‼️ A threat actor claims to be selling MailPro, an email campaign management panel featuring AI-assisted content optimization, SMTP integration, automated warm-up, and bulk mailing capabilities.
The tool includes server deployment, proxy support, campaign analytics, among other features.
The tool includes server deployment, proxy support, campaign analytics, among other features.
😭1
TLDSweep |
2026-03-30 00:21:32 UTC
Registered: 256
Live: 144
Newly registered: 1
Flagged: 56
Scan time: 9m 57.6s
Newly registered:
🥷 DarkWebInformer.com - Cyber Threat Intelligence
microsoft.*2026-03-30 00:21:32 UTC
Registered: 256
Live: 144
Newly registered: 1
Flagged: 56
Scan time: 9m 57.6s
Newly registered:
microsoft.nu (1mo)🥷 DarkWebInformer.com - Cyber Threat Intelligence
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Cota Co., Ltd.
Domain:
Country: 🇯🇵 JP
Date: Mar 27th, 2026
Summary:
Cota Co., Ltd. a fait état d'une panne de son SI survenue le 27 mars 2026 à la suite d'une cyberattaque. Une enquête a été engagée avec des experts externes afin de déterminer l'étendue des répercussions, notamment en ce qui concerne le vol de données personnelles et de données clients. L'entreprise assure prendre les mesures nécessaires pour rétablir le système dans les plus brefs délais. Des consultations avec les autorités compétentes ont par ailleurs été engagées.
Source: https://ssl4.eir-parts.net/doc/4923/tdnet/2782863/00.pdf
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Cota Co., Ltd.
Domain:
cota.co.jpCountry: 🇯🇵 JP
Date: Mar 27th, 2026
Summary:
Cota Co., Ltd. a fait état d'une panne de son SI survenue le 27 mars 2026 à la suite d'une cyberattaque. Une enquête a été engagée avec des experts externes afin de déterminer l'étendue des répercussions, notamment en ce qui concerne le vol de données personnelles et de données clients. L'entreprise assure prendre les mesures nécessaires pour rétablir le système dans les plus brefs délais. Des consultations avec les autorités compétentes ont par ailleurs été engagées.
Source: https://ssl4.eir-parts.net/doc/4923/tdnet/2782863/00.pdf
❤1
‼️A dataset allegedly containing 30,000 worldwide email records, organized by country, is being auctioned on a popular cybercrime forum.
▪️ Records: 30,000
▪️ Data Fields: Contact name, contact email, job title, company name
▪️ Countries: 50+ including Albania, Algeria, Argentina, Australia, Austria, Bahamas, Bahrain, Bangladesh, Belgium, Brazil, Bulgaria, Cameroon, Canada, Chile, China, Colombia, Costa Rica, and many more
▪️ Auction: Start $500 | Step $100 | Blitz $1,000
▪️ Records: 30,000
▪️ Data Fields: Contact name, contact email, job title, company name
▪️ Countries: 50+ including Albania, Algeria, Argentina, Australia, Austria, Bahamas, Bahrain, Bangladesh, Belgium, Brazil, Bulgaria, Cameroon, Canada, Chile, China, Colombia, Costa Rica, and many more
▪️ Auction: Start $500 | Step $100 | Blitz $1,000
😭1
‼️🇦🇺 A dataset allegedly containing 5,000 profiles from an Australian mortgage company is being sold on a popular cybercrime forum.
▪️ Records: 5,000
▪️ Data Fields: Driving license scans, passports, Medicare, bank statements, credit reports, ITR files, ITO, ATO, TFN details, payslips, ABN info with GST registration, birth certificates, and more
▪️ Price: $10,000 - $30,000 USDT
▪️ Records: 5,000
▪️ Data Fields: Driving license scans, passports, Medicare, bank statements, credit reports, ITR files, ITO, ATO, TFN details, payslips, ABN info with GST registration, birth certificates, and more
▪️ Price: $10,000 - $30,000 USDT
‼️🇫🇷 A dataset allegedly from lesburgersdepapa.fr, a French burger restaurant chain, has been leaked on a popular cybercrime forum.
