𝙞𝙣𝙩𝙚𝙡𝙧𝙖𝙩

Salutations

Ransomware group DragonForce listed another two alleged victims on their leak site earlier today. Post details: Threat actor: DragonForce Victim 1: vatractor[.]com Data size: 22.4 GB Leak deadline: 4 days 18 hours Post date: 19 March 2026 Victim 2: Mercedes-Benz of Arlington Data size: 93.07 GB Leak deadline: 4 days 17 hours Post date: 19 March 2026

FBI seizes Handala data leak site after Stryker cyberattack bleepingcomputer.com/news/security/…

🚨 BREAKING: FBI seizes primary infrastructure of #Handala, the #Ransomware group linked to Iran’s IRGC! Court-authorized warrant leads to the takedown of domains used for state-sponsored cyber operations and network intrusions. Major blow to Iranian proxy activities. 📉 Full CTI update & analysis: 🛡️Darkfeed.io #Handala #IRGC #Iran #FBI #CyberSecurity #ThreatIntel #InfoSec

Authorities disrupt world’s largest IoT DDoS botnets responsible for record breaking attacks targeting victims worldwide justice.gov/usao-ak/pr/aut…

There is supposedly another version of BreachForums trying to reopen as a rival to HasanBroker's version of BreachForums. HasanBroker's statement on the matter in the image below:

Threat actor group KittyKatKrew claim to have breached The Government Ayurved College and Hospital Nagpur Threat actor claim: "We encourage someone at The Government Ayurved College and Hospital Nagpur to reach out to us either on Session (Redacted) or X (Redacted) to resolve this issue. You have 72 hours or this entire database will be leaked publicly." - KittyKatKrew

Ransomware group DragonForce have just listed Health Management Systems as a new alleged victim on their leak site. Post details: Threat actor: DragonForce Victim: Health Management Systems Data size: 154.24 GB Leak deadline: Published Post date: 19 March 2026

Ransom extortion group ShinyHunters have listed Berkadia Commercial Mortgage LLC as a new alleged victim on their leak site. Post details: Threat actor: ShinyHunters Victim: Berkadia Commercial Mortgage LLC 5M+ Records Leak deadline: 20 Mar 2026 Post date: 19 Mar 2026 Threat actor claim: "Over 5M Salesforce records containing PII and other internal corporate data have been compromised." - ShinyHunters

North Korean hacker group Lazarus allegedly hacked Bitrefill they drained hot wallets and stole 18,500 customers information

Aura confirms data breach exposing 900,000 marketing contacts (ShinyHunters claimed the attack) bleepingcomputer.com/news/security/…

This is particularly noteworthy. The SCADA-related fires, allegedly attributed to a cyberattack, have been widely speculated to involve threat actor Pryx. However, responsibility has also reportedly been claimed by the threat actor group Devman. Please note that this is a highly speculative topic at this stage.

❗️Cybersecurity company Aura suffered a data breach after a phone phishing attack by ShinyHunters. The attackers gained access to an employee account. Most of the stolen data came from a company Aura acquired in 2021: over 900,000 names and email addresses stored in Salesforce. Additionally, data of fewer than 20,000 current and 15,000 former Aura customers was stolen, including names, emails, addresses, and phone numbers.

This is how one of the biggest Bitcoin whales was actually a hacker - “Loaded” on Bitcointalk - anonymous user since 2012 - called himself a Bitcoin multimillionaire - claimed to be a broker and asset manager - posted only ~135 times - rumors of 182,000 BTC 2017 - signs a message with 40,000 BTC - offers a swap to Roger Ver - later moves it all to SegWit - pays ~$1 in fees for years - holds through every crash - disappears from the forum 2021 - US authorities raid a house in Georgia - find 50,000+ BTC hidden - inside a safe and a popcorn tin real identity - James Zhong - hacked Silk Road in 2012 - exploited a withdrawal bug - stole 50,680 BTC after - funds seized by the government - pleads guilty - sentenced in 2023

Ransomware group DragonForce have just listed another 5 new alleged victims on their leak site. Post details: Threat actor: DragonForce Victim 1: Dynex/Rivett Data size: 58.49 GB Leak deadline: Published Post date: 18 March 2026 Victim 2: Flexform Data size: 29.51 GB Leak deadline: Published Post date: 18 March 2026 Victim 3: HARTMANN BAU Data size: 166.59 GB Leak deadline: Published Post date: 18 March 2026 Victim 4: gasteiger[.]design Data size: 37.47 GB Leak deadline: 21 hours Post date: 18 March 2026 Victim 5: Construction Equipment Parts Data size: 21.91 GB Leak deadline: 2 days 17 hours Post date: 18 March 2026

Ransomware group DragonForce have listed a new alleged victim on their leak site. Post details: Threat actor: DragonForce Victim: Conrad Capital Management Data size: 74.23 GB Leak deadline: 4 days 5 hours Post date: 18 March 2026

The LAPSUS$ Group X account has been suspended.

An interesting detail in the latest @IntelOpsV3 report on Pryx (the alleged Hellcat member) IntelOps claims that there is no Lapsus or ShinyHunters with SLSH, and IntelOps suspects that SLSH is just a rebrand of Hellcat for the purpose of clout.

The threat actor group Hellcat has now reportedly had 2 of its members de-anonymized, those members being Rey & Pryx. IntelBroker, Hellcat's most notorious alleged member in terms of publicity, was reportedly arrested in 2025 and is believed to be in custody. The current state of Hellcat is shown in the image of alleged members below.

❗️Pryx just replied with the cheapest MacBook, a cheap Taurus gun and about 80 USD worth of Kazakhstani tenge.