‼️🇫🇷 Collège de France allegedly breached: 1.6K records leaked from the historic French higher education and research institution

A threat actor claims to have leaked the database of collège-de-france.fr and scripta.college-de-france.fr, allegedly exposing internal staff and institutional records belonging to the prestigious French higher education and research institution. The actor states the archive contains JSON and PDF files related to the organization, including employee directory information and internal institutional data.

▸ Actor: ChimeraZ
▸ Sector: Education / Research
▸ Type: Data Leak
▸ Records: 1,600+ records
▸ Country: France
▸ Date: 14/05/2026

Compromised data:

▪️ Staff and institutional database records allegedly extracted from collège-de-france.fr and scripta.college-de-france.fr
▪️ Employee information including full names, corporate email addresses, office phone numbers, institute affiliations, and department assignments
▪️ Internal directory data containing building references, office locations, floor and room identifiers
▪️ Institute and research division references including physics, chemistry, and materials research departments
▪️ Profile photo references and internal file paths linked to staff directory systems
▪️ JSON and PDF archives allegedly containing institutional and employee-related records

The actor claims the leaked archive size is approximately 835 MB and distributed through multiple file-sharing platforms.

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇧🇷 Nuvidio allegedly breached: 40K files including KYC records, biometrics, private keys, customer video calls, and cloud infrastructure data exposed

A threat actor claims to have breached Nuvidio, a Brazilian identity verification and biometric onboarding provider used by financial institutions and fintech companies for KYC, video verification, and fraud prevention services.

The actor alleges the dataset contains approximately 40,000 files totaling 6.3 GB, including identity documents, customer biometric recordings, production credentials, private keys, AWS infrastructure data, and internal monitoring systems.

▸ Actor: xpI0itrs
▸ Sector: Identity Verification / Fintech / Biometrics
▸ Type: Data Breach
▸ Records: 40,000+ files
▸ Country: Brazil
▸ Date: 14/05/2026

Compromised data:

▪️ Production credentials for major services including MongoDB, PostgreSQL, AWS IAM, Twilio, Redis, RabbitMQ, OpenSearch, and Microsoft Cognitive Services
▪️ 192 Brazilian citizen identity document records including RG and CNH scans with CPF-linked filenames, photographs, fingerprints, addresses, and birth dates
▪️ Approximately 3.1 GB of customer video call recordings involving KYC verification and financial onboarding sessions
▪️ Voice biometric and speaker diarization audio files allegedly linked to customer verification systems
▪️ SSL and mTLS private keys with references to Banco Pan internal API authentication infrastructure
▪️ Complete AWS infrastructure mapping data including Terraform state files, CloudFormation templates, CloudTrail logs, VPC flow logs, ECS cluster schedules, Lambda configurations, and environment variables
▪️ Grafana backups containing employee account information and encrypted CloudWatch credentials
▪️ User-uploaded customer chat files and identity verification attachments allegedly shared during onboarding sessions
▪️ Web application source code, frontend builds, and source maps allegedly usable for reverse engineering and exploitation

Affected organizations and referenced clients allegedly include Banco Pan, BMG Money, Bradesco, Banco Mercantil, Ailos, iCred, Pipe, Claro, C6 Bank, Caixa, Agibank, Equatorial, and others.

The actor is offering the dataset for sale at $12,000 and claims the exposed material spans records dated between 2021 and May 2025.

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇻🇪 CANTV ABA Ultra allegedly breached: 7.5K subscriber records and 4K OLT/GPON network device records exposed from Venezuelan fiber broadband infrastructure

A threat actor claims to have compromised a UISP Ubiquiti administration panel linked to CANTV ABA Ultra, the fiber broadband service operated by Compañía Anónima Nacional Teléfonos de Venezuela (CANTV). The actor alleges the breach exposed personal subscriber data, financial records, and detailed GPON/OLT network device inventory information across Eastern Venezuela.

▸ Actor: GordonFreeman
▸ Sector: Telecommunications / Fiber Broadband / GPON Infrastructure
▸ Type: Data Breach
▸ Records: 7,500 subscriber records and 4,000 network device records
▸ Country: Venezuela
▸ Date: 14/05/2026

Compromised data:

▪️ Subscriber records allegedly including customer names, emails, phone numbers, addresses, user IDs, registration dates, customer type, service plans, pricing, account status, and banking-related fields
▪️ CANTV ABA Ultra fiber broadband customer data tied to residential service deployments in Eastern Venezuela
▪️ ONT/customer equipment references including MAC ONT values, plan details, service status, and geographic coordinates
▪️ OLT/GPON network device records allegedly including MAC addresses, hostnames, serial numbers, firmware versions, bridge versions, device models, vendor details, and platform identifiers
▪️ Network topology metadata including site IDs, parent relationships, device roles, uplink devices, interface references, authorization status, and operational state
▪️ Infrastructure monitoring data including CPU, RAM, signal levels, uptime, service time, outage scores, voltage, power status, temperature, battery capacity, and maintenance flags
▪️ Location-related infrastructure records allegedly including latitude, longitude, elevation, heading, and node placement metadata

The actor claims the exposed data maps thousands of CANTV ABA Ultra subscribers and GPON/OLT infrastructure assets across the affected region.

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇺🇸⚡️ Lightning AI allegedly breached: internal codebase and project files exposed from the creators of PyTorch Lightning

A threat actor claims to have leaked internal data belonging to Lightning AI, the company behind PyTorch Lightning. The actor alleges the exposed material includes internal repositories, application code, private project directories, development resources, and additional files tied to Lightning AI’s engineering environment.

▸ Actor: diencracked
▸ Sector: Artificial Intelligence / Software Development
▸ Type: Data Leak
▸ Records: 1,360 directories and 10,239 files
▸ Country: United States
▸ Date: 14/05/2026

Compromised data:

▪️ Internal source code and repository directories allegedly linked to Lightning AI projects
▪️ Private application and platform code related to Lightning AI services
▪️ Development resources including plugins, templates, extensions, benchmarks, and deployment materials
▪️ Internal project folders referencing CI/CD, customer issue tracking, cloud workflows, and engineering tooling
▪️ Archived data samples showing directory listings and file counts
▪️ Additional hidden data allegedly shared through restricted forum content

The actor references a prior PyPI credential compromise involving PyTorch Lightning and claims the leaked material includes internal codebase files and extra data obtained from Lightning AI systems.

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations