โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 23:22:41 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: riseup.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-10 23:22:41 UTC
Previous Records:
screech.riseup.net. collective.riseup.net. 1773179934 7200 3600 1209600 300
New Records:
screech.riseup.net. collective.riseup.net. 1773184134 7200 3600 1209600 300
โผ๏ธ๐น๐ณ A threat actor announces the hacking of GlobalNet, a Tunisian internet and telecommunications provider, claiming to have extracted the company's databases and gained access to internal systems, subdomains, and employee branches.
Screenshots show phpMyAdmin database access, internal contract management panels, client records with contract details and expiration dates, and ownCloud file storage containing multiple data folders.
The threat actor warns of continued attacks against Tunisian entities.
Screenshots show phpMyAdmin database access, internal contract management panels, client records with contract details and expiration dates, and ownCloud file storage containing multiple data folders.
The threat actor warns of continued attacks against Tunisian entities.
โค1
โผ๏ธ A threat actor is selling "SupaGuard," an automated vulnerability scanner panel designed to scan for exposed Supabase instances, .env files, crypto private keys, crypto seeds, and custom directories.
The dashboard shows 313 findings across 125 affected domains, with 83,912 total scan jobs. Features include full admin access, Telegram notifications, a leaderboard, domain scraper, custom scan rules, and a database viewer.
Price: $5,000 (includes full source code, future updates, and setup assistance).
The dashboard shows 313 findings across 125 affected domains, with 83,912 total scan jobs. Features include full admin access, Telegram notifications, a leaderboard, domain scraper, custom scan rules, and a database viewer.
Price: $5,000 (includes full source code, future updates, and setup assistance).
โผ๏ธ๐ง๐ท A threat actor is allegedly selling full access to a Brazilian Police investigation panel and law enforcement webmail from Sรฃo Paulo's Civil Police (Polรญcia Civil do Estado de Sรฃo Paulo).
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
โผ๏ธ๐ฎ๐น A threat actor is allegedly selling full network access to a cargo bike retailer based in Milan, Italy.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
Cyberattack Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
Country: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
stryker.comCountry: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp
โผ๏ธ DOJ Press Release
โโโโโโโโโโโโโโโโโโโโโ
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable Veterans
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
โโโโโโโโโโโโโโโโโโโโโ
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable Veterans
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
www.justice.gov
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable
The Department of Veterans Affairs (VA) and Department of Justice (DOJ) have signed a memorandum of understanding (MOU) that will help some of Americaโs most vulnerable Veterans get the ongoing care they need.
๐จ New Dark Web Informer Blog Post!
Title: Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
Link: https://darkwebinformer.com/threat-actor-selling-root-access-to-south-korean-government-server-with-lateral-movement-to-42-internal-hosts/
Title: Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
Link: https://darkwebinformer.com/threat-actor-selling-root-access-to-south-korean-government-server-with-lateral-movement-to-42-internal-hosts/
Dark Web Informer
Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
โผ๏ธ๐ A threat actor is allegedly selling a bundle of 19 corporate accesses targeting companies across Spain, UK, Brazil, Guatemala, Mexico, and India.
The access reportedly includes GitLab/GitHub repos and tokens, SSO/IdP configurations (Okta, Azure AD, OpenAM), CI/CD secrets, Jira/Confluence admin, AWS Lambda with payment code, vulnerability data, Slack webhooks, and customer databases.
Targets range from large enterprises (โฌ2Bโโฌ38B revenue in retail, insurance, banking) to mid-sized firms (โฌ15Mโโฌ450M in IT, SaaS, fintech) and smaller cybersecurity companies. Available as a package or individually.
The access reportedly includes GitLab/GitHub repos and tokens, SSO/IdP configurations (Okta, Azure AD, OpenAM), CI/CD secrets, Jira/Confluence admin, AWS Lambda with payment code, vulnerability data, Slack webhooks, and customer databases.
Targets range from large enterprises (โฌ2Bโโฌ38B revenue in retail, insurance, banking) to mid-sized firms (โฌ15Mโโฌ450M in IT, SaaS, fintech) and smaller cybersecurity companies. Available as a package or individually.