🚨‼️ BREAKING: Crunchyroll breached through outsourcing partner in India.
A threat actor exfiltrated data from Crunchyroll's ticketing system and also managed to pull 100 GB of personally identifiable customer analytics data.
We've analyzed sample data and it includes IP addresses, email addresses, credit card details, and more.
An employee of their outsourcing partner Telus had executed malware on his system, which gave a threat actor access to Crunchyroll's environment.
The threat actor told us the breach happened on March 12, 2026. Crunchyroll revoked their access after 24 hours.
They also said Crunchyroll is ignoring all messages and still hasn't publicly disclosed the breach.
A threat actor exfiltrated data from Crunchyroll's ticketing system and also managed to pull 100 GB of personally identifiable customer analytics data.
We've analyzed sample data and it includes IP addresses, email addresses, credit card details, and more.
An employee of their outsourcing partner Telus had executed malware on his system, which gave a threat actor access to Crunchyroll's environment.
The threat actor told us the breach happened on March 12, 2026. Crunchyroll revoked their access after 24 hours.
They also said Crunchyroll is ignoring all messages and still hasn't publicly disclosed the breach.
1❤9😢3😭2
‼️BREAKING: The Aqua Security Trivy breach leak has been posted on GitHub by the threat actor. Exposed repos contain private keys and credential scripts.
GitHub has since taken down the pages.
All repos were tagged: "TeamPCP Owns Aqua Security."
GitHub has since taken down the pages.
All repos were tagged: "TeamPCP Owns Aqua Security."
😢2🤣2
Media is too big
VIEW IN TELEGRAM
‼️Cambodia aims to shut down ALL online scam centers there by the end of April and they're very serious about this.
Just last night they arrested 49 scammers, confiscated 687 phones, and countless SIM cards.
What's withholding other countries from doing the same?
Just last night they arrested 49 scammers, confiscated 687 phones, and countless SIM cards.
What's withholding other countries from doing the same?
👏5❤1🔥1😢1
🚨‼️Discord leaked user IDs with ban reasons to the EU DSA Transparency Database until 2025.
Discord supplied the IDs by mistake. The EU hosted it all.
The irony? The DSA is a regulation designed to protect users.
The problem: say a user gets banned for "You broke Discord's rules regarding Child Safety content." They appeal, the ban turns out to be unjust — but people can still reverse look up the user ID and see that reason.
And they'll conclude one thing.
The leaks went on from July 2024 till August 2025.
Discord provided the data to comply with Digital Services Act regulations.
The EU hosted the leaks under the Digital Services Act.
All in the name of protecting users...
This is where the database is located, you can find all sorts of platform bans and reasons there. The EU has since deleted the user IDs:
https://transparency.dsa.ec.europa.eu/explore-data/download
Discord supplied the IDs by mistake. The EU hosted it all.
The irony? The DSA is a regulation designed to protect users.
The problem: say a user gets banned for "You broke Discord's rules regarding Child Safety content." They appeal, the ban turns out to be unjust — but people can still reverse look up the user ID and see that reason.
And they'll conclude one thing.
The leaks went on from July 2024 till August 2025.
Discord provided the data to comply with Digital Services Act regulations.
The EU hosted the leaks under the Digital Services Act.
All in the name of protecting users...
This is where the database is located, you can find all sorts of platform bans and reasons there. The EU has since deleted the user IDs:
https://transparency.dsa.ec.europa.eu/explore-data/download
🤣8🤬2❤1
🚨‼️"Team PCP" — the group behind the Trivy compromise — have likely hit more software vendors and repos, stealing even more credentials in the process. LiteLLM is just one of many.
More disclosures are expected in the coming days. Stay alert!
More disclosures are expected in the coming days. Stay alert!
🔥1🤣1
🚨‼️ We're in contact with the actor behind the Trivy and LiteLLM hack. They told us they are currently extorting several multi-billion-dollar companies from which they've exfiltrated data.
They've obtained 300 GB of compressed credentials and are working their way through them as we speak.
The LiteLLM compromise alone led to half a million stolen credentials, according to the threat actor.
Their message to the world: "TeamPCP is here to stay. Long live the supply chain."
They've sent us their new logo (see image) and also teamed up with several threat actors, including Xploiters and Vect.
They've obtained 300 GB of compressed credentials and are working their way through them as we speak.
