You may see a couple of old forum posts on the threat feed between now and Sunday.
I'm testing a historical feed setup that is going to the current threat feed, before moving it to a different frontend.
I should know more next week on when it will be available and how many old posts my goal will be daily/monthly based on costs. The API will likely get the endpoint first before the platform.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I'm testing a historical feed setup that is going to the current threat feed, before moving it to a different frontend.
I should know more next week on when it will be available and how many old posts my goal will be daily/monthly based on costs. The API will likely get the endpoint first before the platform.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
πͺ Slice For Life - Part 2 πͺ
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
π₯2
Media is too big
VIEW IN TELEGRAM
The young hacker behind the historic PowerSchool breach, Matthew Lane, speaks out for the first time just days before beginning a four-year federal prison sentence, as experts warn of a new generation of tech-savvy teenagers falling into cybercrime.
I previously uploaded part 1. This is both part 1 and part 2.
Video Credit: youtube.com/@ABCNews
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I previously uploaded part 1. This is both part 1 and part 2.
Video Credit: youtube.com/@ABCNews
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€1π1
βΌοΈ Kodex Law Enforcement Panel accounts are allegedly being sold, providing access to submit Emergency Data Requests (EDRs) to 320+ major companies.
β
β£ Threat Actor: edr
β£ Category: Access Sale
β£ Victim: Kodex (Law Enforcement Platform)
β£ Industry: Law Enforcement / Data Request Platform
β
The actor is selling old Kodex accounts that can be used to send Emergency Data Requests to major companies including Discord, Coinbase, and Roblox. The seller claims the accounts are not proxied and that they own the logins directly. Funds in escrow are required before the country of origin is revealed. Trusted escrow/middleman services are accepted.
β
What's in it:
β
βͺοΈ Old Kodex law enforcement panel accounts
βͺοΈ Access to 320+ ready-to-use companies for data requests
βͺοΈ Subpoena documents included
βͺοΈ Ability to send EDRs to platforms like Discord, Coinbase, and Roblox
βͺοΈ Price: $4,000
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: edr
β£ Category: Access Sale
β£ Victim: Kodex (Law Enforcement Platform)
β£ Industry: Law Enforcement / Data Request Platform
β
The actor is selling old Kodex accounts that can be used to send Emergency Data Requests to major companies including Discord, Coinbase, and Roblox. The seller claims the accounts are not proxied and that they own the logins directly. Funds in escrow are required before the country of origin is revealed. Trusted escrow/middleman services are accepted.
β
What's in it:
β
βͺοΈ Old Kodex law enforcement panel accounts
βͺοΈ Access to 320+ ready-to-use companies for data requests
βͺοΈ Subpoena documents included
βͺοΈ Ability to send EDRs to platforms like Discord, Coinbase, and Roblox
βͺοΈ Price: $4,000
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€3
Found a possible decryptor for VECT Ransomware.
https://github.com/DarkWebInformer/vect-ransomware-decryptor
I don't have a sample file to use to test it against, maybe someone does that actually needs this. Run it in an isolated environment. I shared the files on GitHub, the zip, and the VirusTotal that came back clean. I also gave credit to where I found it.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://github.com/DarkWebInformer/vect-ransomware-decryptor
I don't have a sample file to use to test it against, maybe someone does that actually needs this. Run it in an isolated environment. I shared the files on GitHub, the zip, and the VirusTotal that came back clean. I also gave credit to where I found it.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub
GitHub - DarkWebInformer/vect-ransomware-decryptor: Found on Telegram for what is possibly a VECT Ransomware Decryptor
Found on Telegram for what is possibly a VECT Ransomware Decryptor - DarkWebInformer/vect-ransomware-decryptor
β€9
βΌοΈπ΅π¦ Radimagen Panama, a Panamanian medical imaging provider, has allegedly been breached, with a database containing patient and medical data leaked for free.
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: Radimagen Panama (radimagen.com)
β£ Industry: Healthcare / Medical Imaging
β
The actor claims the database was pulled from an unsecured server with "zero protection" and is releasing it for free to the community. The leak exposes sensitive medical and personal information of patients, doctors, and staff.
β
What's in it:
β
βͺοΈ 38,840 patient records with full PII (name, national ID, sex, phone, date of birth)
βͺοΈ 68,814 medical appointments linking patients to specific studies and schedules
βͺοΈ 42,106 user accounts with emails, phones, and role/access levels
βͺοΈ 3,118 doctor records with associated information
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: Radimagen Panama (radimagen.com)
β£ Industry: Healthcare / Medical Imaging
β
The actor claims the database was pulled from an unsecured server with "zero protection" and is releasing it for free to the community. The leak exposes sensitive medical and personal information of patients, doctors, and staff.
β
What's in it:
β
βͺοΈ 38,840 patient records with full PII (name, national ID, sex, phone, date of birth)
βͺοΈ 68,814 medical appointments linking patients to specific studies and schedules
βͺοΈ 42,106 user accounts with emails, phones, and role/access levels
βͺοΈ 3,118 doctor records with associated information
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
πͺ Slice For Life - Part 2 πͺ pinned Β«Found a possible decryptor for VECT Ransomware. https://github.com/DarkWebInformer/vect-ransomware-decryptor I don't have a sample file to use to test it against, maybe someone does that actually needs this. Run it in an isolated environment. I shared theβ¦Β»
βΌοΈ New Ransomware Group and IP Leak: CMD Organization
Clearnet: cmdofficial[.]com
IP: 209[.]99[.]186[.]211
Onion: http://cmdnkiqjije2tllr3biee2sjgj3i4robg2cbtilbnytdhh2wy3syrlyd[.]onion
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Clearnet: cmdofficial[.]com
IP: 209[.]99[.]186[.]211
Onion: http://cmdnkiqjije2tllr3biee2sjgj3i4robg2cbtilbnytdhh2wy3syrlyd[.]onion
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π2β€1
βΌοΈπ΅π¦ Clinica Hospital Panamericano (ch-panamericano.com), a Panamanian hospital, has allegedly been breached, with a database containing patient and medical data leaked for free.
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: Clinica Hospital Panamericano
β£ Industry: Healthcare / Hospital
β
The actor claims the database was pulled from an unsecured system, marking the second Panamanian medical leak released by the same threat actor.
β
What's in it:
β
βͺοΈ 16,884 patient records with full PII (name, national ID, sex, date of birth)
βͺοΈ 25,893 medical appointments linking patients to specific studies and schedules
βͺοΈ 570 doctor records with national ID, user ID, full names, and additional information
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: Clinica Hospital Panamericano
β£ Industry: Healthcare / Hospital
β
The actor claims the database was pulled from an unsecured system, marking the second Panamanian medical leak released by the same threat actor.
β
What's in it:
β
βͺοΈ 16,884 patient records with full PII (name, national ID, sex, date of birth)
βͺοΈ 25,893 medical appointments linking patients to specific studies and schedules
βͺοΈ 570 doctor records with national ID, user ID, full names, and additional information
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπͺπ¨ Banco de Machala, an Ecuadorian bank, has allegedly been breached, with over 100,000 biometric customer records leaked for free.
β
β£ Threat Actor: GondorPe
β£ Category: Data Leak
β£ Victim: Banco de Machala
β£ Industry: Banking / Finance
β
The actor claims the bank's biometric authentication system was compromised, granting full access to the customer database and image repository, which was reportedly stored without proper protection.
β
What's in it:
β
βͺοΈ 100,000+ biometric records of customers
βͺοΈ Biometric photographs (full face) of all customers as of May 1, 2026
βͺοΈ Photographs of identity cards
βͺοΈ Full names
βͺοΈ ID numbers
βͺοΈ Face photos linked to each ID number
βͺοΈ Files distributed in JPG format
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: GondorPe
β£ Category: Data Leak
β£ Victim: Banco de Machala
β£ Industry: Banking / Finance
β
The actor claims the bank's biometric authentication system was compromised, granting full access to the customer database and image repository, which was reportedly stored without proper protection.
β
What's in it:
β
βͺοΈ 100,000+ biometric records of customers
βͺοΈ Biometric photographs (full face) of all customers as of May 1, 2026
βͺοΈ Photographs of identity cards
βͺοΈ Full names
βͺοΈ ID numbers
βͺοΈ Face photos linked to each ID number
βͺοΈ Files distributed in JPG format
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈ A threat actor is allegedly selling YouTube Society Award Play Button codes for $160. The nature of how these codes were obtained is unclear, but the listing suggests unauthorized acquisition and resale of official YouTube creator award redemption codes.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π1
βΌοΈ QuimaRAT v2.0.0, a new cross-platform Java-based RAT, is allegedly being sold on a hacking forum, targeting Windows, macOS, and Linux systems.
β
β£ Threat Actor: QuimaCORE
β£ Category: Malware / RAT Sale
β£ Product: QuimaRAT v2.0.0
β£ Industry: Cybercrime / Malware-as-a-Service
β
The actor is advertising a Java 17 + JavaFX based remote access trojan claiming FUD (Fully Undetectable) output, end-to-end encryption (Mutual TLS + AES-256-GCM), and no Java requirement on target machines.
β
What's advertised:
β
βͺοΈ 70+ Windows modules / 44+ macOS & Linux modules
βͺοΈ Surveillance: keylogger, clipboard logger, screenshot/screen recorder, hidden VNC, webcam/microphone capture, hidden browser
βͺοΈ Credential theft: browser recovery (Chromium/Firefox/Edge), email clients, LSASS dump, RDP/VPN credentials, crypto wallet artifacts, token stealer
βͺοΈ Evasion: AMSI bypass, ETW patcher, UAC bypass, Defender/Firewall disable, process hollowing, DLL injection, shellcode loader, rootkit module
βͺοΈ Network: scanner, SOCKS5/reverse proxy, port forwarding, lateral movement, AD enumerator
βͺοΈ Builder output formats: JAR, EXE (Launch4j), BAT, VBS, NATIVE formats with embedded JRE
βͺοΈ ProGuard obfuscation with 15,600+ runtime classes
β
Pricing: $200 (1 month) / $400 (3 months) / $600 (6 months) / $800 (12 months) / $2,400 (lifetime)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: QuimaCORE
β£ Category: Malware / RAT Sale
β£ Product: QuimaRAT v2.0.0
β£ Industry: Cybercrime / Malware-as-a-Service
β
The actor is advertising a Java 17 + JavaFX based remote access trojan claiming FUD (Fully Undetectable) output, end-to-end encryption (Mutual TLS + AES-256-GCM), and no Java requirement on target machines.
β
What's advertised:
β
βͺοΈ 70+ Windows modules / 44+ macOS & Linux modules
βͺοΈ Surveillance: keylogger, clipboard logger, screenshot/screen recorder, hidden VNC, webcam/microphone capture, hidden browser
βͺοΈ Credential theft: browser recovery (Chromium/Firefox/Edge), email clients, LSASS dump, RDP/VPN credentials, crypto wallet artifacts, token stealer
βͺοΈ Evasion: AMSI bypass, ETW patcher, UAC bypass, Defender/Firewall disable, process hollowing, DLL injection, shellcode loader, rootkit module
βͺοΈ Network: scanner, SOCKS5/reverse proxy, port forwarding, lateral movement, AD enumerator
βͺοΈ Builder output formats: JAR, EXE (Launch4j), BAT, VBS, NATIVE formats with embedded JRE
βͺοΈ ProGuard obfuscation with 15,600+ runtime classes
β
Pricing: $200 (1 month) / $400 (3 months) / $600 (6 months) / $800 (12 months) / $2,400 (lifetime)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€3