▪️ Lines: 242,705
▪️ Unique Emails: 132,246
▪️ Phone Numbers: 211,481
▪️ Lines: 242,705
▪️ Unique Emails: 132,246
▪️ Phone Numbers: 211,481
TLDSweep: A domain intelligence OSINT tool that sweeps 800+ TLDs to find registered variants of a domain, flag newly registered lookalikes, and alert via Telegram and Discord.
GitHub: https://github.com/DarkWebInformer/TLDSweep
GitHub: https://github.com/DarkWebInformer/TLDSweep
❤1
‼️🇺🇸 A dataset allegedly from lakemonster.com, a website focused on lake conditions and fishing insights, has been leaked on a popular cybercrime forum.
▪️ Records: 60,668
▪️ Data Fields: Emails, clear text passwords, phone numbers, user IDs, usernames, ZIP codes, tokens, social posts
▪️ Date Range: 2019 to present
▪️ Records: 60,668
▪️ Data Fields: Emails, clear text passwords, phone numbers, user IDs, usernames, ZIP codes, tokens, social posts
▪️ Date Range: 2019 to present
‼️ New Dark Web Informer Blog Post!
Title: Noobsaibot HVNC Advertised as Next-Generation Stealer and RAT With Zero-Disk Footprint, Chrome V20 Bypass, Monolithic Architecture, and Guaranteed Zero AV Detections
Link: https://darkwebinformer.com/noobsaibot-hvnc-advertised-as-next-generation-stealer-and-rat-with-zero-disk-footprint-chrome-v20-bypass-monolithic-architecture-and-guaranteed-zero-av-detections/
Title: Noobsaibot HVNC Advertised as Next-Generation Stealer and RAT With Zero-Disk Footprint, Chrome V20 Bypass, Monolithic Architecture, and Guaranteed Zero AV Detections
Link: https://darkwebinformer.com/noobsaibot-hvnc-advertised-as-next-generation-stealer-and-rat-with-zero-disk-footprint-chrome-v20-bypass-monolithic-architecture-and-guaranteed-zero-av-detections/
Dark Web Informer
Noobsaibot HVNC Advertised as Next-Generation Stealer and RAT With Zero-Disk Footprint, Chrome V20 Bypass, Monolithic Architecture…
‼️ A cybercrime tool called "NetScan" is being advertised on a popular cybercrime forum, offering automated site vulnerability scanning and API key harvesting.
▪️ Features: Plugin-hub for API key collection (SMTP, Amazon AWS, Stripe, Square, PayPal), subdomain and certificate analysis, database verification, 50+ vulnerability types, native keys for spam mail senders
▪️ Services Checked: 300+ including subdomains, certificates, vulnerabilities, API keys
▪️ Monetization: Sniffer, captcha, clippers, database spam via harvested API keys
▪️ Price: $100 invite + $0.10 per host check
▪️ Features: Plugin-hub for API key collection (SMTP, Amazon AWS, Stripe, Square, PayPal), subdomain and certificate analysis, database verification, 50+ vulnerability types, native keys for spam mail senders
▪️ Services Checked: 300+ including subdomains, certificates, vulnerabilities, API keys
▪️ Monetization: Sniffer, captcha, clippers, database spam via harvested API keys
▪️ Price: $100 invite + $0.10 per host check
‼️🇺🇸 LAPSUS$ Group is allegedly selling a massive dataset of Mercor.com, an AI recruiting platform with $500M+ revenue, is being auctioned on a popular cybercrime forum, TG, and their website.
▪️Total Size: ~4TB
▪️Data Includes: 211GB of database
▪️939GB of source code
▪️3TB of bucket data (video, GCF-Source, FME Review & Verification, etc.)
▪️All data from their TailScale VPN
▪️Total Size: ~4TB
▪️Data Includes: 211GB of database
▪️939GB of source code
▪️3TB of bucket data (video, GCF-Source, FME Review & Verification, etc.)
▪️All data from their TailScale VPN
‼️ CVE-2024-27348: Apache HugeGraph RCE (Advanced Sandbox Bypass) PoC
GitHub: https://github.com/akelaqe/CVE-2024-27348-HugeGraph-RCE
GitHub: https://github.com/akelaqe/CVE-2024-27348-HugeGraph-RCE
GitHub
GitHub - akelaqe/CVE-2024-27348-HugeGraph-RCE
Contribute to akelaqe/CVE-2024-27348-HugeGraph-RCE development by creating an account on GitHub.