β οΈ FBI Watchdog - DNS Change (NS) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: rondastore.org
Record Type: DNS Change (NS)
Time Detected: 2026-03-20 12:03:32 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: rondastore.org
Record Type: DNS Change (NS)
Time Detected: 2026-03-20 12:03:32 UTC
Previous Records:
dora.ns.cloudflare.com.
sam.ns.cloudflare.com.
New Records:
ns100.webnic.cc.
ns101.webnic.cc.
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Los Angeles County Metropolitan Transportation Authority
Domain:
Country: πΊπΈ US
Date: Mar 20th, 2026
Summary:
The Los Angeles Metro restricted access to its internal computer systems after detecting unauthorized activity, disrupting certain passenger information and options for reloading TAP cards. Although trains and buses continued to operate normally, the agency warned users to reload their cards via physical terminals pending resolution of the problem. No organization claimed responsibility for this incident, although ransomware.live listed the city of Los Angeles as a target of the "Worldleaks" group on March 20, 2026.
Source: https://dysruptionhub.com/la-metro-unauthorized-activity-california/
βββββββββββββββββββββββββ
Victim: Los Angeles County Metropolitan Transportation Authority
Domain:
metro.netCountry: πΊπΈ US
Date: Mar 20th, 2026
Summary:
The Los Angeles Metro restricted access to its internal computer systems after detecting unauthorized activity, disrupting certain passenger information and options for reloading TAP cards. Although trains and buses continued to operate normally, the agency warned users to reload their cards via physical terminals pending resolution of the problem. No organization claimed responsibility for this incident, although ransomware.live listed the city of Los Angeles as a target of the "Worldleaks" group on March 20, 2026.
Source: https://dysruptionhub.com/la-metro-unauthorized-activity-california/
DysruptionHub
Los Angeles Metro limits internal system access after unauthorized activity
Los Angeles Metro restricted internal systems after unauthorized activity, disrupting arrival displays and some TAP reloads; service continued.
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Mutuelle Familiale
Domain:
Country: π«π· FR
Date: Mar 17th, 2026
Summary:
The Family Mutual was the victim of a cybersecurity incident on 17 March, resulting in a temporary unavailability of its services. Investigations are underway to determine the origin of the attack. The mutual recommends that its members be vigilant in the face of any suspicious solicitation.
Source: https://www.argusdelassurance.com/assurance-de-personnes/cyber-attaque-une-mutuelle-victime-dune-intrusion-plus-113-000-assures-potentiellement-concernes.VNWUABFCXBFHRMZZXKFNZW7R3Q.html
βββββββββββββββββββββββββ
Victim: Mutuelle Familiale
Domain:
mutuelle-familiale.frCountry: π«π· FR
Date: Mar 17th, 2026
Summary:
The Family Mutual was the victim of a cybersecurity incident on 17 March, resulting in a temporary unavailability of its services. Investigations are underway to determine the origin of the attack. The mutual recommends that its members be vigilant in the face of any suspicious solicitation.
Source: https://www.argusdelassurance.com/assurance-de-personnes/cyber-attaque-une-mutuelle-victime-dune-intrusion-plus-113-000-assures-potentiellement-concernes.VNWUABFCXBFHRMZZXKFNZW7R3Q.html
L'Argus de l'assurance
Cyber attaque : une mutuelle victime dβune intrusion, plus de 113 000 assurΓ©s potentiellement concernΓ©s
Les services de la mutuelle sont suspendus. Des investigations sont en cours pour dΓ©terminer lβΓ©tendue des dΓ©gΓ’ts.
βΌοΈπ A threat actor has allegedly leaked data from Indymedia.org, an independent media platform, claiming to have exploited an RCE SQL injection vulnerability on the site's Drupal 7 installation using the Metasploit framework.
The threat actor credits upperemel123 for discovering the vulnerability and shared the extracted data for free.
Note: DarkForums came back up very early this morning after their original host was taken down.
The threat actor credits upperemel123 for discovering the vulnerability and shared the extracted data for free.
Note: DarkForums came back up very early this morning after their original host was taken down.
