I'm addicted to this one type of wine, it's so good... but not sevy addicted.
π6π3
βΌοΈ ShinyHunters leaks BreachForums version 5. They say the following of the leak:
"BreachForums has been run by many fakes, but by us, following the FBI seizure on 10 Oct 2025. Maintaining such an ecosystem is a waste of our time. There was an unauthorised leak on 9 Jan 2026. Ever since then, false personas going by βN/Aβ and βIndraβ were successfully able to restore a similar-looking βlegitimateβ forum. All the current forums are fake [ .sb, .ac, .fi, .bf, .us, ect.]. If they continue to exist, we'll leak all the BF backups, including every private message, emails, IP addresses, posts, ect. We have exploits for all 1.8 versions of MyBB."
"BreachForums has been run by many fakes, but by us, following the FBI seizure on 10 Oct 2025. Maintaining such an ecosystem is a waste of our time. There was an unauthorised leak on 9 Jan 2026. Ever since then, false personas going by βN/Aβ and βIndraβ were successfully able to restore a similar-looking βlegitimateβ forum. All the current forums are fake [ .sb, .ac, .fi, .bf, .us, ect.]. If they continue to exist, we'll leak all the BF backups, including every private message, emails, IP addresses, posts, ect. We have exploits for all 1.8 versions of MyBB."
π₯3β€2π1
βΌοΈ This SQL file called BreachForums version 5 has the following rows. Keep in mind most of the rows have just numbers (ex... 0,1,0,0,1), but there is some good info.
INSERT INTO
INSERT INTO
hcclmafd2jnkwmfufmybb_users (uid, username, password, salt, loginkey, email, postnum, threadnum, avatar, avatardimensions, avatartype, usergroup, additionalgroups, displaygroup, usertitle, regdate, lastactive, lastvisit, lastpost, website, icq, skype, google, birthday, birthdayprivacy, signature, allownotices, hideemail, subscriptionmethod, invisible, receivepms, receivefrombuddy, pmnotice, pmnotify, buddyrequestspm, buddyrequestsauto, threadmode, showimages, showvideos, showsigs, showavatars, showquickreply, showredirect, ppp, tpp, daysprune, dateformat, timeformat, timezone, dst, dstcorrection, buddylist, ignorelist, style, away, awaydate, returndate, awayreason, pmfolders, notepad, referrer, referrals, reputation, regip, lastip, language, timeonline, showcodebuttons, totalpms, unreadpms, warningpoints, moderateposts, moderationtime, suspendposting, suspensiontime, suspendsignature, suspendsigtime, coppauser, classicpostbit, loginattempts, loginlockoutexpiry, usernotes, sourceeditor, newpoints, password_algorithm, password_encryption, password_downgraded, myalerts_disabled_alert_types, ougc_awards, ougc_awards_owner, default_tab, showcase_video, socialsites, has_my2fa, pmprune, ougc_awards_preset, pow, postbitbg) VALUESβ€1π1π1
βΌοΈ DOJ Press Release
βββββββββββββββββββββ
Man Pleads Guilty to Participating in Online Neo-Nazi Group that Exploited Children into Producing Child Sexual Abuse Material
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
βββββββββββββββββββββ
Man Pleads Guilty to Participating in Online Neo-Nazi Group that Exploited Children into Producing Child Sexual Abuse Material
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
www.justice.gov
Man Pleads Guilty to Participating in Online Neo-Nazi Group that
A Texas man and convicted rapist pleaded guilty to leading a child exploitation enterprise connected to an internet-based extremist group that entices and targets children into producing child sexual abuse material (CSAM) and images of self-harm. Kaleb Christopherβ¦
πͺ Slice For Life πͺ pinned Β«βοΈ Different links to Dark Web Informer: X: https://x.com/DarkWebInformer Website: darkwebinformer.com Website Pricing (Includes Crypto): darkwebinformer.com/pricing API Access: https://darkwebinformer.com/api-details Socials: darkwebinformer.com/socialsβ¦Β»
β οΈ FBI Watchdog - WHOIS Change β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: doxbin.net
Record Type: WHOIS Change
Time Detected: 2026-03-27 00:19:03 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: doxbin.net
Record Type: WHOIS Change
Time Detected: 2026-03-27 00:19:03 UTC
Previous Records:
status: ['clientdeleteprohibited', 'clienthold']
New Records:
status: ['clientdeleteprohibited', 'clienthold'] β ['clientdeleteprohibited']
β€1
β οΈ FBI Watchdog - IP Change (new ips added) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: doxbin.net
Record Type: IP Change (new ips added)
Time Detected: 2026-03-27 00:36:59 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: doxbin.net
Record Type: IP Change (new ips added)
Time Detected: 2026-03-27 00:36:59 UTC
Previous Records:
A:
AAAA: 2606:4700:10::6814:29e7, 2606:4700:10::ac42:9b21
New Records:
A: None β 104.20.41.231, 172.66.155.33
Classification: 2 new IP(s) added
πͺ Slice For Life πͺ
βΌοΈ This SQL file called BreachForums version 5 has the following rows. Keep in mind most of the rows have just numbers (ex... 0,1,0,0,1), but there is some good info. INSERT INTO hcclmafd2jnkwmfufmybb_users (uid, username, password, salt, loginkey, emailβ¦
Always use a disposable chat. π
π2
Cyberattack News Alert
βββββββββββββββββββββββββ
Victim: Die Linke
Domain:
Country: π©πͺ DE
Date: Mar 26th, 2026
Summary:
The German political party Die Linke reported a cybersecurity incident involving ransomware attributed to the Russian hacker group Qilin, forcing the party to take its infrastructure offline on Thursday. While the party has filed a complaint and is in contact with authorities, member data was not compromised and the extent of affected internal data remains to be determined. This event is part of a series of attacks targeting German political parties, with the CDU also falling victim to a cyberattack in May 2024.
