‼️ CB FINANCIAL SERVICES, INC. has filed form 8-k due to a cybersecurity incident
https://www.stocktitan.net/sec-filings/CBFV/8-k-cb-financial-services-inc-reports-material-event-9d71c207862a.html
"On May 5, 2026, Community Bank (the “Bank”), the wholly-owned subsidiary of CB Financial Services, Inc. (the “Company”), became aware of an internal incident involving the handling of certain non‑public customer information using an unauthorized artificial intelligence-based software application. Upon discovery, the Bank promptly took steps to secure the information at issue and initiated an internal investigation with the assistance of external cybersecurity advisors. The investigation into the incident, including the scope and root cause, remains ongoing.
The incident did not involve a disruption to the Bank's operations, customer access to accounts or services, payment systems, or core information technology infrastructure; however, due to the volume and sensitive nature of the non-public information at issue, on May 7, 2026, the Company determined the event to be material. Among the customer information the Bank has determined was disclosed are customer names, social security numbers and dates of birth.
The Company is evaluating the customer data that was affected and is conducting notifications as required by applicable federal and state laws and regulatory guidance. The Company has been, and continues to be, in communication with relevant banking and financial regulators regarding the incident.
The Company has taken, and continues to take, actions designed to contain and remediate the incident. The Company remains committed to protecting its customers' data and is taking measures designed to prevent future similar incidents, including but not limited to, strengthening existing controls, implementing additional controls and enhancing monitoring measures.
As of the date of this disclosure, this incident has not had, and is not expected to have, a material impact on the Company’s consolidated financial condition or results of operations."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.stocktitan.net/sec-filings/CBFV/8-k-cb-financial-services-inc-reports-material-event-9d71c207862a.html
"On May 5, 2026, Community Bank (the “Bank”), the wholly-owned subsidiary of CB Financial Services, Inc. (the “Company”), became aware of an internal incident involving the handling of certain non‑public customer information using an unauthorized artificial intelligence-based software application. Upon discovery, the Bank promptly took steps to secure the information at issue and initiated an internal investigation with the assistance of external cybersecurity advisors. The investigation into the incident, including the scope and root cause, remains ongoing.
The incident did not involve a disruption to the Bank's operations, customer access to accounts or services, payment systems, or core information technology infrastructure; however, due to the volume and sensitive nature of the non-public information at issue, on May 7, 2026, the Company determined the event to be material. Among the customer information the Bank has determined was disclosed are customer names, social security numbers and dates of birth.
The Company is evaluating the customer data that was affected and is conducting notifications as required by applicable federal and state laws and regulatory guidance. The Company has been, and continues to be, in communication with relevant banking and financial regulators regarding the incident.
The Company has taken, and continues to take, actions designed to contain and remediate the incident. The Company remains committed to protecting its customers' data and is taking measures designed to prevent future similar incidents, including but not limited to, strengthening existing controls, implementing additional controls and enhancing monitoring measures.
As of the date of this disclosure, this incident has not had, and is not expected to have, a material impact on the Company’s consolidated financial condition or results of operations."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇫🇷 La Suite Numérique allegedly breached exposing over 18 million records from the French government digital workspace
A threat actor claims to have exfiltrated over 18 million records from La Suite Numérique, the official digital workspace and collaboration suite operated by the French government's Direction Interministérielle du Numérique (DINUM). The actor is selling the data via Telegram and is offering a free sample of up to 5,000 lines on request.
Post details:
▸ Actor(s): exclode
▸ Sector: Government / Digital Services
▸ Type: Data Sale
▸ Format: Not specified
▸ Price: Not disclosed (selling, sample available)
▸ Records: 18,000,000+
▸ Country: France
▸ Date: 11/05/2026
Compromised data:
▪️ Over 18 million records exfiltrated from La Suite Numérique
▪️ Specific field structure not disclosed in the post
▪️ Sample of up to 5,000 lines offered for free on request
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have exfiltrated over 18 million records from La Suite Numérique, the official digital workspace and collaboration suite operated by the French government's Direction Interministérielle du Numérique (DINUM). The actor is selling the data via Telegram and is offering a free sample of up to 5,000 lines on request.
