‼️ The FBI is providing a Public Service Announcement (PSA) warning that cyber criminals are creating fake versions of FIFA's website ahead of the 2026 World Cup to steal personal information, sell counterfeit tickets and hospitality packages, and enable further fraud such as opening accounts in victims' names.
Attackers use "typo squatting" by registering domains that resemble http://fifa.com through misspellings (e.g., fiffa, filfa, wvvw-fifa), alternative top-level domains (.org, .cab, .pink, .click), or fake subdomains (jobs-fifa[.com, fifa-careerhub[.com).
The FBI has already identified roughly 30+ spoofed domains, including fifa-2026[.xyz, worldcup26ticket[.com, fifa-ticket[.live, and fifaworldcup26[.sale, and expects more to appear through the tournament.
PSA: https://www.ic3.gov/PSA/2026/PSA260527
IOCs provided by the FBI are below:
www.fifa[.]cab
www.fifa[.]pink
www.fifa[.]blue
www.fifa[.]pub
FIFA[.]city
Fifa[.]bio
fifa[.]beer
fifa[.]click
fifa[.]cam
fifa[.]ceo
fifa[.]help
filfa[.]org
fifa-online[.]com
https://fifa-2026[.]xyz
jobs-fifa[.]com
fifa-hr[.]com
fifa-careerhub[.]com
fifaworldcup-careers[.]com
fifa-hiring[.]com
fifahiring[.]com
fifa-ticket[.]live
http://fifastore.us[.]com
fifaworldcup26[.]sale
fifaworldcup26.xcover-staging[.]com
http://worldcup2026-tickets.com[.]mx
worldcup26ticket[.]com
2026fifaworldcuptickets[.]online
fwc2026[.]net
fwc2026.web[.]app
www.fifa2026p[.]com
fifa2026fworldcup[.]com
wvvw-fifa[.]com
ww-fifa[.]com
fifa-com[.]com
www.fifa-com[.]services
quiniela-fifa-2026.pages[.]dev
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Attackers use "typo squatting" by registering domains that resemble http://fifa.com through misspellings (e.g., fiffa, filfa, wvvw-fifa), alternative top-level domains (.org, .cab, .pink, .click), or fake subdomains (jobs-fifa[.com, fifa-careerhub[.com).
The FBI has already identified roughly 30+ spoofed domains, including fifa-2026[.xyz, worldcup26ticket[.com, fifa-ticket[.live, and fifaworldcup26[.sale, and expects more to appear through the tournament.
PSA: https://www.ic3.gov/PSA/2026/PSA260527
IOCs provided by the FBI are below:
www.fifa[.]cab
www.fifa[.]pink
www.fifa[.]blue
www.fifa[.]pub
FIFA[.]city
Fifa[.]bio
fifa[.]beer
fifa[.]click
fifa[.]cam
fifa[.]ceo
fifa[.]help
filfa[.]org
fifa-online[.]com
https://fifa-2026[.]xyz
jobs-fifa[.]com
fifa-hr[.]com
fifa-careerhub[.]com
fifaworldcup-careers[.]com
fifa-hiring[.]com
fifahiring[.]com
fifa-ticket[.]live
http://fifastore.us[.]com
fifaworldcup26[.]sale
fifaworldcup26.xcover-staging[.]com
http://worldcup2026-tickets.com[.]mx
worldcup26ticket[.]com
2026fifaworldcuptickets[.]online
fwc2026[.]net
fwc2026.web[.]app
www.fifa2026p[.]com
fifa2026fworldcup[.]com
wvvw-fifa[.]com
ww-fifa[.]com
fifa-com[.]com
www.fifa-com[.]services
quiniela-fifa-2026.pages[.]dev
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
😁2
🚨 🇫🇷 A threat actor going by DumpsecIsBack is sharing an alleged data leak affecting multiple French companies including Biocoop, La Vie Claire, Naturalia, Satoriz, and Marcel & Fils on a popular cybercrime forum, claiming 5,635 company sales records.
‣ Threat Actor: DumpsecIsBack
‣ Category: Alleged Data Leak
‣ Target: Biocoop, La Vie Claire, Naturalia, Satoriz, Marcel & Fils, others (France)
‣ Format: CSV
The actor claims the dataset spans three files: 1,553 contact records, 5,640 company records, and 1,490 sales visit/appointment records, including names, roles, contact emails, phone numbers, company addresses, and detailed sales-visit notes. Samples were posted in the listing, with multiple file-sharing download links provided. The actor also announced plans for further leaks branded as "Black June" starting June 1, 2026. Authenticity is unverified.
Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‣ Threat Actor: DumpsecIsBack
‣ Category: Alleged Data Leak
‣ Target: Biocoop, La Vie Claire, Naturalia, Satoriz, Marcel & Fils, others (France)
‣ Format: CSV
The actor claims the dataset spans three files: 1,553 contact records, 5,640 company records, and 1,490 sales visit/appointment records, including names, roles, contact emails, phone numbers, company addresses, and detailed sales-visit notes. Samples were posted in the listing, with multiple file-sharing download links provided. The actor also announced plans for further leaks branded as "Black June" starting June 1, 2026. Authenticity is unverified.
Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
😭1
🚨 🇫🇷 A threat actor group going by AplaGroup is sharing an alleged data leak of Apogas Immobilier, a French real estate agency, on a popular cybercrime forum.
┌─────────────────────
│ 🎯 AplaGroup
│ 📂 Alleged Data Leak
│ 🏢 Apogas Immobilier
│ 🇫🇷 France
│ 🏠 Real Estate
└─────────────────────
The group claims the dataset includes an agents file with names, SIRET and VAT numbers, contact details, dates of birth, and marital status, plus a separate file of properties listed for sale. Authenticity is unverified.
Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
┌─────────────────────
│ 🎯 AplaGroup
│ 📂 Alleged Data Leak
│ 🏢 Apogas Immobilier
│ 🇫🇷 France
│ 🏠 Real Estate
└─────────────────────
The group claims the dataset includes an agents file with names, SIRET and VAT numbers, contact details, dates of birth, and marital status, plus a separate file of properties listed for sale. Authenticity is unverified.
Stop guessing what's redacted. Subscribers see everything: http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🚨🇫🇷 Certificat CléA allegedly targeted in database leak
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Certificat CléA, the French professional skills certification platform.
The actor claims the dataset contains roughly 63,260 rows of certification, evaluation, and personal data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Civility, full name, and maiden name fields
• First names and dates of birth
• Postal codes and city of birth
• Record creation, update, and send dates
• Creator and proprietary site data
• Establishment proprietor and evaluation site fields
• Last evaluation date and evaluation type
• Evaluator and jury certification details
• Jury date, structure, and location
• Action type and user fields
• Establishment, site, and external ID metadata
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Certificat CléA
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Education / Certification
𝗔𝗰𝘁𝗼𝗿: xMetah
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~63,260 rows
𝗣𝗿𝗶𝗰𝗲: 5 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Certificat CléA, the French professional skills certification platform.
The actor claims the dataset contains roughly 63,260 rows of certification, evaluation, and personal data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Civility, full name, and maiden name fields
• First names and dates of birth
• Postal codes and city of birth
• Record creation, update, and send dates
• Creator and proprietary site data
• Establishment proprietor and evaluation site fields
• Last evaluation date and evaluation type
• Evaluator and jury certification details
• Jury date, structure, and location
• Action type and user fields
• Establishment, site, and external ID metadata
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Certificat CléA
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Education / Certification
𝗔𝗰𝘁𝗼𝗿: xMetah
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~63,260 rows
𝗣𝗿𝗶𝗰𝗲: 5 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🚨🇧🇷 iGreen Energy allegedly targeted in massive database leak
A threat actor on an underground forum is claiming to have extracted and is selling a dataset allegedly originating from iGreen Energy, the Brazilian renewable energy company.
The actor claims the dataset contains roughly 5M total records across clients, consultants, financial, and operational data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• 1M+ client records (CPF/CNPJ, RG, DOB, email, phone, full address, utility account numbers, contract history)
• Plain-text passwords for tens of thousands of utility accounts (RGE, CEMIG, CEEE, EDP, CELESC, ELEKTRO, COPEL, ENEL, LIGHT, and others)
• 94,859 consultant records with PIX keys, balances, and withdrawal history
• 5,579 iGreenBank KYC accounts (CPF, mother's full name, KYC document type with issue date)
• 205,246 financial withdrawal records (CPF, PIX key, amount, date)
• 3.5M+ energy bill records (barcode, amount, due date, bill URL, kWh)
• 88,498 telecom contracts, 17,420 solar contracts, 20 active auto insurance records (CPF, license plate, VIN/chassis, RENAVAM, ICCID, holder data)
• 592 backoffice staff records (corporate email, access level, bcrypt + MD5 hashes)
• 1,507 physical document files (IDs, utility bill photos, articles of incorporation, CNPJ cards) with predictable S3 URLs
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: iGreen Energy
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Brazil 🇧🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Energy / Renewables
𝗔𝗰𝘁𝗼𝗿: masterblack
𝗖𝗹𝗮𝗶𝗺: Direct sale, dump extracted exclusively by actor
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~5M total records
𝗣𝗿𝗶𝗰𝗲: Not disclosed (single buyer only, no bulk resale)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have extracted and is selling a dataset allegedly originating from iGreen Energy, the Brazilian renewable energy company.
The actor claims the dataset contains roughly 5M total records across clients, consultants, financial, and operational data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• 1M+ client records (CPF/CNPJ, RG, DOB, email, phone, full address, utility account numbers, contract history)
• Plain-text passwords for tens of thousands of utility accounts (RGE, CEMIG, CEEE, EDP, CELESC, ELEKTRO, COPEL, ENEL, LIGHT, and others)
• 94,859 consultant records with PIX keys, balances, and withdrawal history
• 5,579 iGreenBank KYC accounts (CPF, mother's full name, KYC document type with issue date)
• 205,246 financial withdrawal records (CPF, PIX key, amount, date)
• 3.5M+ energy bill records (barcode, amount, due date, bill URL, kWh)
• 88,498 telecom contracts, 17,420 solar contracts, 20 active auto insurance records (CPF, license plate, VIN/chassis, RENAVAM, ICCID, holder data)
• 592 backoffice staff records (corporate email, access level, bcrypt + MD5 hashes)
• 1,507 physical document files (IDs, utility bill photos, articles of incorporation, CNPJ cards) with predictable S3 URLs
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: iGreen Energy
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Brazil 🇧🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Energy / Renewables
𝗔𝗰𝘁𝗼𝗿: masterblack
𝗖𝗹𝗮𝗶𝗺: Direct sale, dump extracted exclusively by actor
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~5M total records
𝗣𝗿𝗶𝗰𝗲: Not disclosed (single buyer only, no bulk resale)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 27, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Cyberattack News Alert
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Serpa
Domain:
Country: 🇵🇷 PR
Date: May 27th, 2026
Summary:
The municipality of Serpa fell victim to an external cyberattack targeting its IT infrastructure. The incident was immediately reported to the relevant authorities, including the National Cybersecurity Centre. Although the system is considered secure, municipal services continue to operate under constraints, including the absence of fixed and mobile communications.
Source: https://www.vozdaplanicie.pt/index.php/noticias/camara-municipal-de-serpa-alvo-de-ataque-informatico
━━━━━━━━━━━━━━━━━━━━━━━━━
Victim: Serpa
Domain:
cm-serpa.ptCountry: 🇵🇷 PR
Date: May 27th, 2026
Summary:
The municipality of Serpa fell victim to an external cyberattack targeting its IT infrastructure. The incident was immediately reported to the relevant authorities, including the National Cybersecurity Centre. Although the system is considered secure, municipal services continue to operate under constraints, including the absence of fixed and mobile communications.
Source: https://www.vozdaplanicie.pt/index.php/noticias/camara-municipal-de-serpa-alvo-de-ataque-informatico
Rádio Voz da Planície - 104.5FM - Beja
Autarquia de Serpa alvo de ataque informático | Rádio Voz da Planície - 104.5FM - Beja
A Câmara Municipal de Serpa informa através da sua página de Facebook Serpa Terra Forte, que a infraestrutura informática do município "foi alvo de um ataque externo, imediatamente reportado às autoridades competentes, designadamente ao Centro Nacional de…
🚨🇮🇳 850M India Nationwide Identity Dataset allegedly listed for sale
A threat actor on an underground forum is claiming to sell a nationwide identity dataset allegedly originating from HITEK, containing telecom-linked Aadhaar records from India.
The actor claims the dataset contains roughly 850M records in JSON format (~109 GB).
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Full names
• Father's names
• Aadhaar numbers (if linked)
• Full addresses
• Mobile numbers
• Alternative mobile numbers
• Email addresses
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: HITEK
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: India 🇮🇳
𝗦𝗲𝗰𝘁𝗼𝗿: Telecom / Identity
𝗔𝗰𝘁𝗼𝗿: deb163
𝗖𝗹𝗮𝗶𝗺: Full PII / Telecom-linked Aadhaar records
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~850,000,000 records (~109 GB)
𝗣𝗿𝗶𝗰𝗲: 8 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to sell a nationwide identity dataset allegedly originating from HITEK, containing telecom-linked Aadhaar records from India.
The actor claims the dataset contains roughly 850M records in JSON format (~109 GB).
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Full names
• Father's names
• Aadhaar numbers (if linked)
• Full addresses
• Mobile numbers
• Alternative mobile numbers
• Email addresses
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: HITEK
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: India 🇮🇳
𝗦𝗲𝗰𝘁𝗼𝗿: Telecom / Identity
𝗔𝗰𝘁𝗼𝗿: deb163
𝗖𝗹𝗮𝗶𝗺: Full PII / Telecom-linked Aadhaar records
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~850,000,000 records (~109 GB)
𝗣𝗿𝗶𝗰𝗲: 8 Points
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️ New Dark Web Informer Blog Post!
Title: Brazilian Food-Delivery Giant iFood Targeted in Alleged 43.8M-Record Customer Data Extortion
Link: https://darkwebinformer.com/brazilian-food-delivery-giant-ifood-targeted-in-alleged-43-8m-record-customer-data-extortion/
Title: Brazilian Food-Delivery Giant iFood Targeted in Alleged 43.8M-Record Customer Data Extortion
Link: https://darkwebinformer.com/brazilian-food-delivery-giant-ifood-targeted-in-alleged-43-8m-record-customer-data-extortion/
Dark Web Informer
Brazilian Food-Delivery Giant iFood Targeted in Alleged 43.8M-Record Customer Data Extortion
A threat actor using the alias bacen claims to hold 43,847,219 Brazilian iFood customer records, said to include CPF national IDs, full names, emails, phone numbers, and credit-card data.
‼️ ShinyHunters has leaked 42 Million records of data from Charter Communications.
DentaQuest has also been relisted after being taken down due to possible negotiations.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
DentaQuest has also been relisted after being taken down due to possible negotiations.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
STIX endpoints will be available for users who subscribe to the API sometime tomorrow as promised. I just need to finish updating the docs.
https://darkwebinformer.com/api-details/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://darkwebinformer.com/api-details/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Dark Web Informer
API Subscription Access
🔥1
‼️ New Dark Web Informer Blog Post!
Title: French Government Platform Resana Listed in Alleged 990K-Record User Data Sale
Link: https://darkwebinformer.com/french-government-platform-resana-listed-in-alleged-990k-record-user-data-sale/
Title: French Government Platform Resana Listed in Alleged 990K-Record User Data Sale
Link: https://darkwebinformer.com/french-government-platform-resana-listed-in-alleged-990k-record-user-data-sale/
Dark Web Informer
French Government Platform Resana Listed in Alleged 990K-Record User Data Sale
A threat actor using the alias xMetah claims to be selling a database allegedly belonging to Resana, a French government collaboration platform hosted on the state's numerique.gouv.fr domain.
‼️ New Dark Web Informer Blog Post!
Title: French Real-Estate Platform Figaro Immobilier Hit by Alleged 100K Invoice Leak
Link: https://darkwebinformer.com/french-real-estate-platform-figaro-immobilier-hit-by-alleged-100k-invoice-leak/
Title: French Real-Estate Platform Figaro Immobilier Hit by Alleged 100K Invoice Leak
Link: https://darkwebinformer.com/french-real-estate-platform-figaro-immobilier-hit-by-alleged-100k-invoice-leak/
Dark Web Informer
French Real-Estate Platform Figaro Immobilier Hit by Alleged 100K Invoice Leak
A threat actor using the alias ChimeraZ claims to have leaked a database allegedly belonging to Figaro Immobilier / Explorimmo, a French real-estate platform offering property listings for sale, rent, and vacation stays.
❤1
‼️ New Dark Web Informer Blog Post!
Title: French Real-Estate Tour Platform EnVisite Hit by Alleged 138K-Record Leak
Link: https://darkwebinformer.com/french-real-estate-tour-platform-envisite-hit-by-alleged-138k-record-leak/
Title: French Real-Estate Tour Platform EnVisite Hit by Alleged 138K-Record Leak
Link: https://darkwebinformer.com/french-real-estate-tour-platform-envisite-hit-by-alleged-138k-record-leak/
Dark Web Informer
French Real-Estate Tour Platform EnVisite Hit by Alleged 138K-Record Leak
A threat actor using the alias ChimeraZ claims to have leaked a database allegedly belonging to EnVisite, a French platform for real-estate virtual tours used by agents to create and share interactive property presentations.
‼️ New Dark Web Informer Blog Post!
Title: One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)
Link: https://darkwebinformer.com/one-forged-header-unauthenticated-authentication-bypass-in-fortinet-forticlient-ems-cve-2026-35616/
Title: One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)
Link: https://darkwebinformer.com/one-forged-header-unauthenticated-authentication-bypass-in-fortinet-forticlient-ems-cve-2026-35616/
Dark Web Informer
One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)
Fortinet has disclosed a critical authentication bypass affecting FortiClient Endpoint Management Server (EMS).
‼️ New Dark Web Informer Blog Post!
Title: US Student Mental-Health Provider Mindpath College Health Listed on Ransomware Leak Site
Link: https://darkwebinformer.com/us-student-mental-health-provider-mindpath-college-health-listed-on-ransomware-leak-site/
Title: US Student Mental-Health Provider Mindpath College Health Listed on Ransomware Leak Site
Link: https://darkwebinformer.com/us-student-mental-health-provider-mindpath-college-health-listed-on-ransomware-leak-site/
Dark Web Informer
US Student Mental-Health Provider Mindpath College Health Listed on Ransomware Leak Site
Mindpath College Health, a US provider of mental and behavioral health services for college students, has been listed on a ransomware group's data-leak site.
🚨🇫🇷 Groupe IMA allegedly targeted in 6.2GB data leak
A threat actor on an underground forum is claiming to have leaked data allegedly originating from Groupe IMA (Inter Mutuelles Habitat), a major French assistance provider that delivers 24/7 emergency support services, including roadside assistance, medical aid, and home repairs, on behalf of insurance companies and mutuals.
The actor claims the leak contains roughly 6.2 GB of data including invoices and other customer information.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Invoices
• Customer information
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Groupe IMA (Inter Mutuelles Habitat)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Insurance / Assistance Services
𝗔𝗰𝘁𝗼𝗿: NightLeVrai
𝗖𝗹𝗮𝗶𝗺: Leaked data
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~6.2 GB
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked data allegedly originating from Groupe IMA (Inter Mutuelles Habitat), a major French assistance provider that delivers 24/7 emergency support services, including roadside assistance, medical aid, and home repairs, on behalf of insurance companies and mutuals.
The actor claims the leak contains roughly 6.2 GB of data including invoices and other customer information.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Invoices
• Customer information
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Groupe IMA (Inter Mutuelles Habitat)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Insurance / Assistance Services
𝗔𝗰𝘁𝗼𝗿: NightLeVrai
𝗖𝗹𝗮𝗶𝗺: Leaked data
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~6.2 GB
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
❤1
🚨🇪🇨 Ecuadorian Armed Forces allegedly targeted in confidential insurance document leak
A threat actor on an underground forum is claiming to have leaked confidential insurance policy information allegedly originating from the Armed Forces of Ecuador (Fuerzas Armadas del Ecuador).
The actor claims the documents cover insurance policies worth more than $200,000,000 and include sensitive military data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Confidential insurance policy information
• Inventories
• Armament data
• Military vehicles
• Combat aircraft
• Warship details
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Fuerzas Armadas del Ecuador (Armed Forces of Ecuador)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Ecuador 🇪🇨
𝗦𝗲𝗰𝘁𝗼𝗿: Military / Defense
𝗔𝗰𝘁𝗼𝗿: V0lt4r0x
𝗖𝗹𝗮𝗶𝗺: Leaked confidential insurance documents
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: Insurance policies valued over $200,000,000
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked confidential insurance policy information allegedly originating from the Armed Forces of Ecuador (Fuerzas Armadas del Ecuador).
The actor claims the documents cover insurance policies worth more than $200,000,000 and include sensitive military data.
𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:
• Confidential insurance policy information
• Inventories
• Armament data
• Military vehicles
• Combat aircraft
• Warship details
𝗗𝗲𝘁𝗮𝗶𝗹𝘀:
𝗧𝗮𝗿𝗴𝗲𝘁: Fuerzas Armadas del Ecuador (Armed Forces of Ecuador)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Ecuador 🇪🇨
𝗦𝗲𝗰𝘁𝗼𝗿: Military / Defense
𝗔𝗰𝘁𝗼𝗿: V0lt4r0x
𝗖𝗹𝗮𝗶𝗺: Leaked confidential insurance documents
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: Insurance policies valued over $200,000,000
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 28, 2026
💥 Stop guessing what's redacted. Subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
The threat actor leaderboard and cybercrime website leaderboard that are in the early access program may stop working every once and a while for the next couple of weeks as I make changes for Threat Feed 3.0. Apologies in advance. Bonk me if I don't notice it.