βΌοΈA threat actor claims to have compromised eZhire car rental service, allegedly obtaining 2 million customer records including government IDs, signatures, personal information, source code, API keys, and 1.3TB of data spanning from 2016 to 2026.
The compromised data reportedly includes customers from multiple countries including UAE, Saudi Arabia, Bahrain, Qatar, Egypt, India, USA, Germany, Ukraine, and Russia.
The compromised data reportedly includes customers from multiple countries including UAE, Saudi Arabia, Bahrain, Qatar, Egypt, India, USA, Germany, Ukraine, and Russia.
β€1π₯1
βΌοΈπ¨π΄ Internal and confidential databases from Emergiacc (Colsubsidio in-house) containing operational data including personal information, GPS coordinates, transaction records, and financial details were leaked for free download.
The database includes detailed customer records with names, addresses, transaction histories, and financial data from various business units including hotels, credit services, and travel agencies.
The database includes detailed customer records with names, addresses, transaction histories, and financial data from various business units including hotels, credit services, and travel agencies.
βΌοΈπ²π½ A threat actor allegedly leaked data from Mexicos Ministry of Health containing RFC, CURP, work entities, full names, certificates, work centers, and federal/state plaza origins.
βΌοΈπ²π½ A threat actor claims to be selling a complete Mexican taxpayer database from SAT containing RFC numbers, names, addresses, and other fiscal information for $300 USD.
The alleged database contains over 13 million records of companies and individuals with economic activity in Mexico.
The alleged database contains over 13 million records of companies and individuals with economic activity in Mexico.
π2
βΌοΈBreachForums scammer, N/A, has allegedly been d*xed. π
https://x.com/KeyserSoze1337/status/2041176134641996009
https://x.com/KeyserSoze1337/status/2041176134641996009
X (formerly Twitter)
Keyser SΓΆze (@KeyserSoze1337) on X
Meet N/A the Clown π€‘
The guy who ran Breachforums is actually a devil not an Angel π€£
Meet Angel Tsvetkov AKA NA
https://t.co/1tCdYkefuL
@TsvetkovOffice π€‘
#Breachforums #Clown #DrugAddict
The guy who ran Breachforums is actually a devil not an Angel π€£
Meet Angel Tsvetkov AKA NA
https://t.co/1tCdYkefuL
@TsvetkovOffice π€‘
#Breachforums #Clown #DrugAddict
βΌοΈDF owner, Knox, is claiming to be selling a complete database backup and source code from BreachForums dating from March 28, 2026.
The offering includes the full database and MyBB scripts/plugins.
The offering includes the full database and MyBB scripts/plugins.
π3π2β€1π₯1
βΌοΈ New Dark Web Informer Blog Post!
Title: Alleged Breach of KBank Vietnam Exposes 10.1 Million Credit Registration Records With National IDs, Salaries, Credit Scores, and Employer Details
Link: https://darkwebinformer.com/alleged-breach-of-kbank-vietnam-exposes-10-1-million-credit-registration-records-with-national-ids-salaries-credit-scores-and-employer-details/
Title: Alleged Breach of KBank Vietnam Exposes 10.1 Million Credit Registration Records With National IDs, Salaries, Credit Scores, and Employer Details
Link: https://darkwebinformer.com/alleged-breach-of-kbank-vietnam-exposes-10-1-million-credit-registration-records-with-national-ids-salaries-credit-scores-and-employer-details/
Dark Web Informer
Alleged Breach of KBank Vietnam Exposes 10.1 Million Credit Registration Records With National IDs, Salaries, Credit Scores, andβ¦
βΌοΈ New Dark Web Informer Blog Post!
Title: CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation
Link: https://darkwebinformer.com/cve-2026-35616-forticlient-ems-pre-auth-api-bypass-under-active-exploitation/
Title: CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation
Link: https://darkwebinformer.com/cve-2026-35616-forticlient-ems-pre-auth-api-bypass-under-active-exploitation/
Dark Web Informer
CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation
βΌοΈ New Dark Web Informer Blog Post!
Title: Alleged Breach of Colombia's Huila Department Government Extranet Exposes Officer Data, Municipal Offices, and Government Operations Across 8 Municipalities
Link: https://darkwebinformer.com/alleged-breach-of-colombias-huila-department-government-extranet-exposes-officer-data-municipal-offices-and-government-operations-across-8-municipalities/
Title: Alleged Breach of Colombia's Huila Department Government Extranet Exposes Officer Data, Municipal Offices, and Government Operations Across 8 Municipalities
Link: https://darkwebinformer.com/alleged-breach-of-colombias-huila-department-government-extranet-exposes-officer-data-municipal-offices-and-government-operations-across-8-municipalities/
Dark Web Informer
Alleged Breach of Colombia's Huila Department Government Extranet Exposes Officer Data, Municipal Offices, and Government Operationsβ¦
βΌοΈπΊπΈ A SQL database dump from 321transit.com containing 30,000 user records with usernames, emails, names and password hashes, plus 14,600 transit pass records with credit card information, phone numbers and addresses.
The data was allegedly found on an unsecured open directory and is being distributed for free download.
The data was allegedly found on an unsecured open directory and is being distributed for free download.
1/2βΌοΈ The database of MyLovely[.]AI, an NSFW AI image generation platform, has allegedly been leaked on a popular cybercrime forum.
Threat Actor: XTC
Category: Data Breach
Industry: AI / Adult Content
Breach contains:
βͺοΈ User IDs
βͺοΈ Email addresses
βͺοΈ Generated on-site content (prompts, images, metadata)
βͺοΈ Content moderation reports
Total rows: 254,580
Unique users: ~106,362
The leaked data includes multiple JSON files, including Profiles, Gallery_Items, Community_Items, and Collections.
The data exposes user email addresses used as display names, subscription plans, Discord links, AI image prompts (including explicit content), Supabase storage URLs, and collection metadata.
Negative prompt fields reveal the platform's content filtering terms designed to block CSAM-adjacent outputs.
Threat Actor: XTC
Category: Data Breach
Industry: AI / Adult Content
Breach contains:
βͺοΈ User IDs
βͺοΈ Email addresses
βͺοΈ Generated on-site content (prompts, images, metadata)
βͺοΈ Content moderation reports
Total rows: 254,580
Unique users: ~106,362
The leaked data includes multiple JSON files, including Profiles, Gallery_Items, Community_Items, and Collections.
The data exposes user email addresses used as display names, subscription plans, Discord links, AI image prompts (including explicit content), Supabase storage URLs, and collection metadata.
Negative prompt fields reveal the platform's content filtering terms designed to block CSAM-adjacent outputs.
β€1π1