A cyber threat actor named B4baYega claims to have breached Arabian Health Care in Saudi Arabia, offering stolen data and database access for sale. The breach affects the healthcare industry and involves sensitive patient and operational information. #B4baYega #ArabianHealthCare…
Tag: DARK WEB
The Canadian Investment Regulatory Organization (CIRO) experienced a data breach affecting approximately 750,000 investors. The attack involved a sophisticated phishing scheme, exposing sensitive personal information but not login credentials. #Phishing #DataBreach #CIRO #InvestorSecurity…
Orion Ransomware is a newly observed operation whose public activity is limited to a data leak site listing 13 alleged victims and affiliate recruitment messaging rather than demonstrated ransomware development or independently verified intrusions. Analysis links the operator to prior reputation-driven extortion activity associated with Babuk2, indicating recycled leak material and low confidence in original operational capability. #Orion #Babuk2
Cyble’s analysis describes deVixor, an evolving Android banking RAT distributed via fake automotive websites that deploy malicious APKs to Iranian users to harvest SMS-based financial data, capture credentials, perform keylogging, and surveil devices. The malware now includes WebView-based JavaScript injection, a remotely triggered ransomware module, and uses Telegram and Firebase for command-and-control and large-scale administration. #deVixor #IranianBanks
A threat actor named “buzz” has claimed to leak a database containing 1,980 Chilean credit card records with an 85% validity rate, auctioning the data online. The incident highlights ongoing risks to financial data security in Chile. #PatrickStash #CreditCardLeak…
A threat actor named “zvezdanwastaken” has claimed to breach the Amarillo College Panhandle Regional Law Enforcement Academy, exposing over 11,000 event registration records. The compromised data includes personal information of law enforcement personnel from multiple Texas agencies. #zvezdanwastaken #DataBreach…
A threat actor named HACKCN claims to have leaked the personal data of around 10,000 Singaporean citizens. The dataset includes sensitive information such as NRIC numbers, names, dates of birth, and contact details, raising significant privacy concerns. #HACKCN #NRIC #SingaporeDataBreach…
Intelligence-driven detection that combines endpoint/XDR, network detection, and threat intelligence enables earlier identification of ransomware precursor behaviors like reconnaissance, credential theft, and data staging before encryption occurs. Recorded Future and similar platforms strengthen detection by providing organization-specific, real-time context on active campaigns, attacker infrastructure, and vulnerabilities prioritized by what ransomware operators are actually exploiting. #LockBit #RecordedFuture
Max Messenger experienced a major data breach, exposing information on 154 million users, including usernames, phone numbers, and session tokens. The attack was carried out using a 0-day vulnerability, with the threat actor claiming long-term undetected access and the release of sensitive data. #CamelliaBtw #MaxMessengerBreach…
An Iranian online medical platform has reportedly experienced a data breach affecting over 700,000 citizens, as claimed by the threat actor “xploitleaks.” The breach allegedly includes sensitive personal information and access credentials, with the data being sold via Telegram. #xploitleaks #DataBreach #IranianHealthcare…
A threat actor named “miya” is offering unauthorized access to the Saudi Arabia Government Postal System Domain Controller for sale on BreachForums. This high-severity a sale includes root-level remote code execution and firewall administrator permissions. #Miya #SaudiArabiaPostal #DomainControllerAccess…
Sagolink Korean Insurance Company Breach Allegedly Exposes Over 12,000 Customer and Adjuster Records
A cyber attacker known as “p0ppin” claimed to have breached South Korean insurance firm Sagolink, exposing over 12,000 records of customers and adjusters. The compromised data includes personal details such as phone numbers, emails, birth dates, and accident reports. #Sagolink #DataBreach…
An Iranian cryptocurrency exchange, Almaex, reportedly experienced a data breach exposing over 50,000 user records in January 2026. The breach was claimed by the threat actor “lulzintel” and targeted the Almaex platform. #Almaex #lulzintel…
Iran’s leading chat platform, Nazdika, experienced a major data breach exposing over 150GB of private messages and media files. The breach was claimed by the threat actor “xploitleaks” and involved the sale of confidential data via Telegram. #Nazdika #DataBreach…
A major data breach involving Horus Soluções Integradas has leaked nearly 2 million records affecting municipal systems in Brazil, including personal and financial information. The leak targets the “ISS Web” service used by multiple cities, impacting taxpayers and local governments. #HorusSoluções #MinasGerais #ISSWeb #TaxDatabaseLeak #DarkWebThreats…