‼️ Users of Instructure are currently logging into Canvas with a ShinyHunters message
Ruthless.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Ruthless.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔥1
🔪 Slice For Life - Part 2 🔪
‼️ Users of Instructure are currently logging into Canvas with a ShinyHunters message Ruthless. ________________________________________ Main Channel: https://t.me/SliceForLifeee Backup Channel: https://t.me/SliceForLifeeee Website: darkwebinformer.com Pricing…
Canvas is now under "scheduled maintenance."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
😁3
🔪 Slice For Life - Part 2 🔪
Canvas is now under "scheduled maintenance." ________________________________________ Main Channel: https://t.me/SliceForLifeee Backup Channel: https://t.me/SliceForLifeeee Website: darkwebinformer.com Pricing (Includes Crypto): darkwebinformer.com/pricing…
https://www.instructure.com/canvas/login
Enter a school and it will redirect you to the Canvas page with the maintenance message.
Enter a school and it will redirect you to the Canvas page with the maintenance message.
Instructure
Login
Official Login page for Canvas student login, School Search Canvas, Canvas Network, Canvas Community, and Canvas Free For Teacher accounts.
‼️ DOJ Press Release
━━━━━━━━━━━━━━━━━━━━━
Federal Jury Convicts Virgina Man on Charges Relating to the Deletion of U.S. Government Databases
Full Press Release → justice.gov
━━━━━━━━━━━━━━━━━━━━━
🕵️ Dark Web Informer • DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
━━━━━━━━━━━━━━━━━━━━━
Federal Jury Convicts Virgina Man on Charges Relating to the Deletion of U.S. Government Databases
Full Press Release → justice.gov
━━━━━━━━━━━━━━━━━━━━━
🕵️ Dark Web Informer • DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
www.justice.gov
Federal Jury Convicts Virgina Man on Charges Relating to the Deletion
A federal jury convicted Sohaib Akhter, 34, of Alexandria, Virgina, today on charges of conspiracy to commit computer fraud, password trafficking, and possession of a firearm by a prohibited person.
‼️ ShinyHunters has removed Instructure from their Pay or Leak portal.
Seems negotiations are ongoing.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Seems negotiations are ongoing.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔪 Slice For Life - Part 2 🔪
‼️ ShinyHunters has removed Instructure from their Pay or Leak portal. Seems negotiations are ongoing. ________________________________________ Main Channel: https://t.me/SliceForLifeee Backup Channel: https://t.me/SliceForLifeeee Website: darkwebinformer.com…
They are still down, with no updates.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
❤1
‼️🇮🇳 Indian real estate firm allegedly being sold as Azure AD server admin access
A threat actor is offering Server Admin level Azure AD access to an unnamed Indian real estate company, with the target profile listing $10M-$25M in revenue and roughly 100 hosts on the network. The post notes Malwarebytes EDR is in place. 😁
Post details:
▸ Actor(s): tiger
▸ Sector: Real Estate
▸ Type: Access Sale
▸ Access: Azure AD, Server Admin privilege
▸ AV / EDR: Malwarebytes EDR
▸ Network size: ~100 hosts
▸ Revenue: $10M - $25M
▸ Country: India
▸ Date: 07/05/2026
Don't like the redacted screenshots? Subscribe... darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is offering Server Admin level Azure AD access to an unnamed Indian real estate company, with the target profile listing $10M-$25M in revenue and roughly 100 hosts on the network. The post notes Malwarebytes EDR is in place. 😁
Post details:
▸ Actor(s): tiger
▸ Sector: Real Estate
▸ Type: Access Sale
▸ Access: Azure AD, Server Admin privilege
▸ AV / EDR: Malwarebytes EDR
▸ Network size: ~100 hosts
▸ Revenue: $10M - $25M
▸ Country: India
▸ Date: 07/05/2026
Don't like the redacted screenshots? Subscribe... darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
If you were curious to know how the info stealer situation is at Instructure, here is the dashboard courtesy of @whiteintel_io.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔪 Slice For Life - Part 2 🔪
If you were curious to know how the info stealer situation is at Instructure, here is the dashboard courtesy of @whiteintel_io. ________________________________________ Main Channel: https://t.me/SliceForLifeee Backup Channel: https://t.me/SliceForLifeeee…
Adding consumer events just to stay fair.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔪 Slice For Life - Part 2 🔪
They are still down, with no updates. ________________________________________ Main Channel: https://t.me/SliceForLifeee Backup Channel: https://t.me/SliceForLifeeee Website: darkwebinformer.com Pricing (Includes Crypto): darkwebinformer.com/pricing API Access:…
Instructure provided an update on their status page.
Update - Instructure has placed Canvas, Canvas Beta and Canvas Test in maintenance mode. We anticipate being up soon, and will provide updates as soon as possible
May 07, 2026 - 17:37 MDT
https://status.instructure.com/
Update - Instructure has placed Canvas, Canvas Beta and Canvas Test in maintenance mode. We anticipate being up soon, and will provide updates as soon as possible
May 07, 2026 - 17:37 MDT
https://status.instructure.com/
‼️ ShinyHunters wants you to know that no further comments will be made regarding the recent hack.
Instructure still is no longer listed on their Pay or Leak portal.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Instructure still is no longer listed on their Pay or Leak portal.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: Community Choice Credit Union Allegedly Breached Exposing 1M+ Premium Credit Client Records
Link: https://darkwebinformer.com/community-choice-credit-union-allegedly-breached-exposing-1m-premium-credit-client-records/
Title: Community Choice Credit Union Allegedly Breached Exposing 1M+ Premium Credit Client Records
Link: https://darkwebinformer.com/community-choice-credit-union-allegedly-breached-exposing-1m-premium-credit-client-records/
Dark Web Informer
Community Choice Credit Union Allegedly Breached Exposing 1M+ Premium Credit Client Records
A threat actor is advertising what they describe as a US banking / premium credit client dataset tied to communitychoicecu.com, releasing a 1M+ record sample with full card numbers, names, issuing banks, and addresses.
‼️ New Dark Web Informer Blog Post!
Title: LDLC Allegedly Leaked Exposing 1.5 Million Customer Records From the French Tech Retailer
Link: https://darkwebinformer.com/ldlc-allegedly-leaked-exposing-1-5-million-customer-records-from-the-french-tech-retailer/
Title: LDLC Allegedly Leaked Exposing 1.5 Million Customer Records From the French Tech Retailer
Link: https://darkwebinformer.com/ldlc-allegedly-leaked-exposing-1-5-million-customer-records-from-the-french-tech-retailer/
Dark Web Informer
LDLC Allegedly Leaked Exposing 1.5 Million Customer Records From the French Tech Retailer
A threat actor claims to have leaked a database from LDLC, a major French retailer of computers, components, smartphones, and gaming/audio/TV equipment, releasing 1,504,635 records for free under the hashtag #freebreach3d.
‼️ New Dark Web Informer Blog Post!
Title: Credilink Allegedly Breached Exposing 243 Million Records From the Brazilian Credit Data Provider
Link: https://darkwebinformer.com/credilink-allegedly-breached-exposing-243-million-records-from-the-brazilian-credit-data-provider/
Title: Credilink Allegedly Breached Exposing 243 Million Records From the Brazilian Credit Data Provider
Link: https://darkwebinformer.com/credilink-allegedly-breached-exposing-243-million-records-from-the-brazilian-credit-data-provider/
Dark Web Informer
Credilink Allegedly Breached Exposing 243 Million Records From the Brazilian Credit Data Provider
A threat actor is selling a 243 million record dataset attributed to credilink.com.br, described in the post as a Brazilian credit information and risk analysis provider serving financial institutions and retailers.
‼️🏴☠️ R4T Ghost v1.7.5 Remote Access Trojan allegedly being sold on a hacking forum
An actor is selling ownership of "R4T Ghost v1.7.5," a Windows Remote Access Trojan, for $1,530, advertising it as their "latest 2026" build with a free update guarantee. Screenshots from the post show a builder/controller GUI with modules for client management, file transfer, registry editing, screenshot capture, webcam and microphone access, keylogging, and a remote shell.
Post details:
▸ Actor(s): MDGhost
▸ Sector: Malware / Offensive tooling
▸ Type: Tool Sale (Remote Access Trojan)
▸ Format: Builder + controller (port 5555 default listener)
▸ Price: $1,530 (with claimed free update guarantee)
Capabilities described in the post:
▪️ Steal files and saved passwords
▪️ Spy on user activity
▪️ Take screenshots
▪️ Access webcam and microphone
▪️ Remote control of victim devices
▪️ Exfiltrate internal documents and customer databases
▪️ Harvest emails, login credentials, project files, and financial data
▪️ Client dashboard with IP, country, PC name, user, OS, AV, ping, idle time
▪️ Tabs for system info, network, process manager, files, registry, services, tasks, screenshot, webcam, keylogger, remote shell
Defender notes:
▪️ Hunt for unsigned binaries opening listeners on port 5555 or other non-standard high ports
▪️ Alert on unexpected webcam/microphone access by non-conferencing processes
▪️ Monitor for new persistence entries (Run keys, scheduled tasks, services) created by recently executed user-mode binaries
▪️ EDR rules for combined keystroke logging plus screen capture plus outbound C2 beaconing patterns
▪️ Block execution of binaries from user-writable paths via AppLocker/WDAC and enforce MFA on credential stores
Note: The blurs on the RAT screenshot are not mine.
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
An actor is selling ownership of "R4T Ghost v1.7.5," a Windows Remote Access Trojan, for $1,530, advertising it as their "latest 2026" build with a free update guarantee. Screenshots from the post show a builder/controller GUI with modules for client management, file transfer, registry editing, screenshot capture, webcam and microphone access, keylogging, and a remote shell.
Post details:
▸ Actor(s): MDGhost
▸ Sector: Malware / Offensive tooling
▸ Type: Tool Sale (Remote Access Trojan)
▸ Format: Builder + controller (port 5555 default listener)
▸ Price: $1,530 (with claimed free update guarantee)
Capabilities described in the post:
▪️ Steal files and saved passwords
▪️ Spy on user activity
▪️ Take screenshots
▪️ Access webcam and microphone
▪️ Remote control of victim devices
▪️ Exfiltrate internal documents and customer databases
▪️ Harvest emails, login credentials, project files, and financial data
▪️ Client dashboard with IP, country, PC name, user, OS, AV, ping, idle time
▪️ Tabs for system info, network, process manager, files, registry, services, tasks, screenshot, webcam, keylogger, remote shell
Defender notes:
▪️ Hunt for unsigned binaries opening listeners on port 5555 or other non-standard high ports
▪️ Alert on unexpected webcam/microphone access by non-conferencing processes
▪️ Monitor for new persistence entries (Run keys, scheduled tasks, services) created by recently executed user-mode binaries
▪️ EDR rules for combined keystroke logging plus screen capture plus outbound C2 beaconing patterns
▪️ Block execution of binaries from user-writable paths via AppLocker/WDAC and enforce MFA on credential stores
Note: The blurs on the RAT screenshot are not mine.
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Platform
Link: https://darkwebinformer.com/meetic-allegedly-leaked-exposing-7-million-user-records-from-the-french-online-dating-platform/
Title: Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Platform
Link: https://darkwebinformer.com/meetic-allegedly-leaked-exposing-7-million-user-records-from-the-french-online-dating-platform/
Dark Web Informer
Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Platform
A threat actor claims to have leaked a database from Meetic, a major French online dating platform, releasing 7,169,561 records for free under the hashtag #freebreach3d.
‼️ Instructure has updated their security incident page with further information.
https://www.instructure.com/incident_update
They state ShinyHunters exploited an issue related to their Free-For-Teacher accounts and have shut it down temporarily.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.instructure.com/incident_update
They state ShinyHunters exploited an issue related to their Free-For-Teacher accounts and have shut it down temporarily.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇻🇪 Cashea allegedly re-leaked exposing 79 million transaction records from the Venezuelan BNPL app
A threat actor is reposting and updating a leak of Cashea, a Venezuelan "buy now, pay later" app, claiming a 46.5GB JSON dataset dated 21/02/2026 with sample files including transaction history through that date. The post warns about scammers recycling earlier samples and includes a record showing customer identity, phone, and an installment payment schedule.
Post details:
▸ Actor(s): malconguerra2
▸ Sector: Fintech / BNPL (buy now, pay later)
▸ Type: Data Re-leak (update)
▸ Format: JSON, 46.5GB compressed
▸ Records: 79,006,942 transactions, 29,769 stores, 15,227 merchants
▸ Country: Venezuela
▸ Date: 07/05/2026 (data dated 21/02/2026)
Compromised data:
▪️ Transaction ID, created/billing dates
▪️ Amount and invoice ID
▪️ Paid-to-merchant flag
▪️ Identifier number
▪️ Delivery type, channel, delivery status
▪️ User identification number
▪️ Down payment paid date and status (OPEN/CLOSED)
▪️ Payment details
▪️ Full user profile: identification number, full name, phone number
▪️ Installment schedules (ID, number, scheduled payment date, amount, status)
▪️ Store ID and store name
▪️ Merchant ID and merchant name
▪️ Order products and shipment data
▪️ Status name
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is reposting and updating a leak of Cashea, a Venezuelan "buy now, pay later" app, claiming a 46.5GB JSON dataset dated 21/02/2026 with sample files including transaction history through that date. The post warns about scammers recycling earlier samples and includes a record showing customer identity, phone, and an installment payment schedule.
Post details:
▸ Actor(s): malconguerra2
▸ Sector: Fintech / BNPL (buy now, pay later)
▸ Type: Data Re-leak (update)
▸ Format: JSON, 46.5GB compressed
▸ Records: 79,006,942 transactions, 29,769 stores, 15,227 merchants
▸ Country: Venezuela
▸ Date: 07/05/2026 (data dated 21/02/2026)
Compromised data:
▪️ Transaction ID, created/billing dates
▪️ Amount and invoice ID
▪️ Paid-to-merchant flag
▪️ Identifier number
▪️ Delivery type, channel, delivery status
▪️ User identification number
▪️ Down payment paid date and status (OPEN/CLOSED)
▪️ Payment details
▪️ Full user profile: identification number, full name, phone number
▪️ Installment schedules (ID, number, scheduled payment date, amount, status)
▪️ Store ID and store name
▪️ Merchant ID and merchant name
▪️ Order products and shipment data
▪️ Status name
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations