‼️ Advanced Magento 2.x exploitation tool for unauthenticated RCE via polyglot file upload through REST API. Tests 45+ PHP extensions with multi-header support (PNG/GIF) for maximum exploitation coverage.
GitHub: https://github.com/khadafigans/Magento-Polyshell-RCE
Credit: @khadafigans_ (X)
GitHub: https://github.com/khadafigans/Magento-Polyshell-RCE
Credit: @khadafigans_ (X)
🔥2❤1
The current News Feed (https://darkwebinformer.com/news-feed/), will be updated next week with this almost finished design. It will also contain more sources. These new sources will also be added to the current API endpoint.
🔥1
‼️🇨🇳Threat actor claims to have breached Chinas National Supercomputing Center and exfiltrated over 10 petabytes of classified military and aerospace research data including simulation data, design files, satellite telemetry, and defense contractor research.
The post indicates the data is being sold rather than freely distributed.
The post indicates the data is being sold rather than freely distributed.
🔥6
🔪 Slice For Life 🔪
‼️🇨🇳Threat actor claims to have breached Chinas National Supercomputing Center and exfiltrated over 10 petabytes of classified military and aerospace research data including simulation data, design files, satellite telemetry, and defense contractor research.…
This was posted on BF, DF, and PF.
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Cancillería de Colombia
Domain:
Country: 🇨🇴 CO
Date: Apr 8th, 2026
Summary:
Un supuesto ataque cibernético causó la suspensión de la atención en las oficinas de la Cancillería de Colombia para la expedición de pasaportes en varias ciudades, incluyendo Medellín, Bogotá, Cali y Bucaramanga. El problema se concentró en la plataforma SITAC, lo que impidió la prestación de servicios clave como apostilla y pasaportes en línea. La Cancillería informó que se están realizando labores técnicas para resolver las intermitencias y mejorar la plataforma.
Source: https://www.elcolombiano.com/colombia/caos-en-entrega-de-pasaportes-por-supuesto-ataque-cibernetico-tiene-que-ver-el-nuevo-modelo-PB35343682
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Cancillería de Colombia
Domain:
cancilleria.gov.coCountry: 🇨🇴 CO
Date: Apr 8th, 2026
Summary:
Un supuesto ataque cibernético causó la suspensión de la atención en las oficinas de la Cancillería de Colombia para la expedición de pasaportes en varias ciudades, incluyendo Medellín, Bogotá, Cali y Bucaramanga. El problema se concentró en la plataforma SITAC, lo que impidió la prestación de servicios clave como apostilla y pasaportes en línea. La Cancillería informó que se están realizando labores técnicas para resolver las intermitencias y mejorar la plataforma.
Source: https://www.elcolombiano.com/colombia/caos-en-entrega-de-pasaportes-por-supuesto-ataque-cibernetico-tiene-que-ver-el-nuevo-modelo-PB35343682
El Colombiano
Caos en entrega de pasaportes por supuesto “ataque cibernético”, ¿tiene que ver el nuevo modelo?
La falla afectó el Sistema Integral de Trámites al Ciudadano por lo que muchas citas quedaron bloqueadas en las principales ciudades.
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Coral Bay Nickel Corporation
Domain:
Country: 🇵🇭 PH
Date: Apr 7th, 2026
Summary:
Sumitomo Metal Mining Co's Philippine nickel smelting subsidiary, Coral Bay Nickel Corporation, suffered a ransomware attack. The company isolated the affected servers and is investigating the breach with external specialists. The attack had a limited impact on operations and is not expected to significantly affect the company's consolidated results.
Source: https://www.tipranks.com/news/company-announcements/sumitomo-metal-mining-reports-ransomware-attack-at-philippine-nickel-subsidiary
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Coral Bay Nickel Corporation
Domain:
cbnc.com.phCountry: 🇵🇭 PH
Date: Apr 7th, 2026
Summary:
Sumitomo Metal Mining Co's Philippine nickel smelting subsidiary, Coral Bay Nickel Corporation, suffered a ransomware attack. The company isolated the affected servers and is investigating the breach with external specialists. The attack had a limited impact on operations and is not expected to significantly affect the company's consolidated results.
Source: https://www.tipranks.com/news/company-announcements/sumitomo-metal-mining-reports-ransomware-attack-at-philippine-nickel-subsidiary
TipRanks
Sumitomo Metal Mining Reports Ransomware Attack at Philippine Nickel Subsidiary
Sumitomo Metal Mining Co ( ($JP:5713) ) has shared an update. Sumitomo Metal Mining has disclosed that its Philippine nickel smelting subsidiary, Coral Bay Nickel C...
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Anderlues
Domain:
Country: 🇧🇪 BE
Date: Apr 8th, 2026
Summary:
La commune d'Anderlues a été victime d'une cyberattaque de grande ampleur, entraînant la fermeture de ses services administratifs pour une durée indéterminée. L'attaque a eu lieu entre minuit et 5h du matin le 8 avril 2026. Les autorités locales et fédérales tentent de rétablir l'accès aux systèmes informatiques et de déterminer l'origine de l'attaque.
Source: https://www.dhnet.be/regions/charleroi/2026/04/09/ladministration-communale-danderlues-subit-une-cyberattaque-de-grande-ampleur-les-services-fermes-pour-une-duree-inconnue-MBTDZSJTLJB7TIM2SXAWOQ4OAQ/
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Anderlues
Domain:
anderlues.beCountry: 🇧🇪 BE
Date: Apr 8th, 2026
Summary:
La commune d'Anderlues a été victime d'une cyberattaque de grande ampleur, entraînant la fermeture de ses services administratifs pour une durée indéterminée. L'attaque a eu lieu entre minuit et 5h du matin le 8 avril 2026. Les autorités locales et fédérales tentent de rétablir l'accès aux systèmes informatiques et de déterminer l'origine de l'attaque.
Source: https://www.dhnet.be/regions/charleroi/2026/04/09/ladministration-communale-danderlues-subit-une-cyberattaque-de-grande-ampleur-les-services-fermes-pour-une-duree-inconnue-MBTDZSJTLJB7TIM2SXAWOQ4OAQ/
DHnet
L'administration communale d'Anderlues subit une cyberattaque de grande ampleur: les services fermés "pour une durée inconnue"
Le matériel informatique, infecté ou à risque de l'être, doit être coupé. "Sans outil, impossible de travailler" explique le bourgmestre Hadrien Polain,...
‼️🇺🇸 Threat actor claims to be selling Cisco source code and database containing 3.15 million Salesforce records, allegedly stolen by UNC6040/ShinyHunters for $500,000.
The data reportedly includes source code for various Cisco products including IOS, ASA, and NX-OS, along with PII, GitHub repositories, and AWS buckets.
The data reportedly includes source code for various Cisco products including IOS, ASA, and NX-OS, along with PII, GitHub repositories, and AWS buckets.
‼️🇧🇷 Threat actor Buddha is allegedly selling a complete Serasa database dump containing over 220 million Brazilian citizen records including names, emails, phone numbers, addresses, dates of birth, CPF numbers, income data, and gender information for $350.
The compressed 507GB database expands to 1.8TB and is dated August 17, 2022.
The compressed 507GB database expands to 1.8TB and is dated August 17, 2022.
‼️🇲🇽 Threat actor SpeakTeam leaked a database containing personal information of Universidad Popular de la Chontalpa students/applicants including full names, phone numbers, birthdates, emails, and other sensitive personal details.
🔥1