The LiteLLM compromise alone led to half a million stolen credentials, according to the threat actor.
Their message to the world: "TeamPCP is here to stay. Long live the supply chain."
They've sent us their new logo (see image) and also teamed up with several threat actors, including Xploiters and Vect.
🔥8❤1
Almost 100k followers...
Time to reflect...
Thank you to my followers from the bottom of my heart...
I will never betray you...
Countless nights...
I received dick pics from haters...
I received job offers from law enforcement...
I received job offers from news outlets...
I received threats from threat actors...
I got to know my heroes...
I got to work with my heroes...
I received a lot of hate for no reason...
I received a lot of love...
I saw threat actors go to jail...
I got calls from multi-billion-dollar companies' C-level employees...
I saw legit cybersecurity professionals and their families get threatened by threat actors for doing their job...
I saw threat actors who did their time...
I saw threat actors struggle trying to stay on the right path after doing their time...
I was falsely accused countless times of spreading fake news...
I was suspended for no reason...
I picked up important research and pushed scoops into the world...
I helped journalists cover important stories...
I gave people a voice and told their stories...
I enjoyed every bit of it...
I missed a lot of time with my kids...
When others were relaxing after work, I was working...
When others were having weekends, I was working on this channel...
When others were having holidays, I was working to not miss an important story...
I have worked 80-hour work weeks for the past months...
I have developed an insane drive for this channel...
I am not in it for the money...
I am in it for the passion...
I am just one man...
I have one mission...
That is to inform you...
To create transparency...
To help SOCs/CDCs/CSIRTs...
To inform tech professionals and enthusiasts...
To not let corporations or governments get away with negligence or malice...
Almost 100k followers...
All thanks to you...
Thank you from the bottom of my heart...
Time to reflect...
Thank you to my followers from the bottom of my heart...
I will never betray you...
Countless nights...
I received dick pics from haters...
I received job offers from law enforcement...
I received job offers from news outlets...
I received threats from threat actors...
I got to know my heroes...
I got to work with my heroes...
I received a lot of hate for no reason...
I received a lot of love...
I saw threat actors go to jail...
I got calls from multi-billion-dollar companies' C-level employees...
I saw legit cybersecurity professionals and their families get threatened by threat actors for doing their job...
I saw threat actors who did their time...
I saw threat actors struggle trying to stay on the right path after doing their time...
I was falsely accused countless times of spreading fake news...
I was suspended for no reason...
I picked up important research and pushed scoops into the world...
I helped journalists cover important stories...
I gave people a voice and told their stories...
I enjoyed every bit of it...
I missed a lot of time with my kids...
When others were relaxing after work, I was working...
When others were having weekends, I was working on this channel...
When others were having holidays, I was working to not miss an important story...
I have worked 80-hour work weeks for the past months...
I have developed an insane drive for this channel...
I am not in it for the money...
I am in it for the passion...
I am just one man...
I have one mission...
That is to inform you...
To create transparency...
To help SOCs/CDCs/CSIRTs...
To inform tech professionals and enthusiasts...
To not let corporations or governments get away with negligence or malice...
Almost 100k followers...
All thanks to you...
Thank you from the bottom of my heart...
❤20
❗️A hack at one of Europe's biggest football clubs Ajax made it possible to steal season tickets, attend matches, and even lift stadium bans.
RTL news found you can see which 500+ supporters are banned from the stadium and remove their bans...
Revealed by
danielverlaan
RTL news found you can see which 500+ supporters are banned from the stadium and remove their bans...
Revealed by
danielverlaan
🤣9
Media is too big
VIEW IN TELEGRAM
❗️🇷🇺 Russian police arrested the administrator of LeakBase, one of the world's largest cybercriminal forums.
LeakBase launched in 2021 and hosted hacked databases with hundreds of millions of usernames, passwords, bank account and routing info, and credit card numbers.
LeakBase launched in 2021 and hosted hacked databases with hundreds of millions of usernames, passwords, bank account and routing info, and credit card numbers.
❤4🤯4
❗️Just 13 hours after TeamPCP's Trivy supply chain exploitation, one of the groups involved was already recruiting negotiators.
Today the group announced a partnership with BreachForums: every forum user automatically becomes an affiliate, with ransomware and support included.
Today the group announced a partnership with BreachForums: every forum user automatically becomes an affiliate, with ransomware and support included.
❤5