CyHawk is Africa’s open-source cyber threat intelligence platform dedicated to tracking, documenting, and exposing digital threats targeting individuals, organizations, and key sectors across the continent.
We publish monthly threat reports that highlight cyber incidents impacting the African digital space. We aim to raise awareness, promote transparency, and empower defenders with region-specific intelligence.
CyHawk exists to make African-focused threat intelligence accessible, relevant, and actionable for everyone.
Threat Actor Leaks Alleged WordPress Database of Algerian University Center of Illizi
A dark web actor, “xNov” has posted an alleged full WordPress database belonging to the University Center of Illizi, a public university in southern Algeria.
Threat Actor Leaks Alleged 9GB Database from Kenya Medical Practitioners and Dentists Council
A threat actor using the alias “Kazu” has published a 9GB dataset allegedly belonging to the Kenya Medical Practitioners and Dentists Council (KMPDC), the regulatory
Africa’s Finance Sector Under Siege from Advanced Phishing Kits
CyHawk Africa has observed a widespread phishing campaign targeting financial institutions across multiple African countries, including Nigeria, South Africa, Egypt, and Kenya. The campaigns leverage
Threat Actor “EternalRed” Leaks Alleged Student Records from Université de Tlemcen Algeria
A threat actor, “EternalRed” has published what they claim to be personally identifiable information (PII) belonging to students of Université de Tlemcen, a public academic
Ransomware Group Qilin Claims Attack on the Town of Addis, Louisiana
The Qilin ransomware group has added the Town of Addis, located in West Baton Rouge Parish, Louisiana, to its leak site. While the group has
Threat Actor Advertises Alleged 2.15TB Data from Kenya’s Mobile Health Platform M-TIBA
A threat actor using the alias “Kazu” has listed for sale what is claimed to be a massive 2.15 terabytes of data allegedly stolen from
Threat Actor Claims Leak of 183,450 Email Addresses from Morocco’s Education Sector
A threat actor operating under the alias “BX1”, has leaked a database allegedly containing 183,450 unique email addresses of Moroccan students. The data, according to
Threat Actor Publishes Alleged Student Database from Morocco’s Ministry of Higher Education
CyHawk Africa has identified a new post on a dark web forum by a threat actor using the alias “EternalRed”, claiming responsibility for a data
Tengu Ransomware Group Claims Breach of Moroccan Le Multi Laboratoire LC2A
The Tengu ransomware group has listed another Moroccan organization, Le Multi Laboratoire LC2A, on its dark web leak site, marking the group’s second known attack