A company that has an API subscription requested a specific forum to be scraped that is Tor only. I'm testing that functionality now with another forum. Assuming everything works properly I will be onboarding Tor only forums starting next week. Thought I would share.
β€1π₯1
βΌοΈ DOJ Press Release
βββββββββββββββββββββ
Georgia Woman Who Faked Identity of Pregnant Teen to Target Adoptive Parents Sentenced on Cyberstalking and Threat Offenses
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
βββββββββββββββββββββ
Georgia Woman Who Faked Identity of Pregnant Teen to Target Adoptive Parents Sentenced on Cyberstalking and Threat Offenses
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
www.justice.gov
Georgia Woman Who Faked Identity of Pregnant Teen to Target Adoptive
A Georgia woman was sentenced today to 20 months in prison and three years of supervised release for cyberstalking, transmitting threats to kidnap or injure in interstate commerce and identity theft.
βΌοΈ@TheGentlemen26 The Gentlemen are allegedly recruiting affiliates: ransomware-as-a-service program and locker tooling advertised on underground forum
A threat actor claims to be promoting The Gentlemenβs RaaS, a ransomware affiliate program targeting access brokers, pentesters, and criminal operators. The post advertises affiliate revenue sharing, victim negotiation control, locker and decryptor tooling, and cross-platform support for enterprise environments.
βΈ Actor: hastalamuerte
βΈ Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
βΈ Type: RaaS Advertisement
βΈ Records: Not applicable
βΈ Country: Unknown / Global
βΈ Date: 15/05/2026
Advertised capabilities:
βͺοΈ Ransomware affiliate program allegedly offering revenue sharing and victim negotiation control
βͺοΈ Locker and decryptor tooling promoted for Windows, Linux, NAS, BSD, and ESXi environments
βͺοΈ Cross-platform support for enterprise and virtualized infrastructure
βͺοΈ Features marketed around selective encryption, network targeting, and automated operation
βͺοΈ Affiliate access requirements involving prepared target data or deposits
βͺοΈ Additional tooling references including EDR-related components, builder access, and multichain pivot support
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be promoting The Gentlemenβs RaaS, a ransomware affiliate program targeting access brokers, pentesters, and criminal operators. The post advertises affiliate revenue sharing, victim negotiation control, locker and decryptor tooling, and cross-platform support for enterprise environments.
βΈ Actor: hastalamuerte
βΈ Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
βΈ Type: RaaS Advertisement
βΈ Records: Not applicable
βΈ Country: Unknown / Global
βΈ Date: 15/05/2026
Advertised capabilities:
βͺοΈ Ransomware affiliate program allegedly offering revenue sharing and victim negotiation control
βͺοΈ Locker and decryptor tooling promoted for Windows, Linux, NAS, BSD, and ESXi environments
βͺοΈ Cross-platform support for enterprise and virtualized infrastructure
βͺοΈ Features marketed around selective encryption, network targeting, and automated operation
βͺοΈ Affiliate access requirements involving prepared target data or deposits
βͺοΈ Additional tooling references including EDR-related components, builder access, and multichain pivot support
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπΊπΈ Grafana has been claimed a victim to Coinbasecartel
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
πͺ Slice For Life - Part 2 πͺ
βΌοΈπΊπΈ Eli Lilly allegedly breached: 1.2K internal repositories and 40GB of Veeva Vault documents exposed from drug development and clinical trial systems up for sale for $70K A threat actor claims to have obtained internal codebases belonging to Eli Lillyβ¦
βΌοΈπΊπΈ Offers for the Eli Lilly data are being considered...
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπ»πͺ Movistar Venezuela allegedly breached: 4.15M customer phone records exposed from 2026 telecom database
A threat actor claims to have breached Movistar Venezuela, a major Venezuelan telecommunications provider operated by TelefΓ³nica. The actor alleges the exposed dataset contains 4.15 million current phone number records from 2026, including subscriber identifiers, account details, geographic area data, lifecycle status, payment method, and product line information.
βΈ Actor: GordonFreeman
βΈ Sector: Telecommunications / Mobile Network Operator
βΈ Type: Database Leak
βΈ Records: 4.15 million customer records
βΈ Country: Venezuela
βΈ Date: 15/05/2026
Compromised data:
βͺοΈ Customer phone number records allegedly linked to Movistar Venezuela
βͺοΈ Subscriber ID and account number fields
βͺοΈ Billing account number records
βͺοΈ Customer names and identity number fields
βͺοΈ Geographic area and service region data
βͺοΈ Lifecycle status and product line information
βͺοΈ Payment method fields tied to subscriber accounts
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have breached Movistar Venezuela, a major Venezuelan telecommunications provider operated by TelefΓ³nica. The actor alleges the exposed dataset contains 4.15 million current phone number records from 2026, including subscriber identifiers, account details, geographic area data, lifecycle status, payment method, and product line information.
βΈ Actor: GordonFreeman
βΈ Sector: Telecommunications / Mobile Network Operator
βΈ Type: Database Leak
βΈ Records: 4.15 million customer records
βΈ Country: Venezuela
βΈ Date: 15/05/2026
Compromised data:
βͺοΈ Customer phone number records allegedly linked to Movistar Venezuela
βͺοΈ Subscriber ID and account number fields
βͺοΈ Billing account number records
βͺοΈ Customer names and identity number fields
βͺοΈ Geographic area and service region data
βͺοΈ Lifecycle status and product line information
βͺοΈ Payment method fields tied to subscriber accounts
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Media is too big
VIEW IN TELEGRAM
Play the Barcoder
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
This media is not supported in your browser
VIEW IN TELEGRAM
βΌοΈ CVE-2026-34621: Adobe Acrobat 2026 Prototype Pollution & JS Injection Chain
GitHub: https://github.com/azefzafyoussef/CVE-2026-34621
Write-up: https://youssefazefzaf.com/posts/research-CVE-2026-34621
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub: https://github.com/azefzafyoussef/CVE-2026-34621
Write-up: https://youssefazefzaf.com/posts/research-CVE-2026-34621
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈTeamPCP announces forum co-ownership: platform operations, partnerships, moderation, and resource quality responsibilities outlined
TeamPCP announced its new role as co-owners of the Breached forum platform, stating the team will help manage staffing, partnerships, community decisions, moderation, escrow services, and premium resource access. The post frames the role as focused on platform reliability, community growth, verified content, and maintaining forum standards.
βΈ Actor: TeamPCP
βΈ Sector: Cybercrime Forum / Community Operations
βΈ Type: Forum Announcement
βΈ Date: 15/05/2026
Key points:
βͺοΈ TeamPCP announced a co-ownership role within the Breached forum platform
βͺοΈ Responsibilities include infrastructure uptime, staff management, moderation, and dispute handling
βͺοΈ Community growth plans include onboarding partners and expanding access to premium resources
βͺοΈ Resource quality efforts include verifying shared databases and tools
βͺοΈ Low-quality, fake, or malicious content is described as subject to removal
βͺοΈ Members who provide verified material may be rewarded by the platform
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
TeamPCP announced its new role as co-owners of the Breached forum platform, stating the team will help manage staffing, partnerships, community decisions, moderation, escrow services, and premium resource access. The post frames the role as focused on platform reliability, community growth, verified content, and maintaining forum standards.
βΈ Actor: TeamPCP
βΈ Sector: Cybercrime Forum / Community Operations
βΈ Type: Forum Announcement
βΈ Date: 15/05/2026
Key points:
βͺοΈ TeamPCP announced a co-ownership role within the Breached forum platform
βͺοΈ Responsibilities include infrastructure uptime, staff management, moderation, and dispute handling
βͺοΈ Community growth plans include onboarding partners and expanding access to premium resources
βͺοΈ Resource quality efforts include verifying shared databases and tools
βͺοΈ Low-quality, fake, or malicious content is described as subject to removal
βͺοΈ Members who provide verified material may be rewarded by the platform
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
On Monday, at some point, I will be increasing the rate limit to the API and the accounts who currently have the default limit.
This only applies to the daily request limit. I will update on Monday as to the new request count.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
This only applies to the daily request limit. I will update on Monday as to the new request count.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
πͺ Slice For Life - Part 2 πͺ
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
βΌοΈπ²π½ Acapulco City Government allegedly breached: 97K+ license records exposed from municipal permit data
A threat actor claims to have leaked license records linked to the Acapulco City Government in Mexico. The actor alleges the exposed dataset contains more than 97,000 license records totaling approximately 28GB, including CURP identifiers, photographs, fingerprints, and additional municipal licensing data.
βΈ Actor: homie157
βΈ Sector: Government / Municipal Services
βΈ Type: Database Leak
βΈ Records: 97,000+ license records
βΈ Country: Mexico
βΈ Date: 15/05/2026
Compromised data:
βͺοΈ Municipal license records allegedly linked to Acapulco City Government systems
βͺοΈ CURP-related identity fields
βͺοΈ Photograph records tied to license entries
βͺοΈ Fingerprint image or biometric-related data
βͺοΈ Additional license holder information
βͺοΈ High-volume archive allegedly containing recent and high-quality Acapulco licensing records
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked license records linked to the Acapulco City Government in Mexico. The actor alleges the exposed dataset contains more than 97,000 license records totaling approximately 28GB, including CURP identifiers, photographs, fingerprints, and additional municipal licensing data.
βΈ Actor: homie157
βΈ Sector: Government / Municipal Services
βΈ Type: Database Leak
βΈ Records: 97,000+ license records
βΈ Country: Mexico
βΈ Date: 15/05/2026
Compromised data:
βͺοΈ Municipal license records allegedly linked to Acapulco City Government systems
βͺοΈ CURP-related identity fields
βͺοΈ Photograph records tied to license entries
βͺοΈ Fingerprint image or biometric-related data
βͺοΈ Additional license holder information
βͺοΈ High-volume archive allegedly containing recent and high-quality Acapulco licensing records
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπΊπΈ Stansberry Research allegedly breached: 1.17M customer records exposed from investment research subscriber database
A threat actor claims to have leaked a database linked to Stansberry Research, a U.S.-based financial publishing and investment research company. The actor alleges the exposed dataset contains approximately 1,179,000 lines of customer and subscriber records, including contact information, account-related fields, and platform metadata.
βΈ Actor: STOMP2
βΈ Sector: Financial Publishing / Investment Research
βΈ Type: Database Leak
βΈ Records: 1,179,000 lines
βΈ Country: United States
βΈ Date: 16/05/2026
Compromised data:
βͺοΈ Customer and subscriber records allegedly linked to Stansberry Research
βͺοΈ Email address fields and contact information
βͺοΈ Names and profile-related identifiers
βͺοΈ Phone number fields where available
βͺοΈ Address records including city, state, country, and postal code fields
βͺοΈ Account and platform metadata including user IDs, creation dates, and related service identifiers
βͺοΈ Deposit or subscription-related metadata referenced in sample records
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database linked to Stansberry Research, a U.S.-based financial publishing and investment research company. The actor alleges the exposed dataset contains approximately 1,179,000 lines of customer and subscriber records, including contact information, account-related fields, and platform metadata.
βΈ Actor: STOMP2
βΈ Sector: Financial Publishing / Investment Research
βΈ Type: Database Leak
βΈ Records: 1,179,000 lines
βΈ Country: United States
βΈ Date: 16/05/2026
Compromised data:
βͺοΈ Customer and subscriber records allegedly linked to Stansberry Research
βͺοΈ Email address fields and contact information
βͺοΈ Names and profile-related identifiers
βͺοΈ Phone number fields where available
βͺοΈ Address records including city, state, country, and postal code fields
βͺοΈ Account and platform metadata including user IDs, creation dates, and related service identifiers
βͺοΈ Deposit or subscription-related metadata referenced in sample records
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨π΅π° University of Agriculture Pakistan staff database allegedly leaked
A threat actor claims to have leaked a staff database tied to the University of Agriculture Pakistan, with a second part allegedly planned to include student information in the same format.
ββββββββββββββββββββ
Target: University of Agriculture Pakistan
Sector: Education / Higher Education
Incident: Database Leak
Exposure: Staff database records
Actor: FlipperOne
Country: Pakistan
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Staff identity and profile fields
βͺοΈ Names, gender, and address-related data
βͺοΈ Phone, mobile, and fax number fields
βͺοΈ Primary and secondary email addresses
βͺοΈ Qualification, specialization, and designation details
βͺοΈ Administrative and research role information
βͺοΈ Job status, department, and faculty identifiers
βͺοΈ Social/profile links, profile photos, resumes, and related staff records
Potential impact:
The exposed data could be used for phishing, impersonation, credential-targeting, and social engineering against university staff and departments.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a staff database tied to the University of Agriculture Pakistan, with a second part allegedly planned to include student information in the same format.
ββββββββββββββββββββ
Target: University of Agriculture Pakistan
Sector: Education / Higher Education
Incident: Database Leak
Exposure: Staff database records
Actor: FlipperOne
Country: Pakistan
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Staff identity and profile fields
βͺοΈ Names, gender, and address-related data
βͺοΈ Phone, mobile, and fax number fields
βͺοΈ Primary and secondary email addresses
βͺοΈ Qualification, specialization, and designation details
βͺοΈ Administrative and research role information
βͺοΈ Job status, department, and faculty identifiers
βͺοΈ Social/profile links, profile photos, resumes, and related staff records
Potential impact:
The exposed data could be used for phishing, impersonation, credential-targeting, and social engineering against university staff and departments.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨πΊπΈ IRS tax payment scam page advertised on underground forum
A threat actor is advertising an IRS-themed tax payment scam page, claiming it can collect personal and payment information from victims through a fraudulent form.
ββββββββββββββββββββ
Target Theme: IRS Tax Payment
Sector: Government Impersonation / Financial Fraud
Incident: Scam Kit Advertisement
Exposure: Personal and payment data collection
Actor: tgov02
Country: United States
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly collected:
βͺοΈ Full names and residential address details
βͺοΈ City, state, and ZIP code fields
βͺοΈ Phone numbers and email addresses
βͺοΈ Date of birth fields
βͺοΈ Social Security number fields
βͺοΈ Cardholder and payment card details
βͺοΈ Expiration date and security code fields
Potential impact:
The scam page could be used for identity theft, payment card fraud, tax-related impersonation, and financial phishing against U.S. victims.
Status:
Underground forum advertisement. The actor posted a sample attachment showing an IRS-themed payment assistant page and requested direct contact from interested buyers.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising an IRS-themed tax payment scam page, claiming it can collect personal and payment information from victims through a fraudulent form.
ββββββββββββββββββββ
Target Theme: IRS Tax Payment
Sector: Government Impersonation / Financial Fraud
Incident: Scam Kit Advertisement
Exposure: Personal and payment data collection
Actor: tgov02
Country: United States
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly collected:
βͺοΈ Full names and residential address details
βͺοΈ City, state, and ZIP code fields
βͺοΈ Phone numbers and email addresses
βͺοΈ Date of birth fields
βͺοΈ Social Security number fields
βͺοΈ Cardholder and payment card details
βͺοΈ Expiration date and security code fields
Potential impact:
The scam page could be used for identity theft, payment card fraud, tax-related impersonation, and financial phishing against U.S. victims.
Status:
Underground forum advertisement. The actor posted a sample attachment showing an IRS-themed payment assistant page and requested direct contact from interested buyers.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨π«π· Belambra allegedly breached: 402K reservation and customer records exposed from French holiday club database
A threat actor claims to have leaked a database tied to Belambra, a French holiday clubs and hotels network specializing in vacation stays for families, couples, and groups.
ββββββββββββββββββββ
Target: Belambra
Sector: Hospitality / Travel / Holiday Clubs
Incident: Database Leak
Exposure: 402K records
Actor: ChimeraZ
Country: France
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Reservation records linked to Belambra holiday bookings
βͺοΈ Guest names and contact email fields
βͺοΈ Booking references and reservation IDs
βͺοΈ Site and destination information
βͺοΈ Arrival and departure dates
βͺοΈ Adult and children count fields
βͺοΈ User account and client profile metadata
βͺοΈ Restaurant booking and special-count fields
Potential impact:
The exposed data could be used for targeted phishing, booking impersonation, travel fraud, customer scams, and social engineering against Belambra guests and account holders.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes reservation, client, and children-related datasets.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to Belambra, a French holiday clubs and hotels network specializing in vacation stays for families, couples, and groups.
ββββββββββββββββββββ
Target: Belambra
Sector: Hospitality / Travel / Holiday Clubs
Incident: Database Leak
Exposure: 402K records
Actor: ChimeraZ
Country: France
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Reservation records linked to Belambra holiday bookings
βͺοΈ Guest names and contact email fields
βͺοΈ Booking references and reservation IDs
βͺοΈ Site and destination information
βͺοΈ Arrival and departure dates
βͺοΈ Adult and children count fields
βͺοΈ User account and client profile metadata
βͺοΈ Restaurant booking and special-count fields
Potential impact:
The exposed data could be used for targeted phishing, booking impersonation, travel fraud, customer scams, and social engineering against Belambra guests and account holders.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes reservation, client, and children-related datasets.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations