‼️🇻🇪 Consorcio Credicard allegedly breached: 5,000,000+ records exposed from the Venezuelan credit card processing consortium

A threat actor is offering a 5,000,000+ record database from Consorcio Credicard, a Venezuelan credit card processing consortium headquartered in Caracas, founded in 1988, with approximately 1,000+ employees, supporting Visa, Mastercard, and American Express transactions across Venezuela. The leak reportedly includes user accounts, business records, and customer profiles tied to Venezuelan citizens and merchants.

▸ Actor: MDGhost (The BlackH4t MD-Ghost)
▸ Sector: Financial Services / Payment Processing
▸ Type: Data Sale
▸ Records: 5,000,000+
▸ Country: Venezuela
▸ Date: 11/05/2026

Compromised data:
▪️ User ID, email, account attributes, status flags
▪️ Created by, last modified by, creation date, last modification date, last login
▪️ DNI (Venezuelan national ID), full name (first and last)
▪️ Phone numbers (home and mobile)
▪️ Full street address (street, number, parroquia, municipio, estado)
▪️ Account numbers tied to financial accounts
▪️ Nationality, occupation, civil status
▪️ Business records including bank ID, gestión, apartir_venta, planilla_affi, vta_c_autorizacion, corrective, instalacion flags
▪️ Mercantile registry information (RIF, business name, registry details)
▪️ Customer profile records with primary and secondary email addresses
▪️ Linked forms, profile IDs, and terms/conditions acceptance data
▪️ Document references (REGISTRO MERCANTIL entries)

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

📢 Breached announces Partnership Program launch with tiered benefits and IntelVault integration

The owner of Breached has announced the launch of an official Partnership Program. The program offers benefits including discounts on rank upgrades and forum purchases, early access to new features, and integration with IntelVault, a breach data search engine offering API access to forum partners.

▸ Actor: [Owner] diencracked
▸ Sector: Cybercrime Forum / Partnership Program
▸ Type: Forum Announcement
▸ Country: N/A
▸ Date: 11/05/2026

Program details:

▪️ Anyone who previously had ads or was working with the forum is automatically considered de-facto in the program
▪️ New members must apply through the official application page
▪️ Partners receive discounts on rank upgrades and forum purchases
▪️ Partners get early access to new forum features
▪️ IntelVault API integration available for partners with their own API or source code
▪️ All BreachForums members receive 5 free IntelVault searches
▪️ Current featured partners include IntelVault (Platinum), PureDrop (Gold), SSNG OSINT (Gold), and vShield (Gold)
▪️ More announcements stated to be coming soon

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇫🇷 Mistral AI allegedly breached: ~5GB of internal source code and ~450 private repositories exposed from the French AI company by TeamPCP

A threat group is selling approximately 5GB of internal repositories and source code allegedly belonging to Mistral AI and Mistral Solutions, covering training, fine-tuning, benchmarking, dashboard/platform, model delivery and inference, experiments, and future projects.

The actor is demanding a $25,000 BIN, stating they will shred the data permanently and sell to one buyer only, and threatening to leak all ~450 repositories for free to the forums within a week if no buyer is found.

▸ Actor: TeamPCP
▸ Sector: Artificial Intelligence / Source Code
▸ Type: Data Sale (with leak threat)
▸ Records: ~450 internal repositories, ~5GB total
▸ Country: France
▸ Date: 11/05/2026

Compromised data:

▪️ mistral-inference-internal.tar.gz
▪️ mistral-inference-private.tar.gz
▪️ mistral-lawyer-internal.tar.gz
▪️ mistral_finance_agent.tar.gz
▪️ mistral-compute-poc.tar.gz
▪️ mistral-fabric.tar.gz
▪️ finetuning-feedback.tar.gz
▪️ mistral-finetune-internal.tar.gz
▪️ cma-customer-care-internal.tar.gz
▪️ mistral-common-internal.tar.gz
▪️ chatbot-security-evaluation.tar.gz
▪️ kyc-doc-agent.tar.gz
▪️ dashboard.tar.gz
▪️ devstral-cloud.tar.gz
▪️ finance.tar.gz
▪️ typhoon.tar.gz
▪️ turbine.tar.gz
▪️ mistral-surge.tar.gz
▪️ mistral-solutions.tar.gz
▪️ surge-validators.tar.gz
▪️ website-v3.tar.gz
▪️ xformers.tar.gz
▪️ piper-segmentation.tar.gz
▪️ pfizer-rfp-2025.tar.gz
▪️ Internal repositories tied to model training, fine-tuning, benchmarking, dashboard and platform code, model delivery and inference systems, experiments, and future project work

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

📢 Breached and TeamPCP announce supply chain attack competition with $1,000 USD prize and open-sourced Shai Hulud worm

The owner of Breached has announced a joint competition with TeamPCP offering $1,000 USD in XMR to whoever conducts the biggest supply chain attack.

As part of the announcement, TeamPCP's Shai Hulud worm has been open-sourced and hosted on the Breached CDN (also published yesterday on GitHub), with participants required to use the worm in their attacks. Winners are determined by total weekly and monthly download counts of compromised packages, with smaller package compromises added together to count toward the total.

▸ Actor: [Owner] diencracked in collaboration with TeamPCP
▸ Sector: Cybercrime Forum / Supply Chain Attack Tooling
▸ Type: Attack Competition Announcement / Tool Release
▸ Prize: $1,000 USD (XMR only)
▸ Country: N/A
▸ Date: 11/05/2026

Competition details:

▪️ First-ever supply chain attack competition hosted on BreachForums
▪️ TeamPCP's Shai Hulud worm released as open source and hosted on the Breached CDN
▪️ Raw download link also provided for the worm
▪️ Participants must use the Shai Hulud worm in their attack
▪️ Submissions must include the participant's forum handle, preferably linked to their Breached profile
▪️ Reasonable proof of access must be submitted alongside the entry
▪️ Winner determined by the largest supply chain attack measured by weekly and monthly package downloads
▪️ Compromises of multiple small packages are aggregated toward the total
▪️ Prize paid by diencracked in XMR

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🌐 District Health Information Software (DHIS2) allegedly breached: access shared to national health systems across more than 30 countries serving 3.2 billion people

A threat actor is sharing access touching the District Health Information Software (DHIS2) instances of more than 30 national ministries of health.

DHIS2 is the world's largest open-source health management information system (HMIS) platform, used by over 75 countries to manage data for 3.2 billion people, supporting national health information systems, disease surveillance, vaccine tracking, and supply logistics.

The actor states the affected systems are the main administrative data of record for monitoring public health services, tracking case-based epidemics, outbreak responses, and immunization programs, and include WHO-configured metadata packages for HIV, TB, and Malaria.

▸ Actor: Keymous
▸ Sector: Government / Public Health Information Systems
▸ Type: Access / Data Breach
▸ Records: National HMIS platforms covering more than 30 countries
▸ Countries: Burundi, Eritrea, Ethiopia, Kenya, Rwanda, Tanzania, Uganda, Zambia, Zanzibar, Benin, Burkina Faso, Ghana, Guinea, Liberia, Mali, Mauritania, Niger, Nigeria, Senegal, Sierra Leone, Cameroon, Chad, Equatorial Guinea, Botswana, Eswatini, Lesotho, Madagascar, Malawi, Mauritius, Mozambique, Namibia, Bangladesh, Bhutan, Nepal, Sri Lanka, Cambodia, Myanmar, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama (additionally listed as under check: Morocco, Iraq, Lebanon)

Compromised data:

▪️ Main administrative data of record for national public health services
▪️ Case-based epidemic monitoring and outbreak response data
▪️ Immunization program data
▪️ WHO-configured metadata packages for HIV
▪️ WHO-configured metadata packages for TB (Tuberculosis)
▪️ WHO-configured metadata packages for Malaria
▪️ Disease surveillance feeds
▪️ Vaccine tracking data
▪️ Supply logistics records
▪️ Access touching the ministries of health for Honduras, Bhutan, Mozambique, Sierra Leone, Liberia, Nigeria, and other countries listed above

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇫🇷 Thales Group allegedly breached: 6,400 user records exposed from the French defense, aerospace, and digital identity multinational

A threat actor is leaking a database described as belonging to Thales Group, the French multinational covering defense, aerospace, space, transport, and digital identity and security. The dataset is published as an 85 MB JSON file containing 6,400 records with entitlements including SIGNER, WATCHER, and GDPR roles.

▸ Actor: ChimeraZ
▸ Sector: Defense / Aerospace / Digital Identity and Security
▸ Type: Data Leak
▸ Format: JSON (85 MB)
▸ Records: 6,400
▸ Country: France (sample tenant LuxTrust based in Luxembourg)
▸ Date: 12/05/2026

Compromised data:
▪️ User ID
▪️ Tenant ID and tenant name (e.g., LuxTrust)
▪️ Entitlement names (SIGNER, WATCHER, GDPR)
▪️ Directory alias and directories list (default-directory, external-people)
▪️ Enrolled flag
▪️ Account status (ENABLED)
▪️ Circle, circle modifiable, and circle reentrant flags
▪️ Placeholder flag
▪️ User ID and email address
▪️ First name (firstName) and last name (lastName)
▪️ Phone number
▪️ Organisation details (organisationId, businessId, name)
▪️ Attributes and attributesV2 fields (key, value, type, readOnly, hidden)
▪️ Locale code (e.g., FR)
▪️ Format, creator, circleScope, circleTargetId
▪️ Authentication provider codes (authProviderCodes)
▪️ Outer ID

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations