xpl0itrs Launches Data Leak Site Targeting Major Enterprises

xpl0itrs, a financially motivated threat actor group, has announced the launch of a data leak site on June 17, 2026, claiming access to over a dozen major companies. The group, known for its collaboration with TeamPCP, is selling initial access to compromised organizations, including a US software vendor's internal GitHub data for $12,000. The leak site aims to centralize their extortion efforts, increasing pressure on affected organizations. boxturtl, a prominent member of xpl0itrs, has been vocal about their activities, indicating a shift from ad-hoc sales to a more structured approach. The group has previously executed joint operations with TeamPCP, which may have provided them with advanced tools and access methods. The announcement has raised concerns about potential ransomware deployment and further compromises in the supply chain. Security teams are advised to rotate exposed credentials and prepare for public listings of affected organizations.

Key Points: • xpl0itrs has launched a data leak site, claiming access to numerous major companies. • The group is selling access to compromised data, including GitHub repositories for $12,000. • Collaboration with TeamPCP enhances xpl0itrs' capabilities and increases risks for affected organizations.