Live Latest activity →
FU

fulcrumsec

Known ransomware group ACTIVE
Currently active

FulcrumSec is a data extortion group active since approximately September 2025, specializing in high-speed exfiltration of cloud-hosted databases by exploiting unrotated API keys and misconfigured cloud permissions rather than deploying encryption, with known victims including Australian fintech youX and LexisNexis.

2

Total Claims

0

Critical

Records Claimed

2

Industries Hit

Active span: May 1, 2026 – Jun 10, 2026 · 2 organizations targeted

Currently active
Activity 3.0 Severity 2.5 Sectors 3.7 Tooling 0.0

Actor Threat Profile

Activity Timeline

Peak: May 2026 (1)
May 2026
LessMore
Jun 2026

Share this profile

Shareable intel card for fulcrumsec

Top Targeted Industries

Education 1
Technology 1

Tradecraft & Infrastructure

0

Documented tools

0 / 0

MITRE tactics / techniques

4

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

Global Schools FoundationAvnet

Claims by fulcrumsec

Low

Ransomware Claim: Global Schools Foundation

Global Schools Foundation
fulcrumsec
Ransomware Education
Jun 10, 2026
Low

Ransomware Claim: Avnet

Avnet
fulcrumsec
Ransomware Technology
May 2, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.