// THREAT ACTOR
FULCRUMSEC_
ActiveFulcrumSec is a ransomware operation tracked through its public leak-site infrastructure. The group runs a double-extortion playbook — file encryption combined with stolen-data publication — and has been adding fresh victim listings throughout 2025–2026.
For Ransomnews editorial coverage of FULCRUMSEC — incident write-ups, attribution notes, and additional context — see the Threat Groups archive or run a site search.
26
Victims tracked
2 / 4
Active mirrors
2025-10-20
First listing
2026-06-16
Most recent
Victims by year
- 2026 25
- 2025 1
Leak site mirrors
4 mirrors tracked, 2 currently reachable. These are criminal-infrastructure URLs — links are deliberately not provided.
-
gsgot6tua7ffammwdv6vpxkog32b4z7qivtqkxz55afq2hkt2o24w5yd.onionAVNET Leaks - Fulcrum Security snapshot · 2025-10-30 05:00 -
fulcrumsec.netFulcrumSec snapshot · 2026-05-04 16:00 -
4e3p3in2bl67hxchuwza7qvnpe7pyeloyztr5fnh257fxkovfhappjyd.onionFulcrumSec snapshot · 2026-06-17 12:12 -
4e3p3in2bl67hxchuwza7qvnpe7pyeloyztr5fnh257fxkovfhappjyd.onionIndex of /Shame snapshot · 2026-06-17 12:22
Recent victims
The 50 most recent victims claimed by FULCRUMSEC. Total in the index: 26.
| Date listed | Victim | Description |
|---|---|---|
| 2026-06-16 | Novo Nordisk | |
| 2026-06-10 | Global Schools Foundation | |
| 2026-05-10 | Arup Group | |
| 2026-05-08 | Stuf Storage | |
| 2026-04-29 | Nordstern Technologies | |
| 2026-04-29 | ParkEngage | |
| 2026-04-29 | Saleskido | |
| 2026-04-29 | Interzero | |
| 2026-04-29 | IMEVI | |
| 2026-04-29 | Rotary Club | |
| 2026-04-29 | JOT | |
| 2026-04-29 | BookBlock | |
| 2026-04-29 | Crank Communications | |
| 2026-04-29 | CrediElite | |
| 2026-04-29 | Fashinza | |
| 2026-04-29 | Avnet | |
| 2026-04-29 | Raptor Supplies | |
| 2026-04-29 | Lena Health | |
| 2026-04-29 | Woundtech | |
| 2026-04-29 | youX / Drive IQ | |
| 2026-04-29 | LexisNexis | |
| 2026-04-29 | MCO | |
| 2026-04-29 | ReFocus AI | |
| 2026-04-29 | Hatica | |
| 2026-04-29 | Analog Gold / Prospector | |
| 2025-10-20 | The Avnet Leaks | We at FulcrumSec completely compromised Avnet's vast infrastructure, w… |