β€2
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Westport Fuel Systems
Domain:
Country: π¨π¦ CA
Date: Mar 17th, 2026
Summary:
Westport Fuel Systems reported unauthorized access to parts of its network, affecting internal computer applications and commercial information, on 17 March 2026. Although production systems remained intact and commercial transactions were not disrupted, the company delayed the filing of its annual financial statements beyond the regulatory deadline of March 31, 2026 to conduct additional audits. This cyberattack led to a neutral rating of the action by TipRanks AI, highlighting weak financial performance despite operational resilience.
Source: https://www.tipranks.com/news/company-announcements/westport-fuel-systems-discloses-cyberattack-and-warns-of-delay-to-2025-annual-results
βββββββββββββββββββββββββ
Victim: Westport Fuel Systems
Domain:
wfsinc.comCountry: π¨π¦ CA
Date: Mar 17th, 2026
Summary:
Westport Fuel Systems reported unauthorized access to parts of its network, affecting internal computer applications and commercial information, on 17 March 2026. Although production systems remained intact and commercial transactions were not disrupted, the company delayed the filing of its annual financial statements beyond the regulatory deadline of March 31, 2026 to conduct additional audits. This cyberattack led to a neutral rating of the action by TipRanks AI, highlighting weak financial performance despite operational resilience.
Source: https://www.tipranks.com/news/company-announcements/westport-fuel-systems-discloses-cyberattack-and-warns-of-delay-to-2025-annual-results
TipRanks
Westport Fuel Systems Discloses Cyberattack and Warns of Delay to 2025 Annual Results
Westport Fuel Systems ( ($TSE:WPRT) ) has shared an announcement. Westport Fuel Systems reported that on March 17, 2026 it detected unauthorized access to parts of ...
βΌοΈπΊπΈ World Leaks has allegedly claimed the City of Los Angeles (LA).
The listing shows 159.9 GB of confidential data across 779 files, with 3 screenshots provided as proof.
The City of Los Angeles has a reported revenue of $10.2 billion.
The listing shows 159.9 GB of confidential data across 779 files, with 3 screenshots provided as proof.
The City of Los Angeles has a reported revenue of $10.2 billion.
β οΈ FBI Watchdog - WHOIS Change β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 15:35:55 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 15:35:55 UTC
Previous Records:
name_servers: ['1-you njalla no', '2-can njalla in', '3-get njalla fo']
New Records:
name_servers: ['1-you njalla no', '2-can njalla in', '3-get njalla fo'] β ['amber ns cloudflare com', 'chris ns cloudflare com']
βΌοΈπ«π· A threat actor is allegedly selling personal data of 109,302 people from the ConfΓ©dΓ©ration Musicale de France (CMF), a national organization that brings together amateur music ensembles such as wind bands, orchestras, and choirs across France.
The data reportedly includes 86,809 unique addresses, 81,404 unique phone numbers, and 80,518 unique emails. A 1K sample and proof links were provided.
The data reportedly includes 86,809 unique addresses, 81,404 unique phone numbers, and 80,518 unique emails. A 1K sample and proof links were provided.
β οΈ FBI Watchdog - WHOIS Change β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 15:57:53 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 15:57:53 UTC
Previous Records:
name_servers: ['amber ns cloudflare com', 'chris ns cloudflare com']
New Records:
name_servers: ['amber ns cloudflare com', 'chris ns cloudflare com'] β ['1-you njalla no', '2-can njalla in', '3-get njalla fo']
β οΈ FBI Watchdog - DNS New Domain (AAAA) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: DNS New Domain (AAAA)
Time Detected: 2026-03-20 16:16:10 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: DNS New Domain (AAAA)
Time Detected: 2026-03-20 16:16:10 UTC
Previous Records:
None
New Records:
2606:4700:3030::6815:6cb
2606:4700:3037::ac43:8740
β οΈ FBI Watchdog - IP Change (new ips added) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: IP Change (new ips added)
Time Detected: 2026-03-20 16:18:53 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: IP Change (new ips added)
Time Detected: 2026-03-20 16:18:53 UTC
Previous Records:
A: 88.214.24.107
AAAA:
New Records:
AAAA: None β 2606:4700:3030::6815:6cb, 2606:4700:3037::ac43:8740
Classification: 2 new IP(s) added
β οΈ FBI Watchdog - WHOIS Change β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 16:43:27 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: WHOIS Change
Time Detected: 2026-03-20 16:43:27 UTC
Previous Records:
name_servers: ['1-you njalla no', '2-can njalla in', '3-get njalla fo']
New Records:
name_servers: ['1-you njalla no', '2-can njalla in', '3-get njalla fo'] β ['amber ns cloudflare com', 'chris ns cloudflare com']
β οΈ FBI Watchdog - IP Change (ip change) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: IP Change (ip change)
Time Detected: 2026-03-20 16:43:29 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: IP Change (ip change)
Time Detected: 2026-03-20 16:43:29 UTC
Previous Records:
A: 88.214.24.107
AAAA: 2606:4700:3030::6815:6cb, 2606:4700:3037::ac43:8740
New Records:
A: 88.214.24.107 β 104.21.6.203, 172.67.135.64
Classification: 2 added, 1 removed
β οΈ FBI Watchdog - DNS Change (A) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: DNS Change (A)
Time Detected: 2026-03-20 17:02:14 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: breachforums.ac
Record Type: DNS Change (A)
Time Detected: 2026-03-20 17:02:14 UTC
Previous Records:
88.214.24.107
New Records:
104.21.6.203
172.67.135.64
βΌοΈ Operation Alice: 23 Nations Unite to Dismantle Massive Dark Web CSAM Network
23 countries. 440 suspects identified. One operator running it all from China.
German authorities & Europol spent nearly 5 years unraveling a sprawling network of fraudulent dark web sites advertising child sexual abuse material & cybercrime-as-a-service. The twist? It was all a scam, the operator collected Bitcoin payments (earning β¬345K+ from ~10,000 customers) but never delivered anything.
Didn't matter. Customers became suspects too. Investigators traced cryptocurrency payments, identified buyers across the globe, and launched prosecutions, including a Bavarian father convicted after paying just β¬20.
An international arrest warrant has been issued for the 35-year-old operator. Investigations into 100+ individuals are still ongoing.
The message from Europol is clear: attempting to buy illegal material is enough to put you in law enforcement's crosshairs. The dark web isn't as anonymous as you think.
Source: https://www.europol.europa.eu/media-press/newsroom/news/global-cybercrime-crackdown-over-373-000-dark-web-sites-shut-down
23 countries. 440 suspects identified. One operator running it all from China.
German authorities & Europol spent nearly 5 years unraveling a sprawling network of fraudulent dark web sites advertising child sexual abuse material & cybercrime-as-a-service. The twist? It was all a scam, the operator collected Bitcoin payments (earning β¬345K+ from ~10,000 customers) but never delivered anything.
Didn't matter. Customers became suspects too. Investigators traced cryptocurrency payments, identified buyers across the globe, and launched prosecutions, including a Bavarian father convicted after paying just β¬20.
An international arrest warrant has been issued for the 35-year-old operator. Investigations into 100+ individuals are still ongoing.
The message from Europol is clear: attempting to buy illegal material is enough to put you in law enforcement's crosshairs. The dark web isn't as anonymous as you think.
Source: https://www.europol.europa.eu/media-press/newsroom/news/global-cybercrime-crackdown-over-373-000-dark-web-sites-shut-down
β€2
πͺπΊ Europol Press Release
βββββββββββββββββββββ
Global cybercrime crackdown: over 373 000 dark web sites shut down
Full Press Release β europol.europa.eu
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ Europol Monitor
βββββββββββββββββββββ
Global cybercrime crackdown: over 373 000 dark web sites shut down
Full Press Release β europol.europa.eu
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ Europol Monitor
Europol
Global cybercrime crackdown: over 373 000 dark web sites shut down β Authorities from 23 countries participate in the operationβ¦
On 9 March 2026, a global operation led by German authorities and supported by Europol was launched against one of the largest networks of fraudulent platforms in the dark web. The investigation began in mid-2021 against the dark web platform βAlice withβ¦
β€1π1
Europol press releases will come to this channel now just like the DOJ press releases. Working on other countries.
β€2