‼️🇮🇳 A threat actor is allegedly selling administrator/root database access to an Indian construction company with $1 billion in revenue, containing over 44 GB of data.

A screenshot shows a database data export tool with multiple schemas available for export.

Price: $1,500.

f i deleted the breachforums fbi watchdog update by mistake. anyways 502 502 502 502 502 502 502 502 502

⚠️ FBI Watchdog - IP Change (ips removed) ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: cockbox.org
Record Type: IP Change (ips removed)
Time Detected: 2026-03-14 19:55:31 UTC

Previous Records:

A: 193.239.85.202
AAAA: 2001:ac8:7d:1e::c0cc:2

New Records:

A: 193.239.85.202 → None
Classification: 1 IP(s) removed

⚠️ FBI Watchdog - IP Change (new ips added) ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: cockbox.org
Record Type: IP Change (new ips added)
Time Detected: 2026-03-14 20:20:56 UTC

Previous Records:

A: 
AAAA: 2001:ac8:7d:1e::c0cc:2

New Records:

A: None → 193.239.85.202
Classification: 1 new IP(s) added

I'm aware of a newly registered BF and LeakBase domain. Not confirmed who owns them.

⚠️ FBI Watchdog - WHOIS Change ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: doxbin.net
Record Type: WHOIS Change
Time Detected: 2026-03-15 13:44:44 UTC

Previous Records:

status: ['clientdeleteprohibited', 'clienttransferprohibited']

New Records:

status: ['clientdeleteprohibited', 'clienttransferprohibited'] → ['clientdeleteprohibited', 'clienthold', 'clienttransferprohibited']

⚠️ FBI Watchdog - IP Change (ips removed) ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: doxbin.net
Record Type: IP Change (ips removed)
Time Detected: 2026-03-15 14:09:03 UTC

Previous Records:

A: 104.20.41.231, 172.66.155.33
AAAA: 2606:4700:10::6814:29e7, 2606:4700:10::ac42:9b21

New Records:

AAAA: 2606:4700:10::6814:29e7, 2606:4700:10::ac42:9b21 → None
Classification: 2 IP(s) removed

their main site is still up, they probably removed the ips is my guess. who knows at this point.

oh n/m i just saw the whois change lul

‼️🇲🇽 A threat actor has allegedly leaked the database of Universidad Tecnológica del Centro de Veracruz, a Mexican university.

The data reportedly includes full names, paternal and maternal surnames, phone numbers, personal emails, dates of birth, addresses, ages, positions, academic programs, disabilities, and income information.

Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━

Victim: DeKalb County Sheriff's Department and Jail
Domain: dekalbsheriff.org

Country: 🇺🇸 US
Date: Mar 14th, 2026

Summary:
On March 14, 2026, the DeKalb County Sheriff's Department and Jail in Georgia reported that their main computer server was compromised by a ransomware virus. The breach affected critical systems including email and booking software, but authorities successfully recovered the booking data with help from their vendor. Sheriff Patrick Ray confirmed that law enforcement agencies including the FBI and TBI are assisting with the investigation, noting this incident may be linked to broader foreign cyber attacks targeting law enforcement agencies nationwide.

Source: https://www.wjle.com/sheriffs-department-and-jails-main-computers-hacked/

‼️🇨🇦 The actor has released the first 251,366 Salesforce records of Loblaw and threatens more to come if the company does not contact them.

‼️ BreachForums has been down for roughly a day now, but they claim they will be back up after an "internal problem," although @CCITIC has claimed to have knocked the forum offline (see secondary post).

https://x.com/DarkWebInformer/status/2032955324953477256

⚠️ FBI Watchdog - WHOIS Change ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: doxbin.net
Record Type: WHOIS Change
Time Detected: 2026-03-16 04:40:54 UTC

Previous Records:

status: ['clientdeleteprohibited', 'clienthold', 'clienttransferproh

New Records:

status: ['clientdeleteprohibited', 'clienthold', 'clienttransferprohibited'] → ['clientdeleteprohibited', 'clienttransferprohibited']

⚠️ FBI Watchdog - IP Change (new ips added) ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: doxbin.net
Record Type: IP Change (new ips added)
Time Detected: 2026-03-16 05:01:40 UTC

Previous Records:

A: 104.20.41.231, 172.66.155.33
AAAA: 

New Records:

AAAA: None → 2606:4700:10::6814:29e7, 2606:4700:10::ac42:9b21
Classification: 2 new IP(s) added

⚠️ FBI Watchdog - HTTP Fingerprint Change ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: enclave.cc
Record Type: HTTP Fingerprint Change
Time Detected: 2026-03-16 11:36:46 UTC

Previous Records:

Status: 200
Body: 12f18a7445ce

New Records:

Status: 200 → 500
Redirect: https://www.enclave.cc/ → https://enclave.cc/
x-xss-protection: 0 → None
Body hash: 12f18a7445ce → e59fdfbc657b (size: 48,402 → 1,576)

⚠️ FBI Watchdog - HTTP Fingerprint Change ⚠️
🔗 DarkWebInformer.com - Cyber Threat Intelligence

Domain: enclave.cc
Record Type: HTTP Fingerprint Change
Time Detected: 2026-03-16 13:54:00 UTC

Previous Records:

Status: 500
Body: e59fdfbc657b

New Records:

Status: 500 → 200
Redirect: https://enclave.cc/ → https://www.enclave.cc/
x-xss-protection: None → 0
Body hash: e59fdfbc657b → 06d9ec7c57fb (size: 1,576 → 48,382)