Nike is investigating a potential cybersecurity incident after the extortion group World Leaks claimed to have published 1.4 terabytes of alleged internal data on its dark web site. The company has not confirmed what types of information were exposed or whether customers, employees, or wholesale partners were affected, while World Leaks…
Tag: DARK WEB
ShinyHunters claim to have leaked tens of millions of records from SoundCloud, Crunchbase, and Betterment after failed extortion attempts, publishing alleged partial databases on a new dark web .onion leak site. The group has also claimed responsibility for an Okta SSO vishing campaign, and researchers and the affected companies are investigating…
The Clop ransomware group claims to have breached 43 targets in the last 24 hours and posted a massive new list of victims to its dark web leak site. The listings span organizations across the United States, Canada, the United Kingdom, Europe, and New Zealand and include major names such as…
A threat actor using the handle “renn” claims to be selling a 1.9GB Affirm user database containing 26,702,116 records. The listing, posted on the Exploit forum, lists the breach date as January 23, 2026, and offers the full database for $14,000 or $700 per million records with a one-million-record minimum sale…
Epitech has reportedly been targeted in a data scraping incident that exposed a 5.4MB database of user profiles on a dark web forum. The leaked dataset allegedly includes full names, email addresses, and phone numbers made available for download by a threat actor. #Epitech #DarkWebForum…
Custom voice-phishing kits sold on dark web forums and messaging platforms provide real-time, phone-assisted tools that help criminals intercept credentials and multi-factor authentication codes for Google, Microsoft, and Okta accounts. These “impersonation-as-a-service” offerings mimic authentication flows, forward harvested credentials (often via Telegram), recruit native-English callers for helpdesk scams, and have enabled…
Manage My Health has contained a late‑2023 cyberattack that accessed documents in its “My Health Documents” feature and has notified most potentially affected users. The company warns fraudsters are impersonating the patient portal to send phishing messages while it works with regulators, the High Court, and partners like IDCARE to monitor…
A cyber threat actor named “iProfessor” claims to have breached CallOnDoc, exposing over 1.14 million patient records. The data includes sensitive medical conditions and is offered for sale on the dark web. #CallOnDoc #DataBreach…
The report documents major financial-sector incidents including a 3-million-record database leak from Indonesia’s largest bank sold on DarkForums by the actor BreachLaboratory and a ransomware breach by INC Ransom that published roughly 100GB of stolen data. It additionally analyzes a phishing email campaign targeting financial institutions, lists top malware strains affecting…
BuyLottoOnline, a major global lottery platform, has suffered a data breach exposing over 38,000 user records from multiple countries. The compromised database, labeled as “2025 year,” is available on the dark web for purchase or download. #BuyLottoOnline #DataBreach #DarkWeb…
A threat actor named SinCity is reportedly selling a dataset of approximately 53,000 U.S. driver license images on the Exploit forum. This incident follows previous listings by the same actor, who has a history of selling various personal and fraudulent data. #SinCity #DriverLicenses…
A breach on the Menulux Turkish POS platform exposed the personal data of 93,000 customers, affecting the software industry. The threat actor “888” claimed responsibility for the data leak. #Menulux #BreachForums…
Recorded Future / Insikt Group documents PurpleBravo, a North Korean-linked campaign that uses fraudulent developer/recruiter personas and malicious GitHub repositories to deliver infostealers and multi-platform RATs (BeaverTail, GolangGhost/PylangGhost, InvisibleFerret) targeting software developers—especially in the cryptocurrency sector and South Asia. The report details obfuscated JavaScript (Base64 + XOR), RC4/MD5 C2 protocols, registry Run-key persistence, Chrome credential-theft techniques (including DPAPI and app-bound bypasses), extensive C2 infrastructure (dozens of IPs and Astrill VPN nodes), and overlap with PurpleDelta activity. #PurpleBravo #BeaverTail
The Everest ransomware group has claimed to have breached McDonald’s India, exfiltrating 861 GB of sensitive data including customer and internal documents. The authenticity of these claims remains unverified, and further investigation is ongoing. #EverestRansomware #McDonaldsIndia…
PCComponentes Allegedly Breached, Exposing 16.3 Million Customer Records Including Payment Card Data
A cyber threat actor alleges to have breached PCComponentes, exposing over 16 million customer records, including payment and personal information. The breach is being sold on the dark web, highlighting a significant data leak in the retail sector. #PCComponentes #DataBreach #BreachForums…