๐จ๐ฉ๐ฟ University of Guelma allegedly breached: seminar management system compromised and user data exposed
A threat actor claims to have compromised the seminar management application hosted by the University of Guelma, an Algerian public university platform used for seminar-related registration and management.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Guelma
Sector: Education / Higher Education
Incident: Data Breach
Exposure: Seminar system database
Actor: govmaroc
Country: Algeria
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Seminar management system database access
โช๏ธ User credential and account-related records
โช๏ธ Personal information tied to seminar users
โช๏ธ Seminar registration and participation details
โช๏ธ Backend database content allegedly accessed through the application
โช๏ธ Administrative system integrity concerns
โช๏ธ University-hosted application data linked to the seminar platform
Potential impact:
The exposed data could be used for phishing, account takeover attempts, impersonation, credential targeting, and further social engineering against students, staff, and seminar participants.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have compromised the seminar management application hosted by the University of Guelma, an Algerian public university platform used for seminar-related registration and management.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Guelma
Sector: Education / Higher Education
Incident: Data Breach
Exposure: Seminar system database
Actor: govmaroc
Country: Algeria
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Seminar management system database access
โช๏ธ User credential and account-related records
โช๏ธ Personal information tied to seminar users
โช๏ธ Seminar registration and participation details
โช๏ธ Backend database content allegedly accessed through the application
โช๏ธ Administrative system integrity concerns
โช๏ธ University-hosted application data linked to the seminar platform
Potential impact:
The exposed data could be used for phishing, account takeover attempts, impersonation, credential targeting, and further social engineering against students, staff, and seminar participants.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฎ๐ฉ Indonesian National Armed Forces allegedly breached: 14K military officer records leaked from TNI database
A threat actor claims to have leaked a database tied to the Indonesian National Armed Forces, also known as Tentara Nasional Indonesia (TNI), allegedly exposing personnel and service-related records for military officers.
โโโโโโโโโโโโโโโโโโโโ
Target: Indonesian National Armed Forces
Sector: Military / Government / Defense
Incident: Database Leak
Exposure: 14K rows
Actor: mosad
Country: Indonesia
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Military officer records allegedly linked to TNI systems
โช๏ธ Full names and military identification number fields
โช๏ธ Rank, corps/branch, unit, and job title information
โช๏ธ Date of birth, age, gender, and religion fields
โช๏ธ Current position assignment and rank promotion dates
โช๏ธ Military education and training classification fields
โช๏ธ Employment status, office address, and home address fields
โช๏ธ Phone number fields tied to personnel records
Potential impact:
The exposed data could create serious operational security, impersonation, phishing, social engineering, and personnel privacy risks for military officers and defense-related institutions.
Status:
Unverified underground forum claim. The actor posted a field breakdown and sample reference, with download links shared through external channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to the Indonesian National Armed Forces, also known as Tentara Nasional Indonesia (TNI), allegedly exposing personnel and service-related records for military officers.
โโโโโโโโโโโโโโโโโโโโ
Target: Indonesian National Armed Forces
Sector: Military / Government / Defense
Incident: Database Leak
Exposure: 14K rows
Actor: mosad
Country: Indonesia
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Military officer records allegedly linked to TNI systems
โช๏ธ Full names and military identification number fields
โช๏ธ Rank, corps/branch, unit, and job title information
โช๏ธ Date of birth, age, gender, and religion fields
โช๏ธ Current position assignment and rank promotion dates
โช๏ธ Military education and training classification fields
โช๏ธ Employment status, office address, and home address fields
โช๏ธ Phone number fields tied to personnel records
Potential impact:
The exposed data could create serious operational security, impersonation, phishing, social engineering, and personnel privacy risks for military officers and defense-related institutions.
Status:
Unverified underground forum claim. The actor posted a field breakdown and sample reference, with download links shared through external channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1
๐ช Slice For Life - Part 2 ๐ช
๐จ๐ซ๐ท Gรฎtes de France allegedly breached: 389K guest and booking records exposed from French holiday rental database A threat actor claims to have leaked a database tied to Gรฎtes de France, a French holiday rental network specializing in countryside stays,โฆ
Gรฎtes de France has confirmed a security incident.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จX-HAVEN exploit service advertised: silent document payload execution tool promoted on underground forum
A threat actor is advertising X-HAVEN, a malicious exploit service claiming to support silent payload execution through weaponized document formats.
โโโโโโโโโโโโโโโโโโโโ
Service: X-HAVEN
Sector: Malware / Exploit Sales / Cybercrime Infrastructure
Incident: Exploit Service Advertisement
Exposure: DOC, XLS, and PDF payload delivery
Actor: TheStrain
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Silent document-based payload execution
โช๏ธ Claimed Microsoft Office compatibility across multiple versions
โช๏ธ Antivirus and Windows Defender bypass claims
โช๏ธ Direct attachment delivery for email-based campaigns
โช๏ธ Payload support for multiple executable and script formats
Potential impact:
The advertised service could enable malware delivery, phishing campaigns, credential theft, unauthorized access, and compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The seller posted promotional material describing exploit capabilities, payment terms, and support channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising X-HAVEN, a malicious exploit service claiming to support silent payload execution through weaponized document formats.
โโโโโโโโโโโโโโโโโโโโ
Service: X-HAVEN
Sector: Malware / Exploit Sales / Cybercrime Infrastructure
Incident: Exploit Service Advertisement
Exposure: DOC, XLS, and PDF payload delivery
Actor: TheStrain
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Silent document-based payload execution
โช๏ธ Claimed Microsoft Office compatibility across multiple versions
โช๏ธ Antivirus and Windows Defender bypass claims
โช๏ธ Direct attachment delivery for email-based campaigns
โช๏ธ Payload support for multiple executable and script formats
Potential impact:
The advertised service could enable malware delivery, phishing campaigns, credential theft, unauthorized access, and compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The seller posted promotional material describing exploit capabilities, payment terms, and support channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐1
๐จ Domain and Telegram takedown service offered against fraudulent and illegal resources
๐ญ3
๐ช Slice For Life - Part 2 ๐ช
๐จ Domain and Telegram takedown service offered against fraudulent and illegal resources
Chat we are actually safe for once, allegedly.
๐2
๐จ๐ฐ๐ผ Kuwait Ministry of Electricity allegedly breached: employee database leaked from government ministry records
A threat actor claims to have leaked employee data tied to Kuwaitโs Ministry of Electricity, the government ministry responsible for electricity-related public services and infrastructure.
โโโโโโโโโโโโโโโโโโโโ
Target: Kuwait Ministry of Electricity
Sector: Government / Energy / Public Utilities
Incident: Database Leak
Exposure: Ministry employee records
Actor: Revesky
Country: Kuwait
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Employee records allegedly linked to Kuwaitโs Ministry of Electricity
โช๏ธ Full name fields
โช๏ธ Job status information
โช๏ธ Phone number fields
โช๏ธ Phone-related metadata
โช๏ธ Job location data
โช๏ธ Full dataset allegedly hidden behind forum access
Potential impact:
The exposed data could be used for phishing, impersonation, targeted social engineering, and fraud attempts against ministry employees and public-sector contacts.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked employee data tied to Kuwaitโs Ministry of Electricity, the government ministry responsible for electricity-related public services and infrastructure.
โโโโโโโโโโโโโโโโโโโโ
Target: Kuwait Ministry of Electricity
Sector: Government / Energy / Public Utilities
Incident: Database Leak
Exposure: Ministry employee records
Actor: Revesky
Country: Kuwait
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Employee records allegedly linked to Kuwaitโs Ministry of Electricity
โช๏ธ Full name fields
โช๏ธ Job status information
โช๏ธ Phone number fields
โช๏ธ Phone-related metadata
โช๏ธ Job location data
โช๏ธ Full dataset allegedly hidden behind forum access
Potential impact:
The exposed data could be used for phishing, impersonation, targeted social engineering, and fraud attempts against ministry employees and public-sector contacts.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท ARGUS Lookup allegedly advertised: French dataleak lookup, geolocation, and spyware-style intelligence platform promoted on underground forum
A threat actor is advertising ARGUS Lookup, a French-focused doxxing and spyware-style intelligence platform claiming to combine leaked databases, identity lookup, geolocation, facial recognition, and account correlation features.
โโโโโโโโโโโโโโโโโโโโ
Service: ARGUS Lookup
Sector: Doxxing Tools / Spyware / Cybercrime Intelligence
Incident: Spyware & Dataleak Service Advertisement
Exposure: French dataleak lookup and real-time geolocation tools
Actor: near2tlg
Country: France
Price: $400 for 7 days / $1,300 for 30 days / $3,500 lifetime
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ French dataleak lookup covering records from 2010โ2026
โช๏ธ Identity, contact, address, and account correlation features
โช๏ธ SS7 and HLR/VLR-style geolocation lookup claims
โช๏ธ Facial recognition and profile-matching capabilities
โช๏ธ Database access tied to financial, government, insurance, and telecom-style sources
โช๏ธ Stealer, URL password, and combo lookup/checking functionality
โช๏ธ Premium subscription tiers with cryptocurrency payment options
Potential impact:
The advertised service could enable doxxing, stalking, identity theft, SIM-swap targeting, phishing, financial fraud, and targeted surveillance against French individuals.
Status:
Underground forum advertisement. The actor posted a dashboard preview, listed claimed lookup capabilities, and included premium pricing tiers for access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising ARGUS Lookup, a French-focused doxxing and spyware-style intelligence platform claiming to combine leaked databases, identity lookup, geolocation, facial recognition, and account correlation features.
โโโโโโโโโโโโโโโโโโโโ
Service: ARGUS Lookup
Sector: Doxxing Tools / Spyware / Cybercrime Intelligence
Incident: Spyware & Dataleak Service Advertisement
Exposure: French dataleak lookup and real-time geolocation tools
Actor: near2tlg
Country: France
Price: $400 for 7 days / $1,300 for 30 days / $3,500 lifetime
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ French dataleak lookup covering records from 2010โ2026
โช๏ธ Identity, contact, address, and account correlation features
โช๏ธ SS7 and HLR/VLR-style geolocation lookup claims
โช๏ธ Facial recognition and profile-matching capabilities
โช๏ธ Database access tied to financial, government, insurance, and telecom-style sources
โช๏ธ Stealer, URL password, and combo lookup/checking functionality
โช๏ธ Premium subscription tiers with cryptocurrency payment options
Potential impact:
The advertised service could enable doxxing, stalking, identity theft, SIM-swap targeting, phishing, financial fraud, and targeted surveillance against French individuals.
Status:
Underground forum advertisement. The actor posted a dashboard preview, listed claimed lookup capabilities, and included premium pricing tiers for access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐ช๐บ Europol Press Release
โโโโโโโโโโโโโโโโโโโโโ
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown
Full Press Release โ europol.europa.eu
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข Europol Monitor
Note: Europol articles that are not Cyber related will be removed manually.
โโโโโโโโโโโโโโโโโโโโโ
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown
Full Press Release โ europol.europa.eu
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข Europol Monitor
Note: Europol articles that are not Cyber related will be removed manually.
Europol
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown โ Investigators identified 14 200 links tiedโฆ
A total of 14 200 posts linked to Iranโs Islamic Revolutionary Guard Corps (IRGC), now designated as a terrorist organisation by the European Union (EU), have been targeted in a coordinated action against terrorist content online.
Cyberattack News Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Chanhassen Dinner Theatres
Domain:
Country: ๐บ๐ธ US
Date: May 16th, 2026
Summary:
Chanhassen Dinner Theatres was forced to temporarily suspend certain performances due to a cyberattack detected on its computer network, which prompted the theater to take its systems offline as a precautionary measure. The organization is working diligently with external experts to restore services and reschedule the affected performances. Ticketholders for the affected shows will be contacted directly by phone or email for further details.
Source: https://bringmethenews.com/minnesota-lifestyle/chanhassen-dinner-theatres-says-cyber-attack-may-affect-upcoming-performances
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Chanhassen Dinner Theatres
Domain:
chanhassendt.comCountry: ๐บ๐ธ US
Date: May 16th, 2026
Summary:
Chanhassen Dinner Theatres was forced to temporarily suspend certain performances due to a cyberattack detected on its computer network, which prompted the theater to take its systems offline as a precautionary measure. The organization is working diligently with external experts to restore services and reschedule the affected performances. Ticketholders for the affected shows will be contacted directly by phone or email for further details.
Source: https://bringmethenews.com/minnesota-lifestyle/chanhassen-dinner-theatres-says-cyber-attack-may-affect-upcoming-performances
Bring Me The News
Chanhassen Dinner Theatres says cyber attack may affect upcoming performances
An attack on its computer network will result in some rescheduled shows, though details are still being worked out.
๐จGoogle-signed SMTP mailer allegedly advertised: Gmail relay-based mailer service promoted on underground forum
A threat actor is advertising a โGmail Mailerโ service, claiming it can send emails through a Google.com-signed SMTP relay with high inbox placement and customizable templates.
โโโโโโโโโโโโโโโโโโโโ
Service: Gmail Mailer
Sector: Phishing Infrastructure / Spam Services / Cybercrime Tools
Incident: Mailer Service Advertisement
Exposure: Google.com-signed SMTP relay claims
Actor: Anon
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Google.com-signed SMTP mailer service
โช๏ธ Claims of direct Google relay delivery
โช๏ธ High inbox placement claims
โช๏ธ Multiple templates and custom input options
โช๏ธ Test access offered by the seller
Potential impact:
The advertised service could be used for phishing, spam campaigns, credential theft, business email compromise attempts, and impersonation of trusted email infrastructure.
Status:
Underground forum sale listing. The actor claims they are not selling the source code and are offering limited access to the mailer service.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising a โGmail Mailerโ service, claiming it can send emails through a Google.com-signed SMTP relay with high inbox placement and customizable templates.
โโโโโโโโโโโโโโโโโโโโ
Service: Gmail Mailer
Sector: Phishing Infrastructure / Spam Services / Cybercrime Tools
Incident: Mailer Service Advertisement
Exposure: Google.com-signed SMTP relay claims
Actor: Anon
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Google.com-signed SMTP mailer service
โช๏ธ Claims of direct Google relay delivery
โช๏ธ High inbox placement claims
โช๏ธ Multiple templates and custom input options
โช๏ธ Test access offered by the seller
Potential impact:
The advertised service could be used for phishing, spam campaigns, credential theft, business email compromise attempts, and impersonation of trusted email infrastructure.
Status:
Underground forum sale listing. The actor claims they are not selling the source code and are offering limited access to the mailer service.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จXIA Stealer advertised: DLL-based information stealer promoted as โfully undetectedโ on underground forum
A threat actor is advertising XIA, a DLL-based information stealer claiming to target modern Windows systems while avoiding detection during scan time and runtime.
โโโโโโโโโโโโโโโโโโโโ
Service: XIA Stealer
Sector: Malware / Info-Stealer / Cybercrime Tools
Incident: Malware Service Advertisement
Exposure: Credential theft and browser data collection tool
Actor: kandricklamar
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ DLL-based information stealer under 500KB
โช๏ธ Browser cookie, login, and autofill data collection claims
โช๏ธ Credit card and wallet-related data theft capabilities
โช๏ธ Crypto wallet extension targeting claims
โช๏ธ File collection from desktop and text files
โช๏ธ Persistence, stealth, and anti-analysis features
โช๏ธ Discord webhook logging and Windows compatibility claims
Potential impact:
The advertised tool could be used for credential theft, crypto wallet compromise, account takeover, financial fraud, and broader malware campaigns against Windows users.
Status:
Underground forum advertisement. The actor posted a feature list and directs users to an external channel for more information and showcase material.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising XIA, a DLL-based information stealer claiming to target modern Windows systems while avoiding detection during scan time and runtime.
โโโโโโโโโโโโโโโโโโโโ
Service: XIA Stealer
Sector: Malware / Info-Stealer / Cybercrime Tools
Incident: Malware Service Advertisement
Exposure: Credential theft and browser data collection tool
Actor: kandricklamar
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ DLL-based information stealer under 500KB
โช๏ธ Browser cookie, login, and autofill data collection claims
โช๏ธ Credit card and wallet-related data theft capabilities
โช๏ธ Crypto wallet extension targeting claims
โช๏ธ File collection from desktop and text files
โช๏ธ Persistence, stealth, and anti-analysis features
โช๏ธ Discord webhook logging and Windows compatibility claims
Potential impact:
The advertised tool could be used for credential theft, crypto wallet compromise, account takeover, financial fraud, and broader malware campaigns against Windows users.
Status:
Underground forum advertisement. The actor posted a feature list and directs users to an external channel for more information and showcase material.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท ManoMano allegedly breached: 38.7M user and ticket records advertised for sale from home improvement marketplace database
A threat actor claims to be selling a database tied to ManoMano, a European online marketplace specializing in DIY, home improvement, gardening, and renovation products.
โโโโโโโโโโโโโโโโโโโโ
Target: ManoMano
Sector: E-commerce / Home Improvement / Marketplace
Incident: Database Leak / Data Sale
Exposure: 38,773,441 total lines across users and tickets datasets
Actor: Saikaa
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ User database records allegedly linked to ManoMano
โช๏ธ Customer account and marketplace profile data
โช๏ธ Ticket and support-related records
โช๏ธ Attachment folder containing uploaded files
โช๏ธ Large-scale JSON datasets for users and tickets
โช๏ธ Sample data references shared by the actor
Potential impact:
The exposed data could be used for phishing, account impersonation, customer support scams, marketplace fraud, and targeted social engineering against ManoMano users and sellers.
Status:
Unverified underground forum sale listing. The actor claims the files include 37,838,030 user lines, 935,411 ticket lines, and 13,522 attachment files.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to ManoMano, a European online marketplace specializing in DIY, home improvement, gardening, and renovation products.
โโโโโโโโโโโโโโโโโโโโ
Target: ManoMano
Sector: E-commerce / Home Improvement / Marketplace
Incident: Database Leak / Data Sale
Exposure: 38,773,441 total lines across users and tickets datasets
Actor: Saikaa
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ User database records allegedly linked to ManoMano
โช๏ธ Customer account and marketplace profile data
โช๏ธ Ticket and support-related records
โช๏ธ Attachment folder containing uploaded files
โช๏ธ Large-scale JSON datasets for users and tickets
โช๏ธ Sample data references shared by the actor
Potential impact:
The exposed data could be used for phishing, account impersonation, customer support scams, marketplace fraud, and targeted social engineering against ManoMano users and sellers.
Status:
Unverified underground forum sale listing. The actor claims the files include 37,838,030 user lines, 935,411 ticket lines, and 13,522 attachment files.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1
The API daily limit has been changed from 50 requests daily to 150 requests. This has been reflected on the necessary pages.
If you have already used 40 requests for the day you now have 110 requests remaining.
An optional addon is available for those who need higher limits.
Daily limit resets at 12am UTC.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
If you have already used 40 requests for the day you now have 110 requests remaining.
An optional addon is available for those who need higher limits.
Daily limit resets at 12am UTC.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
๐ช Slice For Life - Part 2 ๐ช
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
โค2