๐จ Nornikovik hidden browser malware advertised on underground forum
A threat actor on an underground forum is advertising Nornikovik, a hidden-browser malware marketed as fileless and undetected. The seller describes it as a tool that runs a victim's browser silently in the background, lets the operator control it remotely, and can load the victim's saved browser data.
The listing promotes the tool to other forum members for the purpose of covert remote browser session hijacking and data theft.
๐ช๐ต๐ฎ๐'๐ ๐ฏ๐ฒ๐ถ๐ป๐ด ๐ฎ๐ฑ๐๐ฒ๐ฟ๐๐ถ๐๐ฒ๐ฑ:
โข A covert ("hidden") remote browser controlled by the attacker
โข Claimed fileless operation and self-deletion after execution
โข Ability to load victim browser data (cookies and autofills)
โข Support for multiple mainstream browsers (Chrome, Edge, Brave, Yandex, OperaGX, Vivaldi)
โข Claimed anti-analysis and anti-VM features
โข Multiple persistence methods
โข A builder and listener interface
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: N/A (offensive malware)
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Cybercrime Tooling / Malware-as-a-Service
๐๐ฐ๐๐ผ๐ฟ: solitaryElite
๐๐น๐ฎ๐ถ๐บ: Selling fileless hidden-browser malware
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Covert browser session hijacking and data theft tool
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Listed via autobuy (middleman accepted)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is advertising Nornikovik, a hidden-browser malware marketed as fileless and undetected. The seller describes it as a tool that runs a victim's browser silently in the background, lets the operator control it remotely, and can load the victim's saved browser data.
The listing promotes the tool to other forum members for the purpose of covert remote browser session hijacking and data theft.
๐ช๐ต๐ฎ๐'๐ ๐ฏ๐ฒ๐ถ๐ป๐ด ๐ฎ๐ฑ๐๐ฒ๐ฟ๐๐ถ๐๐ฒ๐ฑ:
โข A covert ("hidden") remote browser controlled by the attacker
โข Claimed fileless operation and self-deletion after execution
โข Ability to load victim browser data (cookies and autofills)
โข Support for multiple mainstream browsers (Chrome, Edge, Brave, Yandex, OperaGX, Vivaldi)
โข Claimed anti-analysis and anti-VM features
โข Multiple persistence methods
โข A builder and listener interface
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: N/A (offensive malware)
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Cybercrime Tooling / Malware-as-a-Service
๐๐ฐ๐๐ผ๐ฟ: solitaryElite
๐๐น๐ฎ๐ถ๐บ: Selling fileless hidden-browser malware
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Covert browser session hijacking and data theft tool
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Listed via autobuy (middleman accepted)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท Le Mรฉdia Pour Tous allegedly targeted in 13K database leak
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Le Mรฉdia Pour Tous, an independent French media outlet created by Vincent Lapierre. The actor notes the data is not from the current year.
The actor claims the leak contains roughly 13K records across user and account data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Usernames and login names
โข Passwords (hashed)
โข First and last names / nicknames
โข Email addresses
โข User URLs
โข Registration dates and display names
โข User roles and account status
โข Session tokens
โข Account settings and metadata
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Le Mรฉdia Pour Tous
๐๐ผ๐๐ป๐๐ฟ๐: France ๐ซ๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Media / Publishing
๐๐ฐ๐๐ผ๐ฟ: kvantize
๐๐น๐ฎ๐ถ๐บ: Leaked database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~13K records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 1 Point
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from Le Mรฉdia Pour Tous, an independent French media outlet created by Vincent Lapierre. The actor notes the data is not from the current year.
The actor claims the leak contains roughly 13K records across user and account data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Usernames and login names
โข Passwords (hashed)
โข First and last names / nicknames
โข Email addresses
โข User URLs
โข Registration dates and display names
โข User roles and account status
โข Session tokens
โข Account settings and metadata
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Le Mรฉdia Pour Tous
๐๐ผ๐๐ป๐๐ฟ๐: France ๐ซ๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Media / Publishing
๐๐ฐ๐๐ผ๐ฟ: kvantize
๐๐น๐ฎ๐ถ๐บ: Leaked database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~13K records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 1 Point
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฎ๐น Burger King Italy allegedly targeted in 5M database leak
A threat actor on an underground forum is claiming to sell a database allegedly originating from Burger King Italy, the well-established fast-food chain with more than 150 restaurants in the country.
The actor claims the database contains roughly 5M records, appearing to be loyalty program customer data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข First and last names
โข Email addresses
โข Loyalty card codes
โข Points and ranking points
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Burger King Italy
๐๐ผ๐๐ป๐๐ฟ๐: Italy ๐ฎ๐น
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Retail / Restaurant
๐๐ฐ๐๐ผ๐ฟ: kvantize
๐๐น๐ฎ๐ถ๐บ: Database for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~5M records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Not disclosed (contact to purchase)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to sell a database allegedly originating from Burger King Italy, the well-established fast-food chain with more than 150 restaurants in the country.
The actor claims the database contains roughly 5M records, appearing to be loyalty program customer data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข First and last names
โข Email addresses
โข Loyalty card codes
โข Points and ranking points
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Burger King Italy
๐๐ผ๐๐ป๐๐ฟ๐: Italy ๐ฎ๐น
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Retail / Restaurant
๐๐ฐ๐๐ผ๐ฟ: kvantize
๐๐น๐ฎ๐ถ๐บ: Database for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~5M records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Not disclosed (contact to purchase)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐น๐ท Goknur Gida allegedly targeted in 10.7 TB breach with a ransom of 25 BTC
A threat actor on an underground forum is claiming to sell data allegedly originating from Goknur Gida A.ล., a Turkish food and beverage manufacturer. The actor claims to have compromised the company's infrastructure including Active Directory, SCADA/PLC systems, and virtualization environment.
The actor claims the breach totals roughly 10.7 TB, including 5.2 TB of backups, 3.3 TB of file servers, and 2.2 TB of user data and documents.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Active Directory architecture and NTDS.dit dumps
โข SCADA, PLC, and RTU configurations
โข Network device, ESXi, and virtualization infrastructure data
โข Customer information, contracts, and commercial data
โข Bank account information, financial records, and cash flow
โข Employee salary sheets, Turkish ID numbers, and authentication data
โข Employee passport information
โข Employee and executive phone numbers and contact directory
โข Production recipes, formulas, and industrial know-how
โข Product designs, CAD drawings, R&D data, and patents
โข Supply chain, procurement, and logistics data
โข Raw material, inventory, and stock management databases
โข ERP and CRM systems
โข IT infrastructure, backups, cybersecurity protocols, and firewall rules
โข Subcontractor, distributor, dealer, and service provider contracts
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Goknur Gida A.ล.
๐๐ผ๐๐ป๐๐ฟ๐: Turkey ๐น๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Food and Beverage / Manufacturing
๐๐ฐ๐๐ผ๐ฟ: DreamFyre
๐๐น๐ฎ๐ถ๐บ: Full infrastructure breach for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~10.7 TB
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 25 BTC
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to sell data allegedly originating from Goknur Gida A.ล., a Turkish food and beverage manufacturer. The actor claims to have compromised the company's infrastructure including Active Directory, SCADA/PLC systems, and virtualization environment.
The actor claims the breach totals roughly 10.7 TB, including 5.2 TB of backups, 3.3 TB of file servers, and 2.2 TB of user data and documents.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Active Directory architecture and NTDS.dit dumps
โข SCADA, PLC, and RTU configurations
โข Network device, ESXi, and virtualization infrastructure data
โข Customer information, contracts, and commercial data
โข Bank account information, financial records, and cash flow
โข Employee salary sheets, Turkish ID numbers, and authentication data
โข Employee passport information
โข Employee and executive phone numbers and contact directory
โข Production recipes, formulas, and industrial know-how
โข Product designs, CAD drawings, R&D data, and patents
โข Supply chain, procurement, and logistics data
โข Raw material, inventory, and stock management databases
โข ERP and CRM systems
โข IT infrastructure, backups, cybersecurity protocols, and firewall rules
โข Subcontractor, distributor, dealer, and service provider contracts
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Goknur Gida A.ล.
๐๐ผ๐๐ป๐๐ฟ๐: Turkey ๐น๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Food and Beverage / Manufacturing
๐๐ฐ๐๐ผ๐ฟ: DreamFyre
๐๐น๐ฎ๐ถ๐บ: Full infrastructure breach for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~10.7 TB
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 25 BTC
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฒ๐ฝ Instituto Tecnolรณgico del Valle de Etla allegedly targeted in database leak
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from the Instituto Tecnolรณgico del Valle de Etla, a technological institute in Oaxaca, Mexico. The actor is releasing the data for free.
The actor claims the leak contains student and applicant records with extensive personal and academic data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (first name, paternal and maternal surnames)
โข Mobile phone numbers
โข Dates of birth
โข Email addresses (Gmail)
โข Gender and age
โข CURP (national ID) and UID
โข Application folio and status
โข State of birth and nationality
โข Campus ID
โข Indigenous language and disability fields
โข Income received (financial aid)
โข Municipality violence/marginalization indicators
โข School records (general average, periods)
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Instituto Tecnolรณgico del Valle de Etla
๐๐ผ๐๐ป๐๐ฟ๐: Mexico ๐ฒ๐ฝ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Education
๐๐ฐ๐๐ผ๐ฟ: MagoSpeak
๐๐น๐ฎ๐ถ๐บ: Leaked student/applicant database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Student and applicant records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from the Instituto Tecnolรณgico del Valle de Etla, a technological institute in Oaxaca, Mexico. The actor is releasing the data for free.
The actor claims the leak contains student and applicant records with extensive personal and academic data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (first name, paternal and maternal surnames)
โข Mobile phone numbers
โข Dates of birth
โข Email addresses (Gmail)
โข Gender and age
โข CURP (national ID) and UID
โข Application folio and status
โข State of birth and nationality
โข Campus ID
โข Indigenous language and disability fields
โข Income received (financial aid)
โข Municipality violence/marginalization indicators
โข School records (general average, periods)
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Instituto Tecnolรณgico del Valle de Etla
๐๐ผ๐๐ป๐๐ฟ๐: Mexico ๐ฒ๐ฝ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Education
๐๐ฐ๐๐ผ๐ฟ: MagoSpeak
๐๐น๐ฎ๐ถ๐บ: Leaked student/applicant database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Student and applicant records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฒ๐ฝ Universidad Tecnolรณgica del Centro allegedly targeted in 4,361-record leak
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from the Universidad Tecnolรณgica del Centro, a technological university in Mexico. The actor is releasing the data for free.
The actor claims the leak contains 4,361 student/applicant records with extensive personal and academic data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (first name, paternal and maternal surnames)
โข Mobile phone numbers
โข Dates of birth
โข Email addresses (Gmail)
โข Gender and age
โข CURP (national ID) and UID
โข Application folio and status
โข State of birth and nationality
โข Campus ID and SIGED campus key
โข School record key and campus
โข Indigenous language and disability fields
โข Income received (financial aid)
โข Municipality violence/marginalization indicators
โข School records (general average, periods)
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Universidad Tecnolรณgica del Centro
๐๐ผ๐๐ป๐๐ฟ๐: Mexico ๐ฒ๐ฝ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Education
๐๐ฐ๐๐ผ๐ฟ: MagoSpeak
๐๐น๐ฎ๐ถ๐บ: Leaked student/applicant database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 4,361 records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to have leaked a database allegedly originating from the Universidad Tecnolรณgica del Centro, a technological university in Mexico. The actor is releasing the data for free.
The actor claims the leak contains 4,361 student/applicant records with extensive personal and academic data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (first name, paternal and maternal surnames)
โข Mobile phone numbers
โข Dates of birth
โข Email addresses (Gmail)
โข Gender and age
โข CURP (national ID) and UID
โข Application folio and status
โข State of birth and nationality
โข Campus ID and SIGED campus key
โข School record key and campus
โข Indigenous language and disability fields
โข Income received (financial aid)
โข Municipality violence/marginalization indicators
โข School records (general average, periods)
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Universidad Tecnolรณgica del Centro
๐๐ผ๐๐ป๐๐ฟ๐: Mexico ๐ฒ๐ฝ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Education
๐๐ฐ๐๐ผ๐ฟ: MagoSpeak
๐๐น๐ฎ๐ถ๐บ: Leaked student/applicant database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 4,361 records
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โผ๏ธ New Dark Web Informer Blog Post!
Title: Threat Actor Claims to Sell 24 Million Confidential SENIAT Venezuela Tax Records, 30 GB
Link: https://darkwebinformer.com/threat-actor-claims-to-sell-24-million-confidential-seniat-venezuela-tax-records-30-gb/
Title: Threat Actor Claims to Sell 24 Million Confidential SENIAT Venezuela Tax Records, 30 GB
Link: https://darkwebinformer.com/threat-actor-claims-to-sell-24-million-confidential-seniat-venezuela-tax-records-30-gb/
Dark Web Informer
Threat Actor Claims to Sell 24 Million Confidential SENIAT Venezuela Tax Records, 30 GB
A threat actor using the alias malconguerra2 claims to be selling a 30 GB confidential dataset attributed to SENIAT, Venezuela's national tax and customs authority.
โผ๏ธ New Dark Web Informer Blog Post!
Title: Threat Actor Claims to Leak an INEGI Mexico Database Dump, 122K Businesses + 30K PII Records
Link: https://darkwebinformer.com/threat-actor-claims-to-leak-an-inegi-mexico-database-dump-122k-businesses-30k-pii-records/
Title: Threat Actor Claims to Leak an INEGI Mexico Database Dump, 122K Businesses + 30K PII Records
Link: https://darkwebinformer.com/threat-actor-claims-to-leak-an-inegi-mexico-database-dump-122k-businesses-30k-pii-records/
Dark Web Informer
Threat Actor Claims to Leak an INEGI Mexico Database Dump, 122K Businesses + 30K PII Records
A threat actor using the alias sativa claims to have leaked a database dump attributed to INEGI, Mexico's national statistics institute, allegedly sourced from internal GOB.MX services.
๐จ๐ช๐ฌ Homzmart allegedly targeted in database leak
A threat actor on an underground forum is claiming to publish the full database allegedly originating from Homzmart, a furniture and home goods e-commerce marketplace based in Egypt.
The actor claims the leak includes a partial dump of roughly 4 GB plus a separate sellers database (~600M), covering customer, order, and seller data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Customer records (~1M) and customer addresses (~1M)
โข Sales order addresses (~3M)
โข Sales order payments, grids, orders, and invoices (~1M each)
โข Order items
โข Seller records, addresses, and business information
โข Seller bank accounts
โข User accounts
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Homzmart
๐๐ผ๐๐ป๐๐ฟ๐: Egypt ๐ช๐ฌ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Retail / E-commerce
๐๐ฐ๐๐ผ๐ฟ: hackformetome
๐๐น๐ฎ๐ถ๐บ: Full database leak
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~4 GB partial dump plus ~600M sellers database
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 5 Points
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
A threat actor on an underground forum is claiming to publish the full database allegedly originating from Homzmart, a furniture and home goods e-commerce marketplace based in Egypt.
The actor claims the leak includes a partial dump of roughly 4 GB plus a separate sellers database (~600M), covering customer, order, and seller data.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Customer records (~1M) and customer addresses (~1M)
โข Sales order addresses (~3M)
โข Sales order payments, grids, orders, and invoices (~1M each)
โข Order items
โข Seller records, addresses, and business information
โข Seller bank accounts
โข User accounts
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Homzmart
๐๐ผ๐๐ป๐๐ฟ๐: Egypt ๐ช๐ฌ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Retail / E-commerce
๐๐ฐ๐๐ผ๐ฟ: hackformetome
๐๐น๐ฎ๐ถ๐บ: Full database leak
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~4 GB partial dump plus ~600M sellers database
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: 5 Points
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
Session announced on Friday that the project will be moving forward. The video is an hour long, but here is a good TLDR: https://x.com/VitalikButerin/status/2060407073196609539
https://x.com/session_app/status/2060268719864172545
https://x.com/session_app/status/2060268719864172545
X (formerly Twitter)
vitalik.eth (@VitalikButerin) on X
@session_app Pasting my (of course locally-generated) AI summary for those interested.
Glad to see you guys are able to keep going!
Glad to see you guys are able to keep going!
๐ฅ2
๐จ Possible detection of Red Hat infostealer credentials that may have been used in the npm attack. @SocketSecurity
https://x.com/whiteintel_io/status/2061549988765663609
https://x.com/whiteintel_io/status/2061549988765663609
X (formerly Twitter)
Whiteintel (@whiteintel_io) on X
We have detected a Red Hat GitHub credential and session cookie in infostealer logs on April 13 and May 15, 2026 - potentially linked to the Miasma supply chain attack. While we cannot confirm a direct connection, the timing is notably suspicious.
httpโฆ
httpโฆ
๐จ Spanish police detain suspect over leak of government employees' personal data
https://www.bleepingcomputer.com/news/security/spain-arrests-doxer-leaking-sensitive-data-of-govt-employees/
"The police notes that the published data was from the State Attorney General's Office, INCIBE, the National Police, the Civil Guard, and the National Security Council, all critical entities in the country."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.bleepingcomputer.com/news/security/spain-arrests-doxer-leaking-sensitive-data-of-govt-employees/
"The police notes that the published data was from the State Attorney General's Office, INCIBE, the National Police, the Civil Guard, and the National Security Council, all critical entities in the country."
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
BleepingComputer
Spain arrests doxer leaking sensitive data of govt employees
The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE).
๐จ Possible new Instagram exploit is currently making its rounds, separate from the one yesterday. h/t: TG Feds
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1๐ญ1
๐จ MaitreSearch stolen-data lookup service advertised on underground forum
A threat actor on an underground forum is advertising MaitreSearch, a Telegram-based search service marketed to "OSINT" users that lets subscribers query a large database of breached and stealer-log data. The seller describes the dataset as drawn from both public and private sources and bundles credential-handling tools alongside it.
The listing promotes paid, credit-based access to other forum members for searching stolen personal and account data.
๐ช๐ต๐ฎ๐'๐ ๐ฏ๐ฒ๐ถ๐ป๐ด ๐ฎ๐ฑ๐๐ฒ๐ฟ๐๐ถ๐๐ฒ๐ฑ:
โข A searchable database of breached/stealer data (domains, keywords, emails, usernames, passwords)
โข An AI-assisted query interface
โข Free preview searches before payment
โข Bundled credential-handling/validation tooling
โข Search history and a referral/commission program
โข Crypto-based credit top-ups (BTC, ETH, LTC, USDT, BNB, SOL)
โข Marketed anonymity features for buyers
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: N/A (stolen-data access service)
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Cybercrime Tooling / Data Brokerage
๐๐ฐ๐๐ผ๐ฟ: MaitreSearch
๐๐น๐ฎ๐ถ๐บ: Selling access to breached/stealer data lookup service
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Search access to aggregated stolen credentials and personal data
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Credit-based subscription (crypto)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is advertising MaitreSearch, a Telegram-based search service marketed to "OSINT" users that lets subscribers query a large database of breached and stealer-log data. The seller describes the dataset as drawn from both public and private sources and bundles credential-handling tools alongside it.
The listing promotes paid, credit-based access to other forum members for searching stolen personal and account data.
๐ช๐ต๐ฎ๐'๐ ๐ฏ๐ฒ๐ถ๐ป๐ด ๐ฎ๐ฑ๐๐ฒ๐ฟ๐๐ถ๐๐ฒ๐ฑ:
โข A searchable database of breached/stealer data (domains, keywords, emails, usernames, passwords)
โข An AI-assisted query interface
โข Free preview searches before payment
โข Bundled credential-handling/validation tooling
โข Search history and a referral/commission program
โข Crypto-based credit top-ups (BTC, ETH, LTC, USDT, BNB, SOL)
โข Marketed anonymity features for buyers
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: N/A (stolen-data access service)
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Cybercrime Tooling / Data Brokerage
๐๐ฐ๐๐ผ๐ฟ: MaitreSearch
๐๐น๐ฎ๐ถ๐บ: Selling access to breached/stealer data lookup service
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: Search access to aggregated stolen credentials and personal data
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Credit-based subscription (crypto)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐บ๐ธ CookUnity allegedly targeted in massive breach exposing 17.6M+ customers
A threat actor on an underground forum is claiming to leak a dataset allegedly originating from CookUnity, a U.S.-based subscription meal delivery service that sends fresh, chef-prepared meals to customers. The actor claims the underlying exploit is still active.
The actor claims the breach contains over 17.6M customer records across two datasets.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Customer names
โข Email addresses
โข Street addresses (unit, city, state, postal code, country)
โข Geolocation (latitude and longitude)
โข Order IDs and item counts
โข Shipment IDs and transit details
โข Carrier and driver names/IDs
โข Validation and warning flags
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: CookUnity
๐๐ผ๐๐ป๐๐ฟ๐: United States ๐บ๐ธ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Food Delivery / Subscription Services
๐๐ฐ๐๐ผ๐ฟ: 2019
๐๐น๐ฎ๐ถ๐บ: Leaked customer database (exploit reportedly still active)
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 17.6M+ records (2 datasets)
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free (reply to unlock)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to leak a dataset allegedly originating from CookUnity, a U.S.-based subscription meal delivery service that sends fresh, chef-prepared meals to customers. The actor claims the underlying exploit is still active.
The actor claims the breach contains over 17.6M customer records across two datasets.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Customer names
โข Email addresses
โข Street addresses (unit, city, state, postal code, country)
โข Geolocation (latitude and longitude)
โข Order IDs and item counts
โข Shipment IDs and transit details
โข Carrier and driver names/IDs
โข Validation and warning flags
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: CookUnity
๐๐ผ๐๐ป๐๐ฟ๐: United States ๐บ๐ธ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Food Delivery / Subscription Services
๐๐ฐ๐๐ผ๐ฟ: 2019
๐๐น๐ฎ๐ถ๐บ: Leaked customer database (exploit reportedly still active)
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 17.6M+ records (2 datasets)
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free (reply to unlock)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค2
๐จ๐ซ๐ท Dossier Mรฉdical Partagรฉ (DMP) allegedly targeted in massive 34M database sale
A threat actor on an underground forum is claiming to sell a database allegedly originating from the Dossier Mรฉdical Partagรฉ (DMP), France's shared national medical records system. The actor says the data was freshly scraped and has not circulated elsewhere.
The actor claims the database contains roughly 34,228,598 lines of personal data, noting NIR (social security numbers) appear in ~85% of lines and IBANs in ~30-40%.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (birth name and first name)
โข Gender
โข Dates and departments of birth
โข Addresses, communes, and postal codes
โข Email addresses
โข Phone numbers
โข NIR (French social security numbers) on most lines
โข IBAN and BIC banking details on a portion of lines
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Dossier Mรฉdical Partagรฉ (DMP)
๐๐ผ๐๐ป๐๐ฟ๐: France ๐ซ๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Healthcare / Government
๐๐ฐ๐๐ผ๐ฟ: Lagui
๐๐น๐ฎ๐ถ๐บ: Fresh scraped database for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~34.2M lines
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Not disclosed (contact to purchase)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to sell a database allegedly originating from the Dossier Mรฉdical Partagรฉ (DMP), France's shared national medical records system. The actor says the data was freshly scraped and has not circulated elsewhere.
The actor claims the database contains roughly 34,228,598 lines of personal data, noting NIR (social security numbers) appear in ~85% of lines and IBANs in ~30-40%.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names (birth name and first name)
โข Gender
โข Dates and departments of birth
โข Addresses, communes, and postal codes
โข Email addresses
โข Phone numbers
โข NIR (French social security numbers) on most lines
โข IBAN and BIC banking details on a portion of lines
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: Dossier Mรฉdical Partagรฉ (DMP)
๐๐ผ๐๐ป๐๐ฟ๐: France ๐ซ๐ท
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Healthcare / Government
๐๐ฐ๐๐ผ๐ฟ: Lagui
๐๐น๐ฎ๐ถ๐บ: Fresh scraped database for sale
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: ~34.2M lines
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Not disclosed (contact to purchase)
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฆ๐บ ACMI allegedly targeted in breach exposing 25K+ customers
A threat actor on an underground forum is claiming to leak a dataset allegedly originating from ACMI (Australian Centre for the Moving Image), Australia's national museum dedicated to film, television, video games, and digital culture, based in Melbourne.
The actor claims the breach contains over 25K customer records across three datasets.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names
โข Email addresses and email opt-in status
โข Gender and dates of birth
โข Sign-in attempts and last sign-in data
โข Film/title rental and purchase records
โข Invoice numbers and purchase dates
โข Pricing, currency, region, and country
โข Original price, discount, and total price
โข IP addresses
โข Payment gateway and payment gateway tokens
โข Promo codes, licensor, and release window data
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: ACMI (Australian Centre for the Moving Image)
๐๐ผ๐๐ป๐๐ฟ๐: Australia ๐ฆ๐บ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Arts / Culture / Entertainment
๐๐ฐ๐๐ผ๐ฟ: 2019
๐๐น๐ฎ๐ถ๐บ: Leaked customer database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 25K+ records (3 datasets)
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor on an underground forum is claiming to leak a dataset allegedly originating from ACMI (Australian Centre for the Moving Image), Australia's national museum dedicated to film, television, video games, and digital culture, based in Melbourne.
The actor claims the breach contains over 25K customer records across three datasets.
๐ช๐ต๐ฎ๐'๐ ๐ฎ๐น๐น๐ฒ๐ด๐ฒ๐ฑ๐น๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ฑ:
โข Full names
โข Email addresses and email opt-in status
โข Gender and dates of birth
โข Sign-in attempts and last sign-in data
โข Film/title rental and purchase records
โข Invoice numbers and purchase dates
โข Pricing, currency, region, and country
โข Original price, discount, and total price
โข IP addresses
โข Payment gateway and payment gateway tokens
โข Promo codes, licensor, and release window data
๐๐ฒ๐๐ฎ๐ถ๐น๐:
๐ง๐ฎ๐ฟ๐ด๐ฒ๐: ACMI (Australian Centre for the Moving Image)
๐๐ผ๐๐ป๐๐ฟ๐: Australia ๐ฆ๐บ
๐ฆ๐ฒ๐ฐ๐๐ผ๐ฟ: Arts / Culture / Entertainment
๐๐ฐ๐๐ผ๐ฟ: 2019
๐๐น๐ฎ๐ถ๐บ: Leaked customer database
๐๐ ๐ฝ๐ผ๐๐๐ฟ๐ฒ: 25K+ records (3 datasets)
๐ฃ๐ฟ๐ถ๐ฐ๐ฒ: Free
๐ข๐ฏ๐๐ฒ๐ฟ๐๐ฒ๐ฑ: June 1, 2026
๐ฅ Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations