🔪 Slice For Life - Part 2 🔪 pinned «I am currently building the historical feed... both the platform frontend and the API endpoints that will get everything first. You still may see some very old posts on the current feed for testing. Currently the threat feed alone is doing over 400 posts…»
‼️ SAFEPAY Ransomware Claims 9 Victims
🇺🇸 jmige.com
🇺🇸 gingerichtrucking.com
🇪🇸 smp.cat
🇮🇹 soavegel.it
🇬🇧 globalmerchservices.com
🇮🇹 studioubertazzi.it
🇧🇪 ettp.be
🇩🇪 mbk-gmbh.de
🇩🇪 id-s.de
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🇺🇸 jmige.com
🇺🇸 gingerichtrucking.com
🇪🇸 smp.cat
🇮🇹 soavegel.it
🇬🇧 globalmerchservices.com
🇮🇹 studioubertazzi.it
🇧🇪 ettp.be
🇩🇪 mbk-gmbh.de
🇩🇪 id-s.de
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇫🇷 NRJ Mobile allegedly leaked exposing 266K customer records from the French MVNO
A threat actor claims to have leaked a database from NRJ Mobile (nrjmobile.fr), a French mobile virtual network operator, releasing it for free under the hashtag #freebreach3d. The 266,345-record sample includes full customer profiles with banking identifiers (IBAN/BIC) and Freebox account references in JSONL format.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Telecommunications (MVNO)
▸ Type: Data Leak
▸ Format: JSONL
▸ Price: Free
▸ Records: 266,345
▸ Country: France
Compromised data:
▪️ Internal ID and customer code
▪️ Title, first name, last name
▪️ Email address
▪️ Phone numbers (primary and secondary)
▪️ Street address, postal code, city, country
▪️ Individual type
▪️ IBAN and BIC banking identifiers
▪️ Freebox ID
▪️ Account status (active/inactive)
▪️ Registration date
▪️ Retention offer flag and additional mobile loan flag
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database from NRJ Mobile (nrjmobile.fr), a French mobile virtual network operator, releasing it for free under the hashtag #freebreach3d. The 266,345-record sample includes full customer profiles with banking identifiers (IBAN/BIC) and Freebox account references in JSONL format.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Telecommunications (MVNO)
▸ Type: Data Leak
▸ Format: JSONL
▸ Price: Free
▸ Records: 266,345
▸ Country: France
Compromised data:
▪️ Internal ID and customer code
▪️ Title, first name, last name
▪️ Email address
▪️ Phone numbers (primary and secondary)
▪️ Street address, postal code, city, country
▪️ Individual type
▪️ IBAN and BIC banking identifiers
▪️ Freebox ID
▪️ Account status (active/inactive)
▪️ Registration date
▪️ Retention offer flag and additional mobile loan flag
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇧🇷 TransmiteNota allegedly leaked exposing 20 million records from the Brazilian e-invoicing platform
A forum moderator claims to have leaked a SQL database from app3.transmitenota.com.br, a Brazilian electronic invoicing service, with the dump dated May 1, 2026. The leak reportedly contains 20,151,364 rows and 141,000 emails, with samples showing personal and corporate contact records including individual names and registered businesses.
Post details:
▸ Actor(s): Tanaka
▸ Sector: Finance / SaaS (e-invoicing / nota fiscal)
▸ Type: Data Leak
▸ Format: SQL
▸ Price: Free (reply-gated)
▸ Records: 20,151,364 rows, 141,000 emails
▸ Country: Brazil
▸ Original leak date: 01/05/2026
Compromised data:
▪️ Record ID
▪️ Full names (individuals)
▪️ Company names (LTDA / corporate registrations)
▪️ Phone numbers
▪️ Email addresses
▪️ Internal system reference codes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A forum moderator claims to have leaked a SQL database from app3.transmitenota.com.br, a Brazilian electronic invoicing service, with the dump dated May 1, 2026. The leak reportedly contains 20,151,364 rows and 141,000 emails, with samples showing personal and corporate contact records including individual names and registered businesses.
Post details:
▸ Actor(s): Tanaka
▸ Sector: Finance / SaaS (e-invoicing / nota fiscal)
▸ Type: Data Leak
▸ Format: SQL
▸ Price: Free (reply-gated)
▸ Records: 20,151,364 rows, 141,000 emails
▸ Country: Brazil
▸ Original leak date: 01/05/2026
Compromised data:
▪️ Record ID
▪️ Full names (individuals)
▪️ Company names (LTDA / corporate registrations)
▪️ Phone numbers
▪️ Email addresses
▪️ Internal system reference codes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇫🇷 Leroy Merlin France allegedly leaked exposing 367,462 loyalty program records
A threat actor claims to be selling a freshly scraped database from Leroy Merlin France, clarifying that it is not a full store dump but rather a dump from one of the retailer's loyalty ("outil de fidelité") tools, and is being marketed as premium, unprocessed, and not previously circulated. The package contains a single file with detailed customer profiles including loyalty card data, addresses, and account metadata.
Post details:
▸ Actor(s): Lagui
▸ Sector: Retail (home improvement)
▸ Type: Data Sale
▸ Format: 1 file (JSON), 367,462 entries
▸ Price: Negotiable (escrow accepted)
▸ Records: 367,462
▸ Country: France
▸ Date: 06/05/2026
Compromised data:
▪️ Internal ID, login, civility, birth date
▪️ First name and last name
▪️ Email addresses (primary and login)
▪️ Phone numbers
▪️ Multiple addresses (building, street number, street, city, postal code, country, province)
▪️ Loyalty card number and barcode
▪️ Loyalty status, points, expiration, validity dates
▪️ Reward and burn status, vouchers, badges
▪️ Co-owners and partner platform access flags
▪️ Web account status, last login, login count
▪️ Marital status, number of children, store code
▪️ Account creation date and migration state
▪️ Administrative identifiers and moving date
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a freshly scraped database from Leroy Merlin France, clarifying that it is not a full store dump but rather a dump from one of the retailer's loyalty ("outil de fidelité") tools, and is being marketed as premium, unprocessed, and not previously circulated. The package contains a single file with detailed customer profiles including loyalty card data, addresses, and account metadata.
Post details:
▸ Actor(s): Lagui
▸ Sector: Retail (home improvement)
▸ Type: Data Sale
▸ Format: 1 file (JSON), 367,462 entries
▸ Price: Negotiable (escrow accepted)
▸ Records: 367,462
▸ Country: France
▸ Date: 06/05/2026
Compromised data:
▪️ Internal ID, login, civility, birth date
▪️ First name and last name
▪️ Email addresses (primary and login)
▪️ Phone numbers
▪️ Multiple addresses (building, street number, street, city, postal code, country, province)
▪️ Loyalty card number and barcode
▪️ Loyalty status, points, expiration, validity dates
▪️ Reward and burn status, vouchers, badges
▪️ Co-owners and partner platform access flags
▪️ Web account status, last login, login count
▪️ Marital status, number of children, store code
▪️ Account creation date and migration state
▪️ Administrative identifiers and moving date
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Systemd Backdoor: A simple script to automate systemd backdoor
GitHub: https://github.com/MatheuZSecurity/systemd-backdoor/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub: https://github.com/MatheuZSecurity/systemd-backdoor/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
😈1
🚨Marlon Ferro, who went by the online handle "GothFerrari," has been sentenced to 6.5 years in federal prison for his involvement in the Malone Lam heist, a crypto theft that netted more than $250 million. He was also ordered to pay $2.5 Million in restitution.
https://www.justice.gov/usao-dc/pr/gothferrari-sentenced-78-months-prison-role-massive-cryptocurrency-heist
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.justice.gov/usao-dc/pr/gothferrari-sentenced-78-months-prison-role-massive-cryptocurrency-heist
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
www.justice.gov
‘GothFerrari’ Sentenced to 78 Months in Prison for Role in Massive
Marlon Ferro, 20, of Santa Ana, California, was sentenced today in U.S. District Court to 78 months in prison in connection with his role in a sprawling social engineering conspiracy that stole well over $250 million in cryptocurrency from victims across…
‼️ New Dark Web Informer Blog Post!
Title: Daily Dose of Dark Web Informer - May 6th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-6th-2026/
Title: Daily Dose of Dark Web Informer - May 6th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-6th-2026/
Dark Web Informer
Daily Dose of Dark Web Informer - May 6th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
‼️ New Dark Web Informer Blog Post!
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) allegedly leaked exposing fuel oil distributor records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) allegedly leaked exposing fuel oil distributor records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Dark Web Informer
Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
A threat actor claims to have leaked a database from Indonesia’s Ministry of Energy and Mineral Resources (Kementerian ESDM), specifically the list of distributors for general commercial business entities of fuel oil for the second semester of 2025
‼️ New Dark Web Informer Blog Post!
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Dark Web Informer
Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
A threat actor claims to have leaked a database from Indonesia’s Ministry of Energy and Mineral Resources (Kementerian ESDM), specifically the list of distributors for general commercial business entities of fuel oil for the second semester of 2025
‼️ New Dark Web Informer Blog Post!
Title: MoreIdeas General Trading Allegedly Re-Leaked Exposing 787,217 Student Records From the Dubai EdTech Firm
Link: https://darkwebinformer.com/moreideas-general-trading-allegedly-re-leaked-exposing-787-217-student-records-from-the-dubai-edtech-firm/
Title: MoreIdeas General Trading Allegedly Re-Leaked Exposing 787,217 Student Records From the Dubai EdTech Firm
Link: https://darkwebinformer.com/moreideas-general-trading-allegedly-re-leaked-exposing-787-217-student-records-from-the-dubai-edtech-firm/
Dark Web Informer
MoreIdeas General Trading Allegedly Re-Leaked Exposing 787,217 Student Records From the Dubai EdTech Firm
A threat actor claims to have re-dumped the moreideas.ae database, stating this version is “more juicy than before” and dating the breach to May 2026
Pavel Durov, founder of Telegram, posted this video in regards to TON's finality time.
I'll take Monero at 20 minutes and beyond any day.
I'll take Monero at 20 minutes and beyond any day.
❤2
‼️ New Dark Web Informer Blog Post!
Title: Belgian Sports/Fitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN Data
Link: https://darkwebinformer.com/belgian-sports-fitness-chain-allegedly-breached-exposing-105k-customer-records-with-iban-data/
Title: Belgian Sports/Fitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN Data
Link: https://darkwebinformer.com/belgian-sports-fitness-chain-allegedly-breached-exposing-105k-customer-records-with-iban-data/
Dark Web Informer
Belgian Sports/Fitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN Data
A threat actor claims to be selling a customer database from a Belgian sports/fitness business (gym branding visible in the post as “ANIMO”), advertising it as containing 105,000 customers with full IBAN banking details. The seller is offering tiered pricing…
‼️ New Dark Web Informer Blog Post!
Title: Laboratorios CEFLO Allegedly Breached Exposing 21K Positive HIV, Syphilis, and COVID Test Results From the Mexican Lab
Link: https://darkwebinformer.com/laboratorios-ceflo-allegedly-breached-exposing-21k-positive-hiv-syphilis-and-covid-test-results-from-the-mexican-lab/
Title: Laboratorios CEFLO Allegedly Breached Exposing 21K Positive HIV, Syphilis, and COVID Test Results From the Mexican Lab
Link: https://darkwebinformer.com/laboratorios-ceflo-allegedly-breached-exposing-21k-positive-hiv-syphilis-and-covid-test-results-from-the-mexican-lab/
Dark Web Informer
Laboratorios CEFLO Allegedly Breached Exposing 21K Positive HIV, Syphilis, and COVID Test Results From the Mexican Lab
A threat actor describing themselves as specializing in “stealing medical data” claims to have breached Mexican clinical lab Laboratorios CEFLO, releasing the dataset for free out of stated retaliation after the lab allegedly ignored a paid pentest offer.
❤1
‼️ New Dark Web Informer Blog Post!
Title: Antel TuID Digital Allegedly Breached Exposing 8GB of Data From the Uruguayan State Telecom’s E-Government Platform
Link: https://darkwebinformer.com/antel-tuid-digital-allegedly-breached-exposing-8gb-of-data-from-the-uruguayan-state-telecoms-e-government-platform/
Title: Antel TuID Digital Allegedly Breached Exposing 8GB of Data From the Uruguayan State Telecom’s E-Government Platform
Link: https://darkwebinformer.com/antel-tuid-digital-allegedly-breached-exposing-8gb-of-data-from-the-uruguayan-state-telecoms-e-government-platform/
Dark Web Informer
Antel TuID Digital Allegedly Breached Exposing 8GB of Data From the Uruguayan State Telecom’s E-Government Platform
A threat actor claims to have compromised TuID Digital, the digital identity platform operated by Uruguayan state-owned telecom Antel, by obtaining the API key stored alongside internal files on Antel’s server backend.
‼️ New Dark Web Informer Blog Post!
Title: US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access
Link: https://darkwebinformer.com/us-non-emergency-medical-transport-network-allegedly-breached-exposing-500k-patient-records-and-live-admin-access/
Title: US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access
Link: https://darkwebinformer.com/us-non-emergency-medical-transport-network-allegedly-breached-exposing-500k-patient-records-and-live-admin-access/
Dark Web Informer
US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access
A threat actor claims to be selling live, authenticated admin panel access to a major US Non-Emergency Medical Transportation (NEMT) platform, advertising real-time control over operations rather than a static dump.