Post details:
▸ Actor(s): exclode
▸ Sector: Government / Digital Services
▸ Type: Data Sale
▸ Format: Not specified
▸ Price: Not disclosed (selling, sample available)
▸ Records: 18,000,000+
▸ Country: France
▸ Date: 11/05/2026
Compromised data:
▪️ Over 18 million records exfiltrated from La Suite Numérique
▪️ Specific field structure not disclosed in the post
▪️ Sample of up to 5,000 lines offered for free on request
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: KAMS PARIS Allegedly Breached Exposing 187,927 Customer Records From the French Niche Perfumery
Link: https://darkwebinformer.com/kams-paris-allegedly-breached-exposing-187-927-customer-records-from-the-french-niche-perfumery/
Title: KAMS PARIS Allegedly Breached Exposing 187,927 Customer Records From the French Niche Perfumery
Link: https://darkwebinformer.com/kams-paris-allegedly-breached-exposing-187-927-customer-records-from-the-french-niche-perfumery/
Dark Web Informer
KAMS PARIS Allegedly Breached Exposing 187,927 Customer Records From the French Niche Perfumery
A threat actor is selling the customer database of KAMS PARIS, a Parisian niche perfumery founded in 1960 and located at 6 Avenue de l’Opéra, specializing in rare niche perfumes, skincare, and beauty products with delivery across Europe.
‼️ The hacked data of The Gentlemen Ransomware is up for sale for $10K BTC.
https://x.com/DarkWebInformer/status/2053955979499180507
https://x.com/DarkWebInformer/status/2053955979499180507
X (formerly Twitter)
Dark Web Informer (@DarkWebInformer) on X
‼️ The hacked data of The Gentlemen Ransomware is up for sale for $10K BTC.
‼️AIRDC advertised as AI-powered hidden remote desktop control tool for Windows targets
A threat actor is selling AIRDC (AI Remote Desktop Control), a tool marketed as an autonomous Windows bridge that uses a specialized LLM to translate plain-English commands into precise hardware-level inputs on a remote machine.
The actor pitches it as a "Chat-to-Action" engine that lets an operator on a phone or another PC tell the AI agent what to do and watch it navigate the target desktop in real time. The post includes a disclaimer that AIRDC is a tool for developers and automation specialists and that remote access requires proper authorization, though the advertised feature set centers on stealth persistence, kernel-level input injection, and headless background operation. Two tier-based subscriptions are offered with cryptocurrency-only payment.
Post details:
▸ Actor(s): GENERAL DARK
▸ Sector: Offensive Tooling / Remote Access
▸ Type: Tool Sale (AI-driven covert remote control)
▸ Format: Software (Windows agent)
▸ Country: Not specified
▸ Date: 11/05/2026
Service features:
▪️ Chat-to-Action engine: specialized LLM bridge translates conversational intent into hardware-level inputs on the remote desktop
▪️ Conversational Command module: direct chat interface for issuing tasks like file search, email sending, and attachment handling
▪️ Vision Engine: low-latency DXGI Frame Buffer capture with OmniParser mapping UI elements into a real-time coordinate grid
▪️ Control Core: kernel-level raw input via the Interception driver, bypassing software restrictions, with human-mimetic mouse curves
▪️ Deep Analysis: integrated Binary Ninja and Ghidra bridge to read .exe logic when the AI cannot identify a UI element
▪️ Stealth Mode: operates via Session 0 and headless virtual desktops so the AI runs in the background while the main screen stays free
▪️ Natural Language Processing: tasks issued in plain English with no programming required
▪️ Universal Compatibility: claims to work with any Windows application without API, plugins, or hooks
▪️ Autonomous Reasoning: accepts goals such as "find the latest invoice in Outlook and upload it to the CRM" and chains actions independently
▪️ Invisible Persistence: runs as a Protected Process Light (PPL) to stay hidden from standard task managers and system scans
▪️ Encrypted Tunneling: WireGuard and Tailscale integration for direct P2P encrypted connection between operator and agent
▪️ Payment: BTC, LTC, XMR, ETH
▪️ Tagline: "The Elite Autonomous Windows Bridge, See. Reason. Execute."
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is selling AIRDC (AI Remote Desktop Control), a tool marketed as an autonomous Windows bridge that uses a specialized LLM to translate plain-English commands into precise hardware-level inputs on a remote machine.
The actor pitches it as a "Chat-to-Action" engine that lets an operator on a phone or another PC tell the AI agent what to do and watch it navigate the target desktop in real time. The post includes a disclaimer that AIRDC is a tool for developers and automation specialists and that remote access requires proper authorization, though the advertised feature set centers on stealth persistence, kernel-level input injection, and headless background operation. Two tier-based subscriptions are offered with cryptocurrency-only payment.
