βΌοΈπΊπΎ A threat actor claims to have obtained databases from Plan Ceibal, a Uruguayan government technology agency, affecting 1.2 million users of the CREA social network and 1 million citizens device assignment records.
The actor has published samples totaling 75,000 records and offers to provide individual citizen information upon request for free.
The actor has published samples totaling 75,000 records and offers to provide individual citizen information upon request for free.
β€1
βΌοΈ Threat actor JINKUSU advertises OMNITRIX IMAP service offering email account monitoring, attachment interception, IBAN replacement in documents, and email editing capabilities via IMAP access.
The service appears designed for unauthorized access to email accounts and manipulation of financial documents.
The service appears designed for unauthorized access to email accounts and manipulation of financial documents.
β€1π1
βΌοΈ New Dark Web Informer Blog Post!
Title: Threat Actor Selling Root RCE Shell Access to Botswana Government Health Portal Firewall for $300
Link: https://darkwebinformer.com/threat-actor-selling-root-rce-shell-access-to-botswana-government-health-portal-firewall-for-300/
Title: Threat Actor Selling Root RCE Shell Access to Botswana Government Health Portal Firewall for $300
Link: https://darkwebinformer.com/threat-actor-selling-root-rce-shell-access-to-botswana-government-health-portal-firewall-for-300/
Dark Web Informer
Threat Actor Selling Root RCE Shell Access to Botswana Government Health Portal Firewall for $300
βΌοΈπ¨π΄ NyxarGroup and collaborators are allegedly selling personal information from Colombian government websites saul.cali.gov.co and sider.cali.gov.co.
The data includes full names, document numbers, addresses, birth dates, phone numbers, and email addresses of citizens.
The data includes full names, document numbers, addresses, birth dates, phone numbers, and email addresses of citizens.
βΌοΈ The FBI has released a joint Cybersecurity Advisory on Iranian-Affiliated cyber actors exploiting programmable logic controllers across US critical infrastructure
PDF: https://www.ic3.gov/CSA/2026/260407.pdf
PDF: https://www.ic3.gov/CSA/2026/260407.pdf
Tor Browser 15.0.9 has been released, update if you haven't already done so.
https://blog.torproject.org/new-release-tor-browser-1509/
https://blog.torproject.org/new-release-tor-browser-1509/
βΌοΈ New Dark Web Informer Blog Post!
Title: Threat Actor Selling 1.2 Million French FICOBA Banking Leads With IBANs, SSNs, and Tax IDs From 15+ Banks
Link: https://darkwebinformer.com/threat-actor-selling-1-2-million-french-ficoba-banking-leads-with-ibans-ssns-and-tax-ids-from-15-banks/
Title: Threat Actor Selling 1.2 Million French FICOBA Banking Leads With IBANs, SSNs, and Tax IDs From 15+ Banks
Link: https://darkwebinformer.com/threat-actor-selling-1-2-million-french-ficoba-banking-leads-with-ibans-ssns-and-tax-ids-from-15-banks/
Dark Web Informer
Threat Actor Selling 1.2 Million French FICOBA Banking Leads With IBANs, SSNs, and Tax IDs From 15+ Banks
βΌοΈ CVE-2026-23398: Linux Kernel ICMP DoS Vulnerability
PoC: https://github.com/JohannesLks/CVE-2026-23398
PoC: https://github.com/JohannesLks/CVE-2026-23398
GitHub
GitHub - JohannesLks/CVE-2026-23398: icmp_tag_validation() NULL deref
icmp_tag_validation() NULL deref. Contribute to JohannesLks/CVE-2026-23398 development by creating an account on GitHub.
βΌοΈ CVE-2026-28286: ZimaOS Privilege Escalation Vulnerability
PoC: https://github.com/Rushi9/zimaos-cve-2026-28286-arbitrary-file-write?tab=readme-ov-file
A privilege escalation vulnerability discovered in Zimaspace's ZimaOS. It enables attackers to circumvent API-level restrictions and gain unauthorized write access to sensitive system directories.
PoC: https://github.com/Rushi9/zimaos-cve-2026-28286-arbitrary-file-write?tab=readme-ov-file
A privilege escalation vulnerability discovered in Zimaspace's ZimaOS. It enables attackers to circumvent API-level restrictions and gain unauthorized write access to sensitive system directories.
βΌοΈ DOJ Press Release
βββββββββββββββββββββ
Justice Department Conducts Court-Authorized Disruption of DNS Hijacking Network Controlled by a Russian Military Intelligence Unit
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
βββββββββββββββββββββ
Justice Department Conducts Court-Authorized Disruption of DNS Hijacking Network Controlled by a Russian Military Intelligence Unit
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
www.justice.gov
Justice Department Conducts Court-Authorized Disruption of DNS
Today, the Department of Justice and the FBI announced a court-authorized technical operation to neutralize the U.S. portion of a network of small office/home office (SOHO) routers compromised by a unit within Russiaβs Main Intelligence Directorate of theβ¦