Source: https://www.heise.de/news/Qilin-Linkspartei-meldet-russischen-Ransomware-Angriff-11227181.html
βββββββββββββββββββββββββ
Victim: Die Linke
Domain:
die-linke.deCountry: π©πͺ DE
Date: Mar 26th, 2026
Summary:
The German political party Die Linke reported a cybersecurity incident involving ransomware attributed to the Russian hacker group Qilin, forcing the party to take its infrastructure offline on Thursday. While the party has filed a complaint and is in contact with authorities, member data was not compromised and the extent of affected internal data remains to be determined. This event is part of a series of attacks targeting German political parties, with the CDU also falling victim to a cyberattack in May 2024.
Source: https://www.heise.de/news/Qilin-Linkspartei-meldet-russischen-Ransomware-Angriff-11227181.html
heise online
Qilin: Linkspartei meldet russischen Ransomware-Angriff
Die Partei βDie Linkeβ sieht sich mit einem Cybersicherheitsvorfall konfrontiert β Mitgliederdaten seien jedoch nicht betroffen.
πͺπΊ Europol Press Release
βββββββββββββββββββββ
Major operation targets one of Scotlandβs most violent crime networks
Full Press Release β europol.europa.eu
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ Europol Monitor
βββββββββββββββββββββ
Major operation targets one of Scotlandβs most violent crime networks
Full Press Release β europol.europa.eu
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ Europol Monitor
Europol
Major operation targets one of Scotlandβs most violent crime networks | Europol
One of Scotlandβs most violent organised crime networks has been hit in an international operation across the Netherlands, Spain, and the United Kingdom, with coordination from Europol and Eurojust.
β οΈ FBI Watchdog - DNS New Domain (A) β οΈ
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: handala-team.to
Record Type: DNS New Domain (A)
Time Detected: 2026-03-27 14:35:30 UTC
Previous Records:
New Records:
π DarkWebInformer.com - Cyber Threat Intelligence
Domain: handala-team.to
Record Type: DNS New Domain (A)
Time Detected: 2026-03-27 14:35:30 UTC
Previous Records:
None
New Records:
185.178.208.137
im going to guess their new domain will be seized at some point lul
π1
πͺ Slice For Life πͺ
https://x.com/DarkWebInformer/status/2037533650653233249
βΌοΈReuters has confirmed FBI Director Kash Patel's email was indeed hacked.
https://www.reuters.com/world/us/iran-linked-hackers-claim-breach-of-fbi-directors-personal-email-doj-official-2026-03-27/
https://www.reuters.com/world/us/iran-linked-hackers-claim-breach-of-fbi-directors-personal-email-doj-official-2026-03-27/
π4π₯1
βΌοΈπ¨π΄ A massive breach of the Superintendencia Nacional de Salud de Colombia (Supersalud), Colombia's national health oversight authority, is being leaked on a popular cybercrime forum. This is labeled as "Package 1" with more threatened to follow.
βͺοΈ Total Records: 50 million lines
βͺοΈ Total Size: 2TB (full database)
The exposed data is extremely sensitive, covering patient records, healthcare claims, and internal systems including: PQR numbers and internal record IDs, patient full names, document type/number, DOB, age, gender, phone, email, full address, special population status, education level, affiliated health entity (EPS) and regime type, associated clinic/provider (IPS) with branch location and NIT, diagnosed pathology category and ICD-10 codes, life-risk priority status, high cost disease (Alto Costo) indicators, full claim descriptions with urgency and assigned doctor, PQR internal follow-up logs with agent comments and resolution statuses, claim deadlines, medication details (drugs, quantities, authorization status), and petitioner details.
The leak also includes internal system data such as staff names, emails, password hashes, roles, IDs, cedula numbers, LDAP Active Directory status, and SuperSalud internal department routing and entity notification statuses.
βͺοΈ Total Records: 50 million lines
βͺοΈ Total Size: 2TB (full database)
The exposed data is extremely sensitive, covering patient records, healthcare claims, and internal systems including: PQR numbers and internal record IDs, patient full names, document type/number, DOB, age, gender, phone, email, full address, special population status, education level, affiliated health entity (EPS) and regime type, associated clinic/provider (IPS) with branch location and NIT, diagnosed pathology category and ICD-10 codes, life-risk priority status, high cost disease (Alto Costo) indicators, full claim descriptions with urgency and assigned doctor, PQR internal follow-up logs with agent comments and resolution statuses, claim deadlines, medication details (drugs, quantities, authorization status), and petitioner details.
The leak also includes internal system data such as staff names, emails, password hashes, roles, IDs, cedula numbers, LDAP Active Directory status, and SuperSalud internal department routing and entity notification statuses.
β€1