🔪 Slice For Life - Part 2 🔪

‼️ Qilin Ransomware Claims 4 Victims

🇬🇧 William Davis Homes
🇺🇸 Roofing Solutions
🇺🇸 Shocco Springs
🇺🇸 Mainstreet Organization of Realtors
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

323 views19:09

🚨 🇲🇽 A threat actor going by Black0ut_Exi is sharing an alleged data leak of Universidad de Ixtlahuaca (CUI), a Mexican university, on a popular cybercrime forum, claiming around 20,000 records.

‣ Threat Actor: Black0ut_Exi (credited to "okami" / Exiliados #555)
‣ Category: Alleged Data Leak
‣ Target: Universidad de Ixtlahuaca CUI, Mexico

The actor claims the dataset includes student and personal records such as names, parents' surnames, dates of birth, gender, marital status, nationality, address, postal code, phone numbers, email addresses, CURP, school details, academic period, social media handles, employer, and academic standing. Authenticity is unverified.

Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

302 views19:26

🔪 Slice For Life - Part 2 🔪

‼️ The FBI is providing a Public Service Announcement (PSA) warning that cyber criminals are creating fake versions of FIFA's website ahead of the 2026 World Cup to steal personal information, sell counterfeit tickets and hospitality packages, and enable further fraud such as opening accounts in victims' names.

Attackers use "typo squatting" by registering domains that resemble http://fifa.com through misspellings (e.g., fiffa, filfa, wvvw-fifa), alternative top-level domains (.org, .cab, .pink, .click), or fake subdomains (jobs-fifa[.com, fifa-careerhub[.com).

The FBI has already identified roughly 30+ spoofed domains, including fifa-2026[.xyz, worldcup26ticket[.com, fifa-ticket[.live, and fifaworldcup26[.sale, and expects more to appear through the tournament.

PSA: https://www.ic3.gov/PSA/2026/PSA260527

IOCs provided by the FBI are below:

www.fifa[.]cab
www.fifa[.]pink
www.fifa[.]blue
www.fifa[.]pub
FIFA[.]city
Fifa[.]bio
fifa[.]beer
fifa[.]click
fifa[.]cam
fifa[.]ceo
fifa[.]help
filfa[.]org
fifa-online[.]com
https://fifa-2026[.]xyz
jobs-fifa[.]com
fifa-hr[.]com
fifa-careerhub[.]com
fifaworldcup-careers[.]com
fifa-hiring[.]com
fifahiring[.]com
fifa-ticket[.]live
http://fifastore.us[.]com
fifaworldcup26[.]sale
fifaworldcup26.xcover-staging[.]com
http://worldcup2026-tickets.com[.]mx
worldcup26ticket[.]com
2026fifaworldcuptickets[.]online
fwc2026[.]net
fwc2026.web[.]app
www.fifa2026p[.]com
fifa2026fworldcup[.]com
wvvw-fifa[.]com
ww-fifa[.]com
fifa-com[.]com
www.fifa-com[.]services
quiniela-fifa-2026.pages[.]dev
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

😁2

281 viewsedited 20:05

🔪 Slice For Life - Part 2 🔪

🚨 🇫🇷 A threat actor going by DumpsecIsBack is sharing an alleged data leak affecting multiple French companies including Biocoop, La Vie Claire, Naturalia, Satoriz, and Marcel & Fils on a popular cybercrime forum, claiming 5,635 company sales records.

‣ Threat Actor: DumpsecIsBack
‣ Category: Alleged Data Leak
‣ Target: Biocoop, La Vie Claire, Naturalia, Satoriz, Marcel & Fils, others (France)
‣ Format: CSV

The actor claims the dataset spans three files: 1,553 contact records, 5,640 company records, and 1,490 sales visit/appointment records, including names, roles, contact emails, phone numbers, company addresses, and detailed sales-visit notes. Samples were posted in the listing, with multiple file-sharing download links provided. The actor also announced plans for further leaks branded as "Black June" starting June 1, 2026. Authenticity is unverified.

Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

😭1

329 views20:38

🔪 Slice For Life - Part 2 🔪

😤

1😁6❤1

318 views21:23

🔪 Slice For Life - Part 2 🔪

Resharing this in case it helps someone. https://darkwebinformer.com/whats-actually-in-an-anti-kidnapping-kit-and-why-high-risk-individuals-should-care/

Dark Web Informer

What's Actually in an Anti-Kidnapping Kit and Why High-Risk Individuals Should Care

303 viewsedited 22:44

🔪 Slice For Life - Part 2 🔪

🚨 🇫🇷 A threat actor group going by AplaGroup is sharing an alleged data leak of Apogas Immobilier, a French real estate agency, on a popular cybercrime forum.

┌─────────────────────
│ 🎯 AplaGroup
│ 📂 Alleged Data Leak
│ 🏢 Apogas Immobilier
│ 🇫🇷 France
│ 🏠 Real Estate
└─────────────────────

The group claims the dataset includes an agents file with names, SIRET and VAT numbers, contact details, dates of birth, and marital status, plus a separate file of properties listed for sale. Authenticity is unverified.

Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

309 views23:24

🔪 Slice For Life - Part 2 🔪

🚨🇫🇷 Certificat CléA allegedly targeted in database leak

A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Certificat CléA, the French professional skills certification platform.

The actor claims the dataset contains roughly 63,260 rows of certification, evaluation, and personal data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Civility, full name, and maiden name fields
• First names and dates of birth
• Postal codes and city of birth
• Record creation, update, and send dates
• Creator and proprietary site data
• Establishment proprietor and evaluation site fields
• Last evaluation date and evaluation type
• Evaluator and jury certification details
• Jury date, structure, and location
• Action type and user fields
• Establishment, site, and external ID metadata

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Certificat CléA
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Education / Certification
𝗔𝗰𝘁𝗼𝗿: xMetah
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~63,260 rows
𝗣𝗿𝗶𝗰𝗲: 5 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026

💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

311 views23:36

🔪 Slice For Life - Part 2 🔪

🚨🇧🇷 iGreen Energy allegedly targeted in massive database leak

A threat actor on an underground forum is claiming to have extracted and is selling a dataset allegedly originating from iGreen Energy, the Brazilian renewable energy company.

The actor claims the dataset contains roughly 5M total records across clients, consultants, financial, and operational data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• 1M+ client records (CPF/CNPJ, RG, DOB, email, phone, full address, utility account numbers, contract history)
• Plain-text passwords for tens of thousands of utility accounts (RGE, CEMIG, CEEE, EDP, CELESC, ELEKTRO, COPEL, ENEL, LIGHT, and others)
• 94,859 consultant records with PIX keys, balances, and withdrawal history
• 5,579 iGreenBank KYC accounts (CPF, mother's full name, KYC document type with issue date)
• 205,246 financial withdrawal records (CPF, PIX key, amount, date)
• 3.5M+ energy bill records (barcode, amount, due date, bill URL, kWh)
• 88,498 telecom contracts, 17,420 solar contracts, 20 active auto insurance records (CPF, license plate, VIN/chassis, RENAVAM, ICCID, holder data)
• 592 backoffice staff records (corporate email, access level, bcrypt + MD5 hashes)
• 1,507 physical document files (IDs, utility bill photos, articles of incorporation, CNPJ cards) with predictable S3 URLs

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: iGreen Energy
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Brazil 🇧🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Energy / Renewables
𝗔𝗰𝘁𝗼𝗿: masterblack
𝗖𝗹𝗮𝗶𝗺: Direct sale, dump extracted exclusively by actor
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~5M total records
𝗣𝗿𝗶𝗰𝗲: Not disclosed (single buyer only, no bulk resale)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026

💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

415 views23:52

🔪 Slice For Life - Part 2 🔪

Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━

Victim: Serpa
Domain: cm-serpa.pt

Country: 🇵🇷 PR
Date: May 27th, 2026

Summary:
The municipality of Serpa fell victim to an external cyberattack targeting its IT infrastructure. The incident was immediately reported to the relevant authorities, including the National Cybersecurity Centre. Although the system is considered secure, municipal services continue to operate under constraints, including the absence of fixed and mobile communications.

Source: https://www.vozdaplanicie.pt/index.php/noticias/camara-municipal-de-serpa-alvo-de-ataque-informatico

Rádio Voz da Planície - 104.5FM - Beja

Autarquia de Serpa alvo de ataque informático | Rádio Voz da Planície - 104.5FM - Beja

A Câmara Municipal de Serpa informa através da sua página de Facebook Serpa Terra Forte, que a infraestrutura informática do município "foi alvo de um ataque externo, imediatamente reportado às autoridades competentes, designadamente ao Centro Nacional de…

340 views14:32

🔪 Slice For Life - Part 2 🔪

🚨🇮🇳 850M India Nationwide Identity Dataset allegedly listed for sale

A threat actor on an underground forum is claiming to sell a nationwide identity dataset allegedly originating from HITEK, containing telecom-linked Aadhaar records from India.

The actor claims the dataset contains roughly 850M records in JSON format (~109 GB).

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Full names
• Father's names
• Aadhaar numbers (if linked)
• Full addresses
• Mobile numbers
• Alternative mobile numbers
• Email addresses

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: HITEK
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: India 🇮🇳
𝗦𝗲𝗰𝘁𝗼𝗿: Telecom / Identity
𝗔𝗰𝘁𝗼𝗿: deb163
𝗖𝗹𝗮𝗶𝗺: Full PII / Telecom-linked Aadhaar records
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~850,000,000 records (~109 GB)
𝗣𝗿𝗶𝗰𝗲: 8 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026

💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

315 views15:05

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: Brazilian Food-Delivery Giant iFood Targeted in Alleged 43.8M-Record Customer Data Extortion

Link: https://darkwebinformer.com/brazilian-food-delivery-giant-ifood-targeted-in-alleged-43-8m-record-customer-data-extortion/

Dark Web Informer

Brazilian Food-Delivery Giant iFood Targeted in Alleged 43.8M-Record Customer Data Extortion

A threat actor using the alias bacen claims to hold 43,847,219 Brazilian iFood customer records, said to include CPF national IDs, full names, emails, phone numbers, and credit-card data.

315 views15:21

🔪 Slice For Life - Part 2 🔪

‼️ ShinyHunters has leaked 42 Million records of data from Charter Communications.

DentaQuest has also been relisted after being taken down due to possible negotiations.
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

323 views15:35

🔪 Slice For Life - Part 2 🔪

STIX endpoints will be available for users who subscribe to the API sometime tomorrow as promised. I just need to finish updating the docs.

https://darkwebinformer.com/api-details/
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

Dark Web Informer

API Subscription Access

🔥1

291 views16:02

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: French Government Platform Resana Listed in Alleged 990K-Record User Data Sale

Link: https://darkwebinformer.com/french-government-platform-resana-listed-in-alleged-990k-record-user-data-sale/

Dark Web Informer

French Government Platform Resana Listed in Alleged 990K-Record User Data Sale

A threat actor using the alias xMetah claims to be selling a database allegedly belonging to Resana, a French government collaboration platform hosted on the state's numerique.gouv.fr domain.

288 views16:10

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: French Real-Estate Platform Figaro Immobilier Hit by Alleged 100K Invoice Leak

Link: https://darkwebinformer.com/french-real-estate-platform-figaro-immobilier-hit-by-alleged-100k-invoice-leak/

Dark Web Informer

French Real-Estate Platform Figaro Immobilier Hit by Alleged 100K Invoice Leak

A threat actor using the alias ChimeraZ claims to have leaked a database allegedly belonging to Figaro Immobilier / Explorimmo, a French real-estate platform offering property listings for sale, rent, and vacation stays.

❤1

284 views16:31

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: French Real-Estate Tour Platform EnVisite Hit by Alleged 138K-Record Leak

Link: https://darkwebinformer.com/french-real-estate-tour-platform-envisite-hit-by-alleged-138k-record-leak/

Dark Web Informer

French Real-Estate Tour Platform EnVisite Hit by Alleged 138K-Record Leak

A threat actor using the alias ChimeraZ claims to have leaked a database allegedly belonging to EnVisite, a French platform for real-estate virtual tours used by agents to create and share interactive property presentations.

283 views16:51

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

Link: https://darkwebinformer.com/one-forged-header-unauthenticated-authentication-bypass-in-fortinet-forticlient-ems-cve-2026-35616/

Dark Web Informer

One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

Fortinet has disclosed a critical authentication bypass affecting FortiClient Endpoint Management Server (EMS).

292 views17:34

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: US Student Mental-Health Provider Mindpath College Health Listed on Ransomware Leak Site

Link: https://darkwebinformer.com/us-student-mental-health-provider-mindpath-college-health-listed-on-ransomware-leak-site/

Dark Web Informer

US Student Mental-Health Provider Mindpath College Health Listed on Ransomware Leak Site

Mindpath College Health, a US provider of mental and behavioral health services for college students, has been listed on a ransomware group's data-leak site.

305 views17:57

🔪 Slice For Life - Part 2 🔪

🚨🇫🇷 Groupe IMA allegedly targeted in 6.2GB data leak

A threat actor on an underground forum is claiming to have leaked data allegedly originating from Groupe IMA (Inter Mutuelles Habitat), a major French assistance provider that delivers 24/7 emergency support services, including roadside assistance, medical aid, and home repairs, on behalf of insurance companies and mutuals.

The actor claims the leak contains roughly 6.2 GB of data including invoices and other customer information.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Invoices
• Customer information

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Groupe IMA (Inter Mutuelles Habitat)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Insurance / Assistance Services
𝗔𝗰𝘁𝗼𝗿: NightLeVrai
𝗖𝗹𝗮𝗶𝗺: Leaked data
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~6.2 GB
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026

💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

❤1

301 views18:10

About

Blog

Apps

Platform