, account registration details, and account status data.
     Date: 2026-03-21T00:05:26Z
     Network: openweb
     Published URL: https://darkforums.su/Thread-DATABASE-ampmetropole-fr-M%C3%A9tropole-d-Aix-Marseille-Provence-20k
     Screenshots:
     None
     Threat Actors: ryolait
     Victim Country: France
     Victim Industry: Government Administration
     Victim Organization: métropole daix-marseille-provence
     Victim Site: ampmetropole.fr