Post details:
▸ Actor(s): GENERAL DARK
▸ Sector: Offensive Tooling / Remote Access
▸ Type: Tool Sale (AI-driven covert remote control)
▸ Format: Software (Windows agent)
▸ Country: Not specified
▸ Date: 11/05/2026
Service features:
▪️ Chat-to-Action engine: specialized LLM bridge translates conversational intent into hardware-level inputs on the remote desktop
▪️ Conversational Command module: direct chat interface for issuing tasks like file search, email sending, and attachment handling
▪️ Vision Engine: low-latency DXGI Frame Buffer capture with OmniParser mapping UI elements into a real-time coordinate grid
▪️ Control Core: kernel-level raw input via the Interception driver, bypassing software restrictions, with human-mimetic mouse curves
▪️ Deep Analysis: integrated Binary Ninja and Ghidra bridge to read .exe logic when the AI cannot identify a UI element
▪️ Stealth Mode: operates via Session 0 and headless virtual desktops so the AI runs in the background while the main screen stays free
▪️ Natural Language Processing: tasks issued in plain English with no programming required
▪️ Universal Compatibility: claims to work with any Windows application without API, plugins, or hooks
▪️ Autonomous Reasoning: accepts goals such as "find the latest invoice in Outlook and upload it to the CRM" and chains actions independently
▪️ Invisible Persistence: runs as a Protected Process Light (PPL) to stay hidden from standard task managers and system scans
▪️ Encrypted Tunneling: WireGuard and Tailscale integration for direct P2P encrypted connection between operator and agent
▪️ Payment: BTC, LTC, XMR, ETH
▪️ Tagline: "The Elite Autonomous Windows Bridge, See. Reason. Execute."
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: Daily Dose of Dark Web Informer - May 11th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-11th-2026/
Title: Daily Dose of Dark Web Informer - May 11th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-11th-2026/
Dark Web Informer
Daily Dose of Dark Web Informer - May 11th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
‼️🇮🇩 Kementerian Kesehatan Republik Indonesia allegedly leaked exposing 20 million antigen test records from the Indonesian Ministry of Health
A threat actor claims to have leaked a database of 20 million antigen test records linked to Kementerian Kesehatan Republik Indonesia, the Ministry of Health of the Republic of Indonesia.
The CSV sample shows full patient identity data tied to antigen testing performed at health facilities across Indonesia, including national identity numbers (NIC), phone numbers, dates of birth, full addresses with sub-district level detail, and test result status.
Sample entries reference locations such as Jakarta Selatan, BSD Serpong Tangerang Selatan, and dates ranging from 2022 onward.
Post details:
▸ Actor(s): XSVSHACKER
▸ Sector: Government / Healthcare
▸ Type: Data Leak
▸ Format: CSV
▸ Price: Not disclosed
▸ Records: 20,000,000
▸ Country: Indonesia
▸ Date: 11/05/2026
Compromised data:
▪️ Patient ID
▪️ Name
▪️ NIC (national identity number)
▪️ Age
▪️ Phone number
▪️ Address (full street, sub-district, district, province)
▪️ Health facility name
▪️ Citizenship status
▪️ Date of birth
▪️ Test status (e.g., Negative)
▪️ Test date and timestamp
▪️ Facility codes and regional identifiers
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database of 20 million antigen test records linked to Kementerian Kesehatan Republik Indonesia, the Ministry of Health of the Republic of Indonesia.
The CSV sample shows full patient identity data tied to antigen testing performed at health facilities across Indonesia, including national identity numbers (NIC), phone numbers, dates of birth, full addresses with sub-district level detail, and test result status.
Sample entries reference locations such as Jakarta Selatan, BSD Serpong Tangerang Selatan, and dates ranging from 2022 onward.
Post details:
▸ Actor(s): XSVSHACKER
▸ Sector: Government / Healthcare
▸ Type: Data Leak
▸ Format: CSV
▸ Price: Not disclosed
▸ Records: 20,000,000
▸ Country: Indonesia
▸ Date: 11/05/2026
Compromised data:
▪️ Patient ID
▪️ Name
▪️ NIC (national identity number)
▪️ Age
▪️ Phone number
▪️ Address (full street, sub-district, district, province)
▪️ Health facility name
▪️ Citizenship status
▪️ Date of birth
▪️ Test status (e.g., Negative)
▪️ Test date and timestamp
▪️ Facility codes and regional identifiers
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
1🔥1
Media is too big
VIEW IN TELEGRAM
Data theft: Teen arrested over hacking of French government website
Note: This is about the arrest of "breach3d" on a short news clip.
Video Credit: youtube.com/@France24_en
Note: This is about the arrest of "breach3d" on a short news clip.
Video Credit: youtube.com/@France24_en
😭6❤2😈1
Over 800 alerts on the Threat Feed today & it will probably just keep growing.
With that being said im looking into additional notification features that reduce noise & possible alert fatigue for those who want to see everything. I will provide an update to this later this week
With that being said im looking into additional notification features that reduce noise & possible alert fatigue for those who want to see everything. I will provide an update to this later this week
❤2
‼️🇧🇷 MBet allegedly breached exposing 200,000+ KYC documents and 300,000+ PII records from the Brazilian online casino and sports betting platform
A threat actor claims that in May 2026, MBet (Apostas Esportivas / Casa de Apostas Online), a Brazilian online casino and sports betting operator, suffered a successful cyber intrusion resulting in the full compromise of its customer database including KYC and PII records.
The total dump is sized at 251 GB and includes more than 200,000 identity documents (bills, ID cards, handheld ID and selfie verifications) and over 300,000 PII records. The actor has released a partial leak containing 1 GB of KYC material and 5,000 PII records as a sample, with the remainder being held for sale.
Post details:
▸ Actor(s): zSenior (VIP)
▸ Sector: Online Gambling / Sports Betting
▸ Type: Data Breach / Partial Leak with Sale
▸ Format: CSV (PII) and image/PDF folders per user (KYC)
▸ Price: Not disclosed (partial sample released free, full dump for sale)
▸ Records: 300,000+ PII records and 200,000+ KYC documents (251 GB total)
▸ Country: Brazil
▸ Date: 11/05/2026
Compromised data:
KYC documents (over 200,000 total):
▪️ Utility bills
▪️ ID cards
▪️ Handheld ID photos (document held in hand by user)
▪️ Selfie verification photos
▪️ Other identity verification documents
▪️ Organized in per-user folders labelled address, identity, and selfie
PII records (over 300,000 total):
▪️ ID
▪️ Name (Nome)
▪️ Email
▪️ Account creation date (Criado em)
▪️ Country (País)
▪️ Phone 1 (Telefone1)
▪️ Phone 2 (Telefone2)
▪️ CPF (Brazilian taxpayer ID)
▪️ Inviter and Inviter Code
▪️ First name (Primeiro Nome)
▪️ Surname (Sobrenome)
▪️ Mother's name (Nome da Mãe)
▪️ Date of birth (Data de Nascimento)
▪️ Display name (Nome de Visualização)
▪️ Withdrawal balance (Saldo Saque)
▪️ Bonus balance (Saldo Bônus)
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims that in May 2026, MBet (Apostas Esportivas / Casa de Apostas Online), a Brazilian online casino and sports betting operator, suffered a successful cyber intrusion resulting in the full compromise of its customer database including KYC and PII records.
The total dump is sized at 251 GB and includes more than 200,000 identity documents (bills, ID cards, handheld ID and selfie verifications) and over 300,000 PII records. The actor has released a partial leak containing 1 GB of KYC material and 5,000 PII records as a sample, with the remainder being held for sale.
Post details:
▸ Actor(s): zSenior (VIP)
▸ Sector: Online Gambling / Sports Betting
▸ Type: Data Breach / Partial Leak with Sale
▸ Format: CSV (PII) and image/PDF folders per user (KYC)
▸ Price: Not disclosed (partial sample released free, full dump for sale)
▸ Records: 300,000+ PII records and 200,000+ KYC documents (251 GB total)
▸ Country: Brazil
▸ Date: 11/05/2026
Compromised data:
KYC documents (over 200,000 total):
▪️ Utility bills
▪️ ID cards
▪️ Handheld ID photos (document held in hand by user)
▪️ Selfie verification photos
▪️ Other identity verification documents
▪️ Organized in per-user folders labelled address, identity, and selfie
PII records (over 300,000 total):
▪️ ID
▪️ Name (Nome)
▪️ Email
▪️ Account creation date (Criado em)
▪️ Country (País)
▪️ Phone 1 (Telefone1)
▪️ Phone 2 (Telefone2)
▪️ CPF (Brazilian taxpayer ID)
▪️ Inviter and Inviter Code
▪️ First name (Primeiro Nome)
▪️ Surname (Sobrenome)
▪️ Mother's name (Nome da Mãe)
▪️ Date of birth (Data de Nascimento)
▪️ Display name (Nome de Visualização)
▪️ Withdrawal balance (Saldo Saque)
▪️ Bonus balance (Saldo Bônus)
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔥1
🔪 Slice For Life - Part 2 🔪
‼️ Looks like Instructure made payment to ShinyHunters
I mean I get it. I have always been the type of person who thinks if its in your best interest to make a ransom payment that one should probably be made. There will always be doubt whether Shiny actually deleted that data or is keeping it as a trophy. Edit: Just my thoughts/opinion.
❤5
‼️ Nightmare-Eclipse has just released two new GitHub repositories... Same user behind RedSun, UnDefend, BlueHammer
YellowKey: Bitlocker Bypass Vulnerability
https://github.com/Nightmare-Eclipse/YellowKey
GreenPlasma: Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability
https://github.com/Nightmare-Eclipse/GreenPlasma
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
YellowKey: Bitlocker Bypass Vulnerability
https://github.com/Nightmare-Eclipse/YellowKey
GreenPlasma: Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability
https://github.com/Nightmare-Eclipse/GreenPlasma
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔥3