🔪 Slice For Life - Part 2 🔪

🚨🇫🇷 Air Austral allegedly targeted in database leak

A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Air Austral, a French airline specializing in flights between the Indian Ocean, metropolitan France, southern Africa, and certain Asian destinations. The actor is releasing the data for free.

The actor claims the leak contains roughly 1K records in JSON format (~125 KB), appearing to be employee/staff data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• First and last names
• Email addresses
• Job titles (fonction)
• Department/service
• Location (localisation)

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Air Austral
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Aviation / Airline
𝗔𝗰𝘁𝗼𝗿: ChimeraZ
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~1K records (~125 KB)
𝗣𝗿𝗶𝗰𝗲: Free
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

245 views16:05

🚨🇬🇧🇮🇪 Nando's allegedly targeted in employee database breach

A threat actor on an underground forum is claiming to sell an employee database allegedly originating from Nando's, the restaurant chain. The actor says the breach occurred as of May 30, 2026, and the data consists mainly of UK and Irish employees.

The actor claims the database contains 87,000 records of past and current "Nandoca" employees.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Full names
• Job titles and supervisory groups
• Business and personal email addresses
• Mobile and landline phone numbers
• Employment locations
• Employee roles
• Business locations and numbers
• Cost center information
• Job listing information including salaries

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Nando's
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: United Kingdom 🇬🇧 / Ireland 🇮🇪
𝗦𝗲𝗰𝘁𝗼𝗿: Retail / Restaurant
𝗔𝗰𝘁𝗼𝗿: failing2
𝗖𝗹𝗮𝗶𝗺: Leaked employee database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: 87,000 records
𝗣𝗿𝗶𝗰𝗲: $1,000
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

284 views16:18

🔪 Slice For Life - Part 2 🔪

🚨 FedEx account checker tool advertised on underground forum

A threat actor on an underground forum is advertising a FedEx "mail pass" account checker, a credential-stuffing tool designed to validate stolen email/password combinations against FedEx accounts. The seller markets it as request-based with updated API handling and anti-bot bypass.

The listing promotes the tool to other forum members and claims it can pull account profile data from validated logins.

𝗪𝗵𝗮𝘁'𝘀 𝗯𝗲𝗶𝗻𝗴 𝗮𝗱𝘃𝗲𝗿𝘁𝗶𝘀𝗲𝗱:

• A request-based credential checker targeting FedEx accounts
• Claimed anti-bot / WAF bypass handling
• Automated validation of email:password combolists
• Capture of account profile details from valid logins (name, contact info, address, account balance fields)
• Marketed throughput of several hundred checks per minute
• Sold as a single GO script copy

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: FedEx (account checker tooling)
𝗦𝗲𝗰𝘁𝗼𝗿: Cybercrime Tooling
𝗔𝗰𝘁𝗼𝗿: DataKernel
𝗖𝗹𝗮𝗶𝗺: Selling FedEx credential-checking tool
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: Account-validation / credential-stuffing tool
𝗣𝗿𝗶𝗰𝗲: Single copy (middleman accepted)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

320 views17:51

🔪 Slice For Life - Part 2 🔪

🚨🇫🇷 Avantages Enseignants allegedly targeted in 126K database leak

A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Avantages Enseignants, a French platform dedicated to education professionals (teachers and staff in the National Education system).

The actor claims the leak contains roughly 126K records across customer and account data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• First and last names
• Email addresses
• Passwords (hashed)
• Telephone numbers
• IP addresses
• Fax and cart data
• Tokens and codes
• Account status and approval fields
• Wishlist and custom field data
• Profile pictures and newsletter status
• Account creation and reminder timestamps

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Avantages Enseignants
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Education
𝗔𝗰𝘁𝗼𝗿: kvantize
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~126K records
𝗣𝗿𝗶𝗰𝗲: 1 Point
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

300 views20:57

🔪 Slice For Life - Part 2 🔪

🚨🇨🇴 GamaSoft allegedly targeted in 150GB+ data breach

A threat actor on an underground forum is claiming to have exfiltrated data allegedly originating from GamaSoft, a Colombian company specializing in POS software for the food and beverage sector. The actor notes the company has over 25 years of experience, more than 4,200 installations across Colombia, and generates over 6 million invoices monthly.

The actor claims to have exfiltrated over 150 GB of data including software installers, databases, backups, invoices, and inventory information.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Client and contact names
• Email addresses
• Phone and mobile numbers
• Addresses and municipality data
• Representative names and identity documents
• Business/owner details and roles
• Tax and franchise data
• Software installers and client databases
• MySQL dumps (.csv, .sql) and backups from 2015 to 2017
• PDF and XML invoices (facturas)
• Support folder, activators, and software backups

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: GamaSoft
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Colombia 🇨🇴
𝗦𝗲𝗰𝘁𝗼𝗿: Technology / POS Software
𝗔𝗰𝘁𝗼𝗿: tillthaend
𝗖𝗹𝗮𝗶𝗺: Exfiltrated databases, clients, and software
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: 150 GB+ of data
𝗣𝗿𝗶𝗰𝗲: Free (reply to unlock)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

309 views21:04

🔪 Slice For Life - Part 2 🔪

🚨🇮🇷 Hajj and Pilgrimage Organization allegedly targeted in breach exposing 168M+ records for $80,000 BTC

A threat actor on an underground forum is claiming to sell a database allegedly originating from the Hajj and Pilgrimage Organization in Iran, the government body managing pilgrimage travel.

The actor claims the dataset contains more than 168 million records spanning 1984 to 2024.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Full names, father's name, dates and places of birth
• National codes (SSN), ID numbers, national card serial numbers
• Marital status and occupation
• Contact information (home/work addresses, postal codes, phone numbers)
• Passport details (number, issue/expiration dates) and passport scans
• Traveler photos
• Travel flight and insurance information
• Security deposit and banking/payment documents
• Pilgrimage broker and accommodation information
• Details of government officials, NAJA forces, Basij forces, and clerics
• Allocated quota data (including martyr families)
• Source code of Hajj apps and services

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Hajj and Pilgrimage Organization of Iran
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Iran 🇮🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Government
𝗔𝗰𝘁𝗼𝗿: irleak
𝗖𝗹𝗮𝗶𝗺: Database for sale
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: 168M+ records (1984 to 2024)
𝗣𝗿𝗶𝗰𝗲: $80,000 BTC
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

❤1

396 views21:10

🔪 Slice For Life - Part 2 🔪

https://x.com/weezerOSINT/status/2061223556994965643

X (formerly Twitter)

impulsive (@weezerOSINT) on X

meta gave their AI support agent the ability to modify your instagram account. no identity verification. people figured this out and accounts are being taken over right now

403 views23:37

🔪 Slice For Life - Part 2 🔪

https://x.com/weezerOSINT/status/2061223556994965643

https://t.me/feds/1024

1:35

Feds

Method:
vpn to match the target account country region > reset password> ask for more help > chat with AI > ask AI to switch email for you.

This lit allows u to pull 90% of IG accounts

Note: yall should help each other in @fedschat,
@FEDS

464 views00:10

🔪 Slice For Life - Part 2 🔪

https://t.me/feds/1024

Another video... https://x.com/i/status/2061253599758315527

X (formerly Twitter)

Dark Web Informer (@DarkWebInformer) on X

🚨 Instagram had an exploit that allowed you to use Meta AI to reset passwords to accounts with no MFA on them. The exploit was patched a short time ago.

419 views01:52

🔪 Slice For Life - Part 2 🔪

🚨🇵🇪 DIRANDRO (Peruvian National Police) allegedly targeted by L4TAMFUCK3RS

A threat actor group on an underground forum, identifying as L4TAMFUCK3RS, is claiming to sell a full database allegedly originating from DIRANDRO, the specialized anti-drug-trafficking division of the Peruvian National Police (Policía Nacional del Perú). The actors claim all police/military personnel records are included.

The actors claim the database contains roughly 300K folders (people) totaling about 7.8 GB.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Full names, surnames, national ID numbers (DNI), and police ID codes (CIP)
• Dates of birth, gender, marital status, education level
• Parents' full names
• Full residential addresses
• Civil registry data and identification codes (NIF)
• Police intervention/operation details and incident narratives
• Exact event coordinates and penitentiary facility references
• Seized substance details and evidence labels
• Detained individuals' names, ages, and DNI numbers
• Document metadata and institutional info (PNP, INPE, Public Prosecutor)
• Internal personnel records (CIP, DNI, names, registration dates)
• Scanned national ID document images and photographs
• Military-related records

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: DIRANDRO (Policía Nacional del Perú)
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Peru 🇵🇪
𝗦𝗲𝗰𝘁𝗼𝗿: Government / Law Enforcement
𝗔𝗰𝘁𝗼𝗿: cantpwn (L4TAMFUCK3RS)
𝗖𝗹𝗮𝗶𝗺: Full police database for sale
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~300K folders/people (~7.8 GB)
𝗣𝗿𝗶𝗰𝗲: $700
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

290 views15:04

🔪 Slice For Life - Part 2 🔪

🚨🇪🇸 Spanish gas company allegedly targeted in database sale exposing IBANs and phones

A threat actor on an underground forum is claiming to sell a database allegedly belonging to a Spanish gas company. The actor describes the leads as fresh and says the data was obtained via a hack/vulnerability and has never been sold before.

The actor claims the database contains roughly 555K unique records including banking and contact details.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Full names (name, surname 1, surname 2)
• Identification numbers and type
• Phone numbers (two per record)
• Email addresses
• IBAN bank account numbers
• Bank identifiers
• Province, locality, and postal code

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Undisclosed Spanish gas company
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Spain 🇪🇸
𝗦𝗲𝗰𝘁𝗼𝗿: Energy / Utilities
𝗔𝗰𝘁𝗼𝗿: jordanbelfortwolf
𝗖𝗹𝗮𝗶𝗺: Database for sale (obtained via hack/vulnerability)
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~555K unique records
𝗣𝗿𝗶𝗰𝗲: Not disclosed (contact to purchase)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: May 31, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

❤1😈1

266 views15:17

🔪 Slice For Life - Part 2 🔪

‼️ New Dark Web Informer Blog Post!

Title: Threat Actor Claims to Sell Live Web-Shell Access to a NASA Web Application

Link: https://darkwebinformer.com/threat-actor-claims-to-sell-live-web-shell-access-to-a-nasa-web-application/

Dark Web Informer

Threat Actor Claims to Sell Live Web-Shell Access to a NASA Web Application

A threat actor using the alias hackformetome claims to be selling persistent web-shell access and a related exploit to a compromised NASA .gov web application, advertising remote code execution and the ability to pivot into internal network ranges.

284 views15:35

🔪 Slice For Life - Part 2 🔪

🚨 Nornikovik hidden browser malware advertised on underground forum

A threat actor on an underground forum is advertising Nornikovik, a hidden-browser malware marketed as fileless and undetected. The seller describes it as a tool that runs a victim's browser silently in the background, lets the operator control it remotely, and can load the victim's saved browser data.

The listing promotes the tool to other forum members for the purpose of covert remote browser session hijacking and data theft.

𝗪𝗵𝗮𝘁'𝘀 𝗯𝗲𝗶𝗻𝗴 𝗮𝗱𝘃𝗲𝗿𝘁𝗶𝘀𝗲𝗱:

• A covert ("hidden") remote browser controlled by the attacker
• Claimed fileless operation and self-deletion after execution
• Ability to load victim browser data (cookies and autofills)
• Support for multiple mainstream browsers (Chrome, Edge, Brave, Yandex, OperaGX, Vivaldi)
• Claimed anti-analysis and anti-VM features
• Multiple persistence methods
• A builder and listener interface

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: N/A (offensive malware)
𝗦𝗲𝗰𝘁𝗼𝗿: Cybercrime Tooling / Malware-as-a-Service
𝗔𝗰𝘁𝗼𝗿: solitaryElite
𝗖𝗹𝗮𝗶𝗺: Selling fileless hidden-browser malware
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: Covert browser session hijacking and data theft tool
𝗣𝗿𝗶𝗰𝗲: Listed via autobuy (middleman accepted)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: June 1, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

242 views16:56

🔪 Slice For Life - Part 2 🔪

Sure bro.

232 views17:28

🔪 Slice For Life - Part 2 🔪

🚨🇫🇷 Le Média Pour Tous allegedly targeted in 13K database leak

A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Le Média Pour Tous, an independent French media outlet created by Vincent Lapierre. The actor notes the data is not from the current year.

The actor claims the leak contains roughly 13K records across user and account data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Usernames and login names
• Passwords (hashed)
• First and last names / nicknames
• Email addresses
• User URLs
• Registration dates and display names
• User roles and account status
• Session tokens
• Account settings and metadata

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Le Média Pour Tous
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: France 🇫🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Media / Publishing
𝗔𝗰𝘁𝗼𝗿: kvantize
𝗖𝗹𝗮𝗶𝗺: Leaked database
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~13K records
𝗣𝗿𝗶𝗰𝗲: 1 Point
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: June 1, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

232 views17:51

🔪 Slice For Life - Part 2 🔪

🚨🇮🇹 Burger King Italy allegedly targeted in 5M database leak

A threat actor on an underground forum is claiming to sell a database allegedly originating from Burger King Italy, the well-established fast-food chain with more than 150 restaurants in the country.

The actor claims the database contains roughly 5M records, appearing to be loyalty program customer data.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• First and last names
• Email addresses
• Loyalty card codes
• Points and ranking points

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Burger King Italy
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Italy 🇮🇹
𝗦𝗲𝗰𝘁𝗼𝗿: Retail / Restaurant
𝗔𝗰𝘁𝗼𝗿: kvantize
𝗖𝗹𝗮𝗶𝗺: Database for sale
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~5M records
𝗣𝗿𝗶𝗰𝗲: Not disclosed (contact to purchase)
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: June 1, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

209 views18:27

🔪 Slice For Life - Part 2 🔪

🚨🇹🇷 Goknur Gida allegedly targeted in 10.7 TB breach with a ransom of 25 BTC

A threat actor on an underground forum is claiming to sell data allegedly originating from Goknur Gida A.Ş., a Turkish food and beverage manufacturer. The actor claims to have compromised the company's infrastructure including Active Directory, SCADA/PLC systems, and virtualization environment.

The actor claims the breach totals roughly 10.7 TB, including 5.2 TB of backups, 3.3 TB of file servers, and 2.2 TB of user data and documents.

𝗪𝗵𝗮𝘁'𝘀 𝗮𝗹𝗹𝗲𝗴𝗲𝗱𝗹𝘆 𝗲𝘅𝗽𝗼𝘀𝗲𝗱:

• Active Directory architecture and NTDS.dit dumps
• SCADA, PLC, and RTU configurations
• Network device, ESXi, and virtualization infrastructure data
• Customer information, contracts, and commercial data
• Bank account information, financial records, and cash flow
• Employee salary sheets, Turkish ID numbers, and authentication data
• Employee passport information
• Employee and executive phone numbers and contact directory
• Production recipes, formulas, and industrial know-how
• Product designs, CAD drawings, R&D data, and patents
• Supply chain, procurement, and logistics data
• Raw material, inventory, and stock management databases
• ERP and CRM systems
• IT infrastructure, backups, cybersecurity protocols, and firewall rules
• Subcontractor, distributor, dealer, and service provider contracts

𝗗𝗲𝘁𝗮𝗶𝗹𝘀:

𝗧𝗮𝗿𝗴𝗲𝘁: Goknur Gida A.Ş.
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Turkey 🇹🇷
𝗦𝗲𝗰𝘁𝗼𝗿: Food and Beverage / Manufacturing
𝗔𝗰𝘁𝗼𝗿: DreamFyre
𝗖𝗹𝗮𝗶𝗺: Full infrastructure breach for sale
𝗘𝘅𝗽𝗼𝘀𝘂𝗿𝗲: ~10.7 TB
𝗣𝗿𝗶𝗰𝗲: 25 BTC
𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱: June 1, 2026

💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

189 views19:14

About

Blog

Apps

Platform