1/2βΌοΈ The database of MyLovely[.]AI, an NSFW AI image generation platform, has allegedly been leaked on a popular cybercrime forum.
Threat Actor: XTC
Category: Data Breach
Industry: AI / Adult Content
Breach contains:
βͺοΈ User IDs
βͺοΈ Email addresses
βͺοΈ Generated on-site content (prompts, images, metadata)
βͺοΈ Content moderation reports
Total rows: 254,580
Unique users: ~106,362
The leaked data includes multiple JSON files, including Profiles, Gallery_Items, Community_Items, and Collections.
The data exposes user email addresses used as display names, subscription plans, Discord links, AI image prompts (including explicit content), Supabase storage URLs, and collection metadata.
Negative prompt fields reveal the platform's content filtering terms designed to block CSAM-adjacent outputs.
Threat Actor: XTC
Category: Data Breach
Industry: AI / Adult Content
Breach contains:
βͺοΈ User IDs
βͺοΈ Email addresses
βͺοΈ Generated on-site content (prompts, images, metadata)
βͺοΈ Content moderation reports
Total rows: 254,580
Unique users: ~106,362
The leaked data includes multiple JSON files, including Profiles, Gallery_Items, Community_Items, and Collections.
The data exposes user email addresses used as display names, subscription plans, Discord links, AI image prompts (including explicit content), Supabase storage URLs, and collection metadata.
Negative prompt fields reveal the platform's content filtering terms designed to block CSAM-adjacent outputs.
β€1π1
T1erOne forum is now allowing researcher applications. π
tier1.life // https://x.com/tieroneforum/status/2041231850337903089
tier1.life // https://x.com/tieroneforum/status/2041231850337903089
β€1
βΌοΈπΊπΈ PLAY Ransomware Claims 2 Victims
Crystal Point, a security software company based in the United States
Morphosis, a US-based architecture, engineering, and design firm. It's the renowned architecture practice founded by Thom Mayne, known for landmark buildings worldwide.
Crystal Point, a security software company based in the United States
Morphosis, a US-based architecture, engineering, and design firm. It's the renowned architecture practice founded by Thom Mayne, known for landmark buildings worldwide.
Those who are subscribers and have seen the combo list posts, I'm currently deduping when the thread title is similar on another forum. Do you want those posts from other forums as well... combo list only?
Anonymous Poll
38%
Yes
45%
No
7%
Doesn't Matter
10%
Show Results
β€1
πͺ Slice For Life πͺ
βΌοΈBreachForums scammer, N/A, has allegedly been d*xed. π https://x.com/KeyserSoze1337/status/2041176134641996009
[.]st PwnForums now has a "Wall fo Shame" section, now beginning with N/A.
β€1π1
πͺ Slice For Life πͺ
[.]st PwnForums now has a "Wall fo Shame" section, now beginning with N/A.
The email is clean in Whiteintel.io in case you were curious.
βΌοΈπ·πΊ Forum IP Leak: ascarding[.]net
IP: 94.159.113.232
Ports: 22, 88
ASN: 216234
IP: 94.159.113.233
Ports: 22, 88
ASN: 216234
IP: 94.159.113.232
Ports: 22, 88
ASN: 216234
IP: 94.159.113.233
Ports: 22, 88
ASN: 216234
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Signature Healthcare
Domain:
Country: πΊπΈ US
Date: Apr 6th, 2026
Summary:
Signature Healthcare and Brockton hospital confirmed a cybersecurity incident disrupting certain computer systems, resulting in ambulance traffic diversion and cancellation of chemotherapy infusion services for April 6. While emergency services and scheduled surgical procedures continue, retail pharmacies were closed and patients reported significant delays and increased stress during their visits. The facility activated offline operating procedures and is working with external partners to investigate and restore operations as quickly as possible.
Source: https://www.wcvb.com/article/brockton-hospital-services-affected-by-cyber-incident/70944847
βββββββββββββββββββββββββ
Victim: Signature Healthcare
Domain:
signature-healthcare.orgCountry: πΊπΈ US
Date: Apr 6th, 2026
Summary:
Signature Healthcare and Brockton hospital confirmed a cybersecurity incident disrupting certain computer systems, resulting in ambulance traffic diversion and cancellation of chemotherapy infusion services for April 6. While emergency services and scheduled surgical procedures continue, retail pharmacies were closed and patients reported significant delays and increased stress during their visits. The facility activated offline operating procedures and is working with external partners to investigate and restore operations as quickly as possible.
Source: https://www.wcvb.com/article/brockton-hospital-services-affected-by-cyber-incident/70944847
WCVB
Brockton hospital hit by cybersecurity incident, services affected
Signature Healthcare says a cybersecurity incident is affecting some systems, with ambulance traffic diverted and some services disrupted.
π1
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Gritman Medical Center
Domain:
Country: πΊπΈ US
Date: Apr 1st, 2026
Summary:
Gritman Medical Center began reopening its clinics in Moscow, Idaho on Friday following a cybersecurity incident that occurred on Wednesday, which disrupted outpatient care. While the hospital and emergency services remained open, several specialty clinics had to be temporarily closed pending restoration of electronic systems. Investigators confirmed that no patient data was compromised, although the exact nature of the incident and its origin remain to be determined.
Source: https://dysruptionhub.com/gritman-cyber-incident-idaho/
βββββββββββββββββββββββββ
Victim: Gritman Medical Center
Domain:
gritman.orgCountry: πΊπΈ US
Date: Apr 1st, 2026
Summary:
Gritman Medical Center began reopening its clinics in Moscow, Idaho on Friday following a cybersecurity incident that occurred on Wednesday, which disrupted outpatient care. While the hospital and emergency services remained open, several specialty clinics had to be temporarily closed pending restoration of electronic systems. Investigators confirmed that no patient data was compromised, although the exact nature of the incident and its origin remain to be determined.
Source: https://dysruptionhub.com/gritman-cyber-incident-idaho/
DysruptionHub
Moscow, Idaho, clinics reopen after Gritman cyber incident
Gritman clinics in Moscow reopening after a cyber incident disrupted patient care. Hospital and ER remained open; no data compromise confirmed.
βΌοΈπ¨π΄ The internal and confidential databases of Banco Agrario de Colombia, a state-owned Colombian bank, have allegedly been leaked on a popular cybercrime forum.
βͺοΈThreat Actor: Petro_Escobar (in collaboration with NyxarGroup)
βͺοΈCategory: Data Breach
βͺοΈVictim: Banco Agrario de Colombia
βͺοΈIndustry: Banking / Financial Services
Breach contains:
βͺοΈ 40,000 records
βͺοΈ Database architecture and schema
βͺοΈ User/customer data samples
βͺοΈThreat Actor: Petro_Escobar (in collaboration with NyxarGroup)
βͺοΈCategory: Data Breach
βͺοΈVictim: Banco Agrario de Colombia
βͺοΈIndustry: Banking / Financial Services
Breach contains:
βͺοΈ 40,000 records
βͺοΈ Database architecture and schema
βͺοΈ User/customer data samples
βΌοΈπ²π½Threat actor Lvn4t1k0 allegedly leaked personal data from CONALEP Morelos including teacher information (RFC, CURP, Gmail, passwords, usernames, full names) and student credentials.
Three files were made available for download containing teacher and student login credentials for the institutions online systems.
Three files were made available for download containing teacher and student login credentials for the institutions online systems.
β€1