Havoc: A modern and malleable post-exploitation command and control framework
GitHub: https://github.com/HavocFramework/Havoc
GitHub: https://github.com/HavocFramework/Havoc
๐ญ2
โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 22:12:13 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 22:12:13 UTC
Previous Records:
screech.riseup.net. collective.riseup.net. 1773175734 7200 3600 1209600 300
New Records:
screech.riseup.net. collective.riseup.net. 1773179934 7200 3600 1209600 300
โค1
๐จ New Dark Web Informer Blog Post!
Title: Daily Dose of Dark Web Informer - March 10th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-march-10th-2026/
Title: Daily Dose of Dark Web Informer - March 10th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-march-10th-2026/
Dark Web Informer
Daily Dose of Dark Web Informer - March 10th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 23:22:41 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 23:22:41 UTC
Previous Records:
screech.riseup.net. collective.riseup.net. 1773179934 7200 3600 1209600 300
New Records:
screech.riseup.net. collective.riseup.net. 1773184134 7200 3600 1209600 300
โผ๏ธ๐น๐ณ A threat actor announces the hacking of GlobalNet, a Tunisian internet and telecommunications provider, claiming to have extracted the company's databases and gained access to internal systems, subdomains, and employee branches.
Screenshots show phpMyAdmin database access, internal contract management panels, client records with contract details and expiration dates, and ownCloud file storage containing multiple data folders.
The threat actor warns of continued attacks against Tunisian entities.
Screenshots show phpMyAdmin database access, internal contract management panels, client records with contract details and expiration dates, and ownCloud file storage containing multiple data folders.
The threat actor warns of continued attacks against Tunisian entities.
โค1
โผ๏ธ A threat actor is selling "SupaGuard," an automated vulnerability scanner panel designed to scan for exposed Supabase instances, .env files, crypto private keys, crypto seeds, and custom directories.
The dashboard shows 313 findings across 125 affected domains, with 83,912 total scan jobs. Features include full admin access, Telegram notifications, a leaderboard, domain scraper, custom scan rules, and a database viewer.
Price: $5,000 (includes full source code, future updates, and setup assistance).
The dashboard shows 313 findings across 125 affected domains, with 83,912 total scan jobs. Features include full admin access, Telegram notifications, a leaderboard, domain scraper, custom scan rules, and a database viewer.
Price: $5,000 (includes full source code, future updates, and setup assistance).
โผ๏ธ๐ง๐ท A threat actor is allegedly selling full access to a Brazilian Police investigation panel and law enforcement webmail from Sรฃo Paulo's Civil Police (Polรญcia Civil do Estado de Sรฃo Paulo).
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
โผ๏ธ๐ฎ๐น A threat actor is allegedly selling full network access to a cargo bike retailer based in Milan, Italy.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
Cyberattack Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
Country: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
stryker.comCountry: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp