‼️🇮🇷 Iran Nuclear allegedly breached with 77.56 GB of data threatened for release under "Pay Or Leak" ransom

A threat actor claims to have obtained 77.56 GB of data related to Iran, including archives tied to the Iranian nuclear program, government databases, and a nuclear authority website. The actor has issued a "Pay Or Leak" ultimatum, demanding €5,000 by May 15th and threatening to publicly release all collected information if the ransom is not paid. The actor frames the operation as a response to events involving Israel and Iran, and claims to have also defaced Iranian websites and exfiltrated their databases during the intrusion.

Post details:

▸ Actor(s): NormalLeVrai
▸ Sector: Government / Nuclear / Insurance
▸ Type: Ransom / Pre-Leak Extortion
▸ Format: RAR, ZIP, JSON, XLSX, TXT
▸ Price: €5,000 (ransom) / Free if unpaid by deadline
▸ Records: 77.56 GB
▸ Country: Iran
▸ Deadline: 15/05/2026
▸ Date: 10/05/2026

Compromised data:

▪️ Data_Iran_Nuclear_Program - ~1.6 GB per file, archives related to the Iranian nuclear program (multiple files)
▪️ Nuclear Iranian Database.part01–35.rar - database divided into 35 parts, up to ~1.48 GB each
▪️ Iran 4.63GB.json.002 - part of a large structured JSON file
▪️ Iran & RF 95.000.000.zip.001 - ~1.84 GB
▪️ Iran & RF 95.000.000database.zip - additional part of a 95 million record database
▪️ iran_insurances_samples.zip - Iranian insurance data
▪️ IranBudget-Table-07-1-Bill1399.xlsx - Iranian budget table
▪️ Iran 500k.txt - large list of telephone number data
▪️ bapeten.go.id - ~1.47 GB, archive related to Iranian nuclear authority / government website
▪️ Defacement evidence and extracted databases from additional Iranian websites

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

"Use a computer. Then make it vanish."

‼️bubbl.cx allegedly advertised as disposable anonymous RDP service for Windows & Linux

A threat actor is promoting bubbl.cx, a service marketed as a disposable cloud desktop platform offering anonymous Windows and Linux RDP access. The service advertises no-email signup, cryptocurrency-only payments, and full destruction of VMs, disks, and keys on termination, branded as "anonymous by design" and aimed at users seeking untraceable remote computing infrastructure.

Post details:

▸ Actor(s): gravem1nd (VIP)
▸ Sector: Anonymous Hosting / Disposable RDP
▸ Type: Service Advertisement
▸ Format: Browser-based RDP + SSH
▸ Country: Multi-region (DE, US, AU)
▸ Date: 10/05/2026

Service features:

▪️ Full Windows or Linux RDP in-browser, deployable in under 60 seconds
▪️ Supported OS: Windows 11, Windows Server 2022, Ubuntu, Debian, Fedora, Parrot
▪️ Regions: Frankfurt, NYC, Sydney
▪️ WireGuard kill switch, all traffic forced through encrypted VPN at firewall level
▪️ No email signup, password-only authentication
▪️ "Pop & Gone" destruction, VM, disk, and keys wiped on termination, advertised as unrecoverable
▪️ LUKS full-disk encryption on NVMe storage at rest
▪️ Browser RDP + SSH access, no client install required
▪️ US and EU exit nodes for traffic routing
▪️ Plans: Micro ($9/mo, 2 vCPU, 4GB RAM, 60GB, 1 Bubble), Standard ($19/mo, 4 vCPU, 8GB RAM, 120GB, 2 Bubbles), Pro ($39/mo, 6 vCPU, 12GB RAM, 180GB, 3 Bubbles)
▪️ Payment: BTC, ETH, XMR, LTC plus 50 more cryptocurrencies
▪️ Slogan: "No logs, no traces, no recovery"

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇲🇽 Poder Judicial del Estado de Tabasco allegedly leaked exposing 11,741 worker records from the Mexican state judicial body

A threat actor claims to have leaked the database of Poder Judicial del Estado de Tabasco (Órgano de Administración Judicial), the judicial branch of the Mexican state of Tabasco. The actor states that 11,741 workers are exposed due to poor security and frames the release as a hack performed by "hackstage". The CSV sample shows full identity records including government tax IDs, institutional and personal emails, phone numbers, and marital status, with sample entries dating back to 2021.

Post details:

▸ Actor(s): hackstage
▸ Sector: Government / Judicial
▸ Type: Database Leak
▸ Format: CSV
▸ Price: Free
▸ Records: 11,741
▸ Country: Mexico
▸ Date: 10/05/2026

Compromised data:

▪️ ID
▪️ Names (nombres)
▪️ First surname (primer_apellido)
▪️ Second surname (segundo_apellido)
▪️ CURP (Mexican national identity code)
▪️ RFC (Mexican federal taxpayer registry)
▪️ Institutional email (correo_institucional)
▪️ Personal email (correo_personal)
▪️ Home phone (telefono_casa)
▪️ Personal phone (telefono_personal)
▪️ Marital status (estado_civil)
▪️ Matrimonial regime (regimen_matrimonial)
▪️ Country (pais)
▪️ Observations (observaciones)
▪️ Last update field and timestamp (actualizo, f_actualizacion)

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations