๐จX-HAVEN exploit service advertised: silent document payload execution tool promoted on underground forum
A threat actor is advertising X-HAVEN, a malicious exploit service claiming to support silent payload execution through weaponized document formats.
โโโโโโโโโโโโโโโโโโโโ
Service: X-HAVEN
Sector: Malware / Exploit Sales / Cybercrime Infrastructure
Incident: Exploit Service Advertisement
Exposure: DOC, XLS, and PDF payload delivery
Actor: TheStrain
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Silent document-based payload execution
โช๏ธ Claimed Microsoft Office compatibility across multiple versions
โช๏ธ Antivirus and Windows Defender bypass claims
โช๏ธ Direct attachment delivery for email-based campaigns
โช๏ธ Payload support for multiple executable and script formats
Potential impact:
The advertised service could enable malware delivery, phishing campaigns, credential theft, unauthorized access, and compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The seller posted promotional material describing exploit capabilities, payment terms, and support channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising X-HAVEN, a malicious exploit service claiming to support silent payload execution through weaponized document formats.
โโโโโโโโโโโโโโโโโโโโ
Service: X-HAVEN
Sector: Malware / Exploit Sales / Cybercrime Infrastructure
Incident: Exploit Service Advertisement
Exposure: DOC, XLS, and PDF payload delivery
Actor: TheStrain
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Silent document-based payload execution
โช๏ธ Claimed Microsoft Office compatibility across multiple versions
โช๏ธ Antivirus and Windows Defender bypass claims
โช๏ธ Direct attachment delivery for email-based campaigns
โช๏ธ Payload support for multiple executable and script formats
Potential impact:
The advertised service could enable malware delivery, phishing campaigns, credential theft, unauthorized access, and compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The seller posted promotional material describing exploit capabilities, payment terms, and support channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐1
๐จ Domain and Telegram takedown service offered against fraudulent and illegal resources
๐ญ3
๐ช Slice For Life - Part 2 ๐ช
๐จ Domain and Telegram takedown service offered against fraudulent and illegal resources
Chat we are actually safe for once, allegedly.
๐2
๐จ๐ฐ๐ผ Kuwait Ministry of Electricity allegedly breached: employee database leaked from government ministry records
A threat actor claims to have leaked employee data tied to Kuwaitโs Ministry of Electricity, the government ministry responsible for electricity-related public services and infrastructure.
โโโโโโโโโโโโโโโโโโโโ
Target: Kuwait Ministry of Electricity
Sector: Government / Energy / Public Utilities
Incident: Database Leak
Exposure: Ministry employee records
Actor: Revesky
Country: Kuwait
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Employee records allegedly linked to Kuwaitโs Ministry of Electricity
โช๏ธ Full name fields
โช๏ธ Job status information
โช๏ธ Phone number fields
โช๏ธ Phone-related metadata
โช๏ธ Job location data
โช๏ธ Full dataset allegedly hidden behind forum access
Potential impact:
The exposed data could be used for phishing, impersonation, targeted social engineering, and fraud attempts against ministry employees and public-sector contacts.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked employee data tied to Kuwaitโs Ministry of Electricity, the government ministry responsible for electricity-related public services and infrastructure.
โโโโโโโโโโโโโโโโโโโโ
Target: Kuwait Ministry of Electricity
Sector: Government / Energy / Public Utilities
Incident: Database Leak
Exposure: Ministry employee records
Actor: Revesky
Country: Kuwait
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Employee records allegedly linked to Kuwaitโs Ministry of Electricity
โช๏ธ Full name fields
โช๏ธ Job status information
โช๏ธ Phone number fields
โช๏ธ Phone-related metadata
โช๏ธ Job location data
โช๏ธ Full dataset allegedly hidden behind forum access
Potential impact:
The exposed data could be used for phishing, impersonation, targeted social engineering, and fraud attempts against ministry employees and public-sector contacts.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท ARGUS Lookup allegedly advertised: French dataleak lookup, geolocation, and spyware-style intelligence platform promoted on underground forum
A threat actor is advertising ARGUS Lookup, a French-focused doxxing and spyware-style intelligence platform claiming to combine leaked databases, identity lookup, geolocation, facial recognition, and account correlation features.
โโโโโโโโโโโโโโโโโโโโ
Service: ARGUS Lookup
Sector: Doxxing Tools / Spyware / Cybercrime Intelligence
Incident: Spyware & Dataleak Service Advertisement
Exposure: French dataleak lookup and real-time geolocation tools
Actor: near2tlg
Country: France
Price: $400 for 7 days / $1,300 for 30 days / $3,500 lifetime
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ French dataleak lookup covering records from 2010โ2026
โช๏ธ Identity, contact, address, and account correlation features
โช๏ธ SS7 and HLR/VLR-style geolocation lookup claims
โช๏ธ Facial recognition and profile-matching capabilities
โช๏ธ Database access tied to financial, government, insurance, and telecom-style sources
โช๏ธ Stealer, URL password, and combo lookup/checking functionality
โช๏ธ Premium subscription tiers with cryptocurrency payment options
Potential impact:
The advertised service could enable doxxing, stalking, identity theft, SIM-swap targeting, phishing, financial fraud, and targeted surveillance against French individuals.
Status:
Underground forum advertisement. The actor posted a dashboard preview, listed claimed lookup capabilities, and included premium pricing tiers for access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising ARGUS Lookup, a French-focused doxxing and spyware-style intelligence platform claiming to combine leaked databases, identity lookup, geolocation, facial recognition, and account correlation features.
โโโโโโโโโโโโโโโโโโโโ
Service: ARGUS Lookup
Sector: Doxxing Tools / Spyware / Cybercrime Intelligence
Incident: Spyware & Dataleak Service Advertisement
Exposure: French dataleak lookup and real-time geolocation tools
Actor: near2tlg
Country: France
Price: $400 for 7 days / $1,300 for 30 days / $3,500 lifetime
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ French dataleak lookup covering records from 2010โ2026
โช๏ธ Identity, contact, address, and account correlation features
โช๏ธ SS7 and HLR/VLR-style geolocation lookup claims
โช๏ธ Facial recognition and profile-matching capabilities
โช๏ธ Database access tied to financial, government, insurance, and telecom-style sources
โช๏ธ Stealer, URL password, and combo lookup/checking functionality
โช๏ธ Premium subscription tiers with cryptocurrency payment options
Potential impact:
The advertised service could enable doxxing, stalking, identity theft, SIM-swap targeting, phishing, financial fraud, and targeted surveillance against French individuals.
Status:
Underground forum advertisement. The actor posted a dashboard preview, listed claimed lookup capabilities, and included premium pricing tiers for access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐ช๐บ Europol Press Release
โโโโโโโโโโโโโโโโโโโโโ
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown
Full Press Release โ europol.europa.eu
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข Europol Monitor
Note: Europol articles that are not Cyber related will be removed manually.
โโโโโโโโโโโโโโโโโโโโโ
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown
Full Press Release โ europol.europa.eu
โโโโโโโโโโโโโโโโโโโโโ
๐ต๏ธ Dark Web Informer โข Europol Monitor
Note: Europol articles that are not Cyber related will be removed manually.
Europol
EU targets Iranโs Revolutionary Guard propaganda ecosystem in an online crackdown โ Investigators identified 14 200 links tiedโฆ
A total of 14 200 posts linked to Iranโs Islamic Revolutionary Guard Corps (IRGC), now designated as a terrorist organisation by the European Union (EU), have been targeted in a coordinated action against terrorist content online.
Cyberattack News Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Chanhassen Dinner Theatres
Domain:
Country: ๐บ๐ธ US
Date: May 16th, 2026
Summary:
Chanhassen Dinner Theatres was forced to temporarily suspend certain performances due to a cyberattack detected on its computer network, which prompted the theater to take its systems offline as a precautionary measure. The organization is working diligently with external experts to restore services and reschedule the affected performances. Ticketholders for the affected shows will be contacted directly by phone or email for further details.
Source: https://bringmethenews.com/minnesota-lifestyle/chanhassen-dinner-theatres-says-cyber-attack-may-affect-upcoming-performances
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: Chanhassen Dinner Theatres
Domain:
chanhassendt.comCountry: ๐บ๐ธ US
Date: May 16th, 2026
Summary:
Chanhassen Dinner Theatres was forced to temporarily suspend certain performances due to a cyberattack detected on its computer network, which prompted the theater to take its systems offline as a precautionary measure. The organization is working diligently with external experts to restore services and reschedule the affected performances. Ticketholders for the affected shows will be contacted directly by phone or email for further details.
Source: https://bringmethenews.com/minnesota-lifestyle/chanhassen-dinner-theatres-says-cyber-attack-may-affect-upcoming-performances
Bring Me The News
Chanhassen Dinner Theatres says cyber attack may affect upcoming performances
An attack on its computer network will result in some rescheduled shows, though details are still being worked out.
๐จGoogle-signed SMTP mailer allegedly advertised: Gmail relay-based mailer service promoted on underground forum
A threat actor is advertising a โGmail Mailerโ service, claiming it can send emails through a Google.com-signed SMTP relay with high inbox placement and customizable templates.
โโโโโโโโโโโโโโโโโโโโ
Service: Gmail Mailer
Sector: Phishing Infrastructure / Spam Services / Cybercrime Tools
Incident: Mailer Service Advertisement
Exposure: Google.com-signed SMTP relay claims
Actor: Anon
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Google.com-signed SMTP mailer service
โช๏ธ Claims of direct Google relay delivery
โช๏ธ High inbox placement claims
โช๏ธ Multiple templates and custom input options
โช๏ธ Test access offered by the seller
Potential impact:
The advertised service could be used for phishing, spam campaigns, credential theft, business email compromise attempts, and impersonation of trusted email infrastructure.
Status:
Underground forum sale listing. The actor claims they are not selling the source code and are offering limited access to the mailer service.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising a โGmail Mailerโ service, claiming it can send emails through a Google.com-signed SMTP relay with high inbox placement and customizable templates.
โโโโโโโโโโโโโโโโโโโโ
Service: Gmail Mailer
Sector: Phishing Infrastructure / Spam Services / Cybercrime Tools
Incident: Mailer Service Advertisement
Exposure: Google.com-signed SMTP relay claims
Actor: Anon
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Google.com-signed SMTP mailer service
โช๏ธ Claims of direct Google relay delivery
โช๏ธ High inbox placement claims
โช๏ธ Multiple templates and custom input options
โช๏ธ Test access offered by the seller
Potential impact:
The advertised service could be used for phishing, spam campaigns, credential theft, business email compromise attempts, and impersonation of trusted email infrastructure.
Status:
Underground forum sale listing. The actor claims they are not selling the source code and are offering limited access to the mailer service.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จXIA Stealer advertised: DLL-based information stealer promoted as โfully undetectedโ on underground forum
A threat actor is advertising XIA, a DLL-based information stealer claiming to target modern Windows systems while avoiding detection during scan time and runtime.
โโโโโโโโโโโโโโโโโโโโ
Service: XIA Stealer
Sector: Malware / Info-Stealer / Cybercrime Tools
Incident: Malware Service Advertisement
Exposure: Credential theft and browser data collection tool
Actor: kandricklamar
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ DLL-based information stealer under 500KB
โช๏ธ Browser cookie, login, and autofill data collection claims
โช๏ธ Credit card and wallet-related data theft capabilities
โช๏ธ Crypto wallet extension targeting claims
โช๏ธ File collection from desktop and text files
โช๏ธ Persistence, stealth, and anti-analysis features
โช๏ธ Discord webhook logging and Windows compatibility claims
Potential impact:
The advertised tool could be used for credential theft, crypto wallet compromise, account takeover, financial fraud, and broader malware campaigns against Windows users.
Status:
Underground forum advertisement. The actor posted a feature list and directs users to an external channel for more information and showcase material.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising XIA, a DLL-based information stealer claiming to target modern Windows systems while avoiding detection during scan time and runtime.
โโโโโโโโโโโโโโโโโโโโ
Service: XIA Stealer
Sector: Malware / Info-Stealer / Cybercrime Tools
Incident: Malware Service Advertisement
Exposure: Credential theft and browser data collection tool
Actor: kandricklamar
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ DLL-based information stealer under 500KB
โช๏ธ Browser cookie, login, and autofill data collection claims
โช๏ธ Credit card and wallet-related data theft capabilities
โช๏ธ Crypto wallet extension targeting claims
โช๏ธ File collection from desktop and text files
โช๏ธ Persistence, stealth, and anti-analysis features
โช๏ธ Discord webhook logging and Windows compatibility claims
Potential impact:
The advertised tool could be used for credential theft, crypto wallet compromise, account takeover, financial fraud, and broader malware campaigns against Windows users.
Status:
Underground forum advertisement. The actor posted a feature list and directs users to an external channel for more information and showcase material.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท ManoMano allegedly breached: 38.7M user and ticket records advertised for sale from home improvement marketplace database
A threat actor claims to be selling a database tied to ManoMano, a European online marketplace specializing in DIY, home improvement, gardening, and renovation products.
โโโโโโโโโโโโโโโโโโโโ
Target: ManoMano
Sector: E-commerce / Home Improvement / Marketplace
Incident: Database Leak / Data Sale
Exposure: 38,773,441 total lines across users and tickets datasets
Actor: Saikaa
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ User database records allegedly linked to ManoMano
โช๏ธ Customer account and marketplace profile data
โช๏ธ Ticket and support-related records
โช๏ธ Attachment folder containing uploaded files
โช๏ธ Large-scale JSON datasets for users and tickets
โช๏ธ Sample data references shared by the actor
Potential impact:
The exposed data could be used for phishing, account impersonation, customer support scams, marketplace fraud, and targeted social engineering against ManoMano users and sellers.
Status:
Unverified underground forum sale listing. The actor claims the files include 37,838,030 user lines, 935,411 ticket lines, and 13,522 attachment files.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to ManoMano, a European online marketplace specializing in DIY, home improvement, gardening, and renovation products.
โโโโโโโโโโโโโโโโโโโโ
Target: ManoMano
Sector: E-commerce / Home Improvement / Marketplace
Incident: Database Leak / Data Sale
Exposure: 38,773,441 total lines across users and tickets datasets
Actor: Saikaa
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ User database records allegedly linked to ManoMano
โช๏ธ Customer account and marketplace profile data
โช๏ธ Ticket and support-related records
โช๏ธ Attachment folder containing uploaded files
โช๏ธ Large-scale JSON datasets for users and tickets
โช๏ธ Sample data references shared by the actor
Potential impact:
The exposed data could be used for phishing, account impersonation, customer support scams, marketplace fraud, and targeted social engineering against ManoMano users and sellers.
Status:
Unverified underground forum sale listing. The actor claims the files include 37,838,030 user lines, 935,411 ticket lines, and 13,522 attachment files.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1
The API daily limit has been changed from 50 requests daily to 150 requests. This has been reflected on the necessary pages.
If you have already used 40 requests for the day you now have 110 requests remaining.
An optional addon is available for those who need higher limits.
Daily limit resets at 12am UTC.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
If you have already used 40 requests for the day you now have 110 requests remaining.
An optional addon is available for those who need higher limits.
Daily limit resets at 12am UTC.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
๐ช Slice For Life - Part 2 ๐ช
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
โค2
๐จ๐บ๐ธ Venture Yours allegedly breached: 70K vacation rental management files and KYC/PII records exposed
A threat actor claims to have leaked part of a customer database tied to Venture Yours, a vacation rental management platform handling rental agreements, booking details, customer communications, and property-related operations.
โโโโโโโโโโโโโโโโโโโโ
Target: Venture Yours
Sector: Vacation Rental Management / Property Technology
Incident: Database Leak
Exposure: 70,000+ files / 64GB
Actor: zSenior
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer PII records allegedly linked to vacation rental management operations
โช๏ธ Names, emails, phone numbers, roles, and address fields
โช๏ธ Property address and rental agreement-related data
โช๏ธ Driver license and KYC document references
โช๏ธ Booking details, contracts, and customer communication logs
โช๏ธ Conversation metadata from customer support systems
โช๏ธ CSV records containing logs and personal information
โช๏ธ File archives containing identity and rental documentation
Potential impact:
The exposed data could be used for identity theft, rental fraud, phishing, customer impersonation, property scams, and targeted social engineering against guests, property owners, and rental managers.
Status:
Unverified underground forum claim. The actor posted CSV samples, support-log previews, and a driver license image as proof.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked part of a customer database tied to Venture Yours, a vacation rental management platform handling rental agreements, booking details, customer communications, and property-related operations.
โโโโโโโโโโโโโโโโโโโโ
Target: Venture Yours
Sector: Vacation Rental Management / Property Technology
Incident: Database Leak
Exposure: 70,000+ files / 64GB
Actor: zSenior
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer PII records allegedly linked to vacation rental management operations
โช๏ธ Names, emails, phone numbers, roles, and address fields
โช๏ธ Property address and rental agreement-related data
โช๏ธ Driver license and KYC document references
โช๏ธ Booking details, contracts, and customer communication logs
โช๏ธ Conversation metadata from customer support systems
โช๏ธ CSV records containing logs and personal information
โช๏ธ File archives containing identity and rental documentation
Potential impact:
The exposed data could be used for identity theft, rental fraud, phishing, customer impersonation, property scams, and targeted social engineering against guests, property owners, and rental managers.
Status:
Unverified underground forum claim. The actor posted CSV samples, support-log previews, and a driver license image as proof.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
.@zachxbt is offering another $10,000 bounty for credible intelligence on the Hong Kong market maker Heisenberg Guru, also known as HSBG, allegedly linked to multiple CEX market manipulation incidents, including $RIVER.
He is considering evidence that may include chat logs, contracts, internal communications, or other verifiable materials.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
He is considering evidence that may include chat logs, contracts, internal communications, or other verifiable materials.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐ฅ1
Cyberattack News Alert
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: HDFC Asset Management Company
Domain:
Country: ๐ฎ๐ณ IN
Date: May 16th, 2026
Summary:
HDFC Asset Management Company's stock fell 3.8% on Monday following the disclosure of a cyberattack on its IT infrastructure. The incident occurred on May 16 and the company is working to contain it. The stock decline came after the company was notified by an anonymous source. The incident is part of a broader increase in security risks facing India's financial sector.
Source: https://www.freepressjournal.in/business/hdfc-amc-stock-declines-38-after-company-reports-cyberattack-on-it-infra
โโโโโโโโโโโโโโโโโโโโโโโโโ
Victim: HDFC Asset Management Company
Domain:
hdfcfund.comCountry: ๐ฎ๐ณ IN
Date: May 16th, 2026
Summary:
HDFC Asset Management Company's stock fell 3.8% on Monday following the disclosure of a cyberattack on its IT infrastructure. The incident occurred on May 16 and the company is working to contain it. The stock decline came after the company was notified by an anonymous source. The incident is part of a broader increase in security risks facing India's financial sector.
Source: https://www.freepressjournal.in/business/hdfc-amc-stock-declines-38-after-company-reports-cyberattack-on-it-infra
Free Press Journal
HDFC AMC Stock Declines 3.8% After Company Reports Cyberattack on IT Infra
The stock of HDFC Asset Management Company fell up to 3.8 percent on Monday after the company reported a cyberattack on its IT infrastructure. The stock opened lower by 1.4 percent at Rs 2,662.85 compared to the previous close of Rs 2,703.10 apiece
โผ๏ธ New Dark Web Informer Blog Post!
Title: Perm National Research Polytechnic University Allegedly Breached: 362K Internal Student Research System Records Leaked
Link: https://darkwebinformer.com/perm-national-research-polytechnic-university-allegedly-breached-362k-internal-student-research-system-records-leaked/
Title: Perm National Research Polytechnic University Allegedly Breached: 362K Internal Student Research System Records Leaked
Link: https://darkwebinformer.com/perm-national-research-polytechnic-university-allegedly-breached-362k-internal-student-research-system-records-leaked/
Dark Web Informer
Perm National Research Polytechnic University Allegedly Breached: 362K Internal Student Research System Records Leaked
A threat actor claims to have leaked a complete database dump tied to Perm National Research Polytechnic University, a major technical university in Russia, from an internal accounting and monitoring system used for student research work.