โผ๏ธ๐ง๐ท A threat actor is allegedly selling full access to a Brazilian Police investigation panel and law enforcement webmail from Sรฃo Paulo's Civil Police (Polรญcia Civil do Estado de Sรฃo Paulo).
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
The access reportedly comes bundled with an internal VPN, a functional policiacivil.sp.gov.br webmail, bypass, and a full investigation panel with lookups for Receita Federal tax records, national vehicle queries (DETRAN/RENAVAM), PIX transaction data, criminal records, court cases, driver licenses, and integrated criminal/intel databases (SINESP, INFOSEG).
The threat actor notes the institutional email is also used for law enforcement communications.
โผ๏ธ๐ฎ๐น A threat actor is allegedly selling full network access to a cargo bike retailer based in Milan, Italy.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
The access includes SSH and cPanel with full control privileges, containing mail and database access. The threat actor also claims to have n8n admin and Brevo API keys.
Screenshots show the cPanel dashboard, file system directory structure with WordPress installations and mail folders, and database records showing shop orders in EUR.
Price: $2,000.
Cyberattack Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
Country: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Stryker
Domain:
stryker.comCountry: ๐ฎ๐ช IE
Date: Mar 10th, 2026
Summary:
A group of hackers supported by Iran, identified as Handala, is suspected of causing a sophisticated cyberattack paralyzing the global operations of the American medical technology company Stryker. This attack, which occurred last night, resulted in the closure of all the company's computer systems, affecting its sites in Europe, Asia and the United States, and forcing the removal of data on its 4,000 employees in Cork. Although the root cause has not yet been confirmed, the incident has resulted in a total cessation of the company's activities, which employs more than 56,000 people in 61 countries.
Source: https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017.amp
โผ๏ธ DOJ Press Release
โโโโโโโโโโโโโโโโโโโโโ
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable Veterans
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
โโโโโโโโโโโโโโโโโโโโโ
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable Veterans
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
www.justice.gov
DOJ, VA Sign Agreement to Improve Care for Nationโs Most Vulnerable
The Department of Veterans Affairs (VA) and Department of Justice (DOJ) have signed a memorandum of understanding (MOU) that will help some of Americaโs most vulnerable Veterans get the ongoing care they need.
๐จ New Dark Web Informer Blog Post!
Title: Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
Link: https://darkwebinformer.com/threat-actor-selling-root-access-to-south-korean-government-server-with-lateral-movement-to-42-internal-hosts/
Title: Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
Link: https://darkwebinformer.com/threat-actor-selling-root-access-to-south-korean-government-server-with-lateral-movement-to-42-internal-hosts/
Dark Web Informer
Threat Actor Selling Root Access to South Korean Government Server With Lateral Movement to 42 Internal Hosts
โผ๏ธ๐ A threat actor is allegedly selling a bundle of 19 corporate accesses targeting companies across Spain, UK, Brazil, Guatemala, Mexico, and India.
The access reportedly includes GitLab/GitHub repos and tokens, SSO/IdP configurations (Okta, Azure AD, OpenAM), CI/CD secrets, Jira/Confluence admin, AWS Lambda with payment code, vulnerability data, Slack webhooks, and customer databases.
Targets range from large enterprises (โฌ2Bโโฌ38B revenue in retail, insurance, banking) to mid-sized firms (โฌ15Mโโฌ450M in IT, SaaS, fintech) and smaller cybersecurity companies. Available as a package or individually.
The access reportedly includes GitLab/GitHub repos and tokens, SSO/IdP configurations (Okta, Azure AD, OpenAM), CI/CD secrets, Jira/Confluence admin, AWS Lambda with payment code, vulnerability data, Slack webhooks, and customer databases.
Targets range from large enterprises (โฌ2Bโโฌ38B revenue in retail, insurance, banking) to mid-sized firms (โฌ15Mโโฌ450M in IT, SaaS, fintech) and smaller cybersecurity companies. Available as a package or individually.
โผ๏ธ DOJ Press Release
โโโโโโโโโโโโโโโโโโโโโ
Aetna Agrees to Pay $117.7 Million to Resolve False Claims Act Allegations
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
โโโโโโโโโโโโโโโโโโโโโ
Aetna Agrees to Pay $117.7 Million to Resolve False Claims Act Allegations
Full Press Release โ justice.gov
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข DOJ Monitor
www.justice.gov
Aetna Agrees to Pay $117.7 Million to Resolve False Claims Act
Aetna Inc., a national insurer incorporated under the laws of Pennsylvania, has agreed to pay $117,700,000 to resolve allegations that it violated the False Claims Act by submitting or failing to withdraw inaccurate and untruthful diagnosis codes for itsโฆ
๐จ New Dark Web Informer Blog Post!
Title: Viking Line Ferries Allegedly Breached With Full Passenger Database and Payment Data Leaked
Link: https://darkwebinformer.com/viking-line-ferries-allegedly-breached-with-full-passenger-database-and-payment-data-leaked/
Title: Viking Line Ferries Allegedly Breached With Full Passenger Database and Payment Data Leaked
Link: https://darkwebinformer.com/viking-line-ferries-allegedly-breached-with-full-passenger-database-and-payment-data-leaked/
Dark Web Informer
Viking Line Ferries Allegedly Breached With Full Passenger Database and Payment Data Leaked
โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: thesecure.biz
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 16:25:00 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: thesecure.biz
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 16:25:00 UTC
Previous Records:
edna.ns.cloudflare.com. dns.cloudflare.com. 2397922649 10000 2400 604800 1800
New Records:
edna.ns.cloudflare.com. dns.cloudflare.com. 2398729597 10000 2400 604800 1800
โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: ps4pkg.com
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 17:13:40 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: ps4pkg.com
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 17:13:40 UTC
Previous Records:
ns1.fbi.seized.gov. dns.cloudflare.com. 2398103745 10000 2400 604800 1800
New Records:
ns1.fbi.seized.gov. dns.cloudflare.com. 2398734186 10000 2400 604800 1800
โผ๏ธ๐บ๐ธ Stryker is currently offline due to a wiper malware attack by Handala.
https://x.com/BleepinComputer/status/2031782605616492593
Edit: Flag was set to Israel, should have been USA
https://x.com/BleepinComputer/status/2031782605616492593
Edit: Flag was set to Israel, should have been USA
๐ฅ2
Do you want me to delete the DOJ articles that are not cyber related when I see them? Currently all of the articles come in unfiltered rather than by keyword so nothing is missed.
Anonymous Poll
70%
Yes
18%
No
11%
Show Results
โ ๏ธ FBI Watchdog - DNS Change (SOA) โ ๏ธ
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: ps5pkg.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 19:17:07 UTC
Previous Records:
New Records:
๐ DarkWebInformer.com - Cyber Threat Intelligence
Domain: ps5pkg.net
Record Type: DNS Change (SOA)
Time Detected: 2026-03-11 19:17:07 UTC
Previous Records:
ns1.fbi.seized.gov. dns.cloudflare.com. 2398068487 10000 2400 604800 1800
New Records:
ns1.fbi.seized.gov. dns.cloudflare.com. 2398741935 10000 2400 604800 1800
Cybersecurity Incident Disclosure
Wed, 11 Mar 2026 17:24:57 EDT
A cybersecurity incident has been disclosed by STRYKER CORP, Inc CIK: 0000310764, Ticker: $SYK.
View SEC Filing
Wed, 11 Mar 2026 17:24:57 EDT
A cybersecurity incident has been disclosed by STRYKER CORP, Inc CIK: 0000310764, Ticker: $SYK.
View SEC Filing