‼️🇵🇦 Radimagen Panama, a Panamanian medical imaging provider, has allegedly been breached, with a database containing patient and medical data leaked for free.
⠀
‣ Threat Actor: ohmydays (Waxx Org.)
‣ Category: Data Leak
‣ Victim: Radimagen Panama (radimagen.com)
‣ Industry: Healthcare / Medical Imaging
⠀
The actor claims the database was pulled from an unsecured server with "zero protection" and is releasing it for free to the community. The leak exposes sensitive medical and personal information of patients, doctors, and staff.
⠀
What's in it:
⠀
▪️ 38,840 patient records with full PII (name, national ID, sex, phone, date of birth)
▪️ 68,814 medical appointments linking patients to specific studies and schedules
▪️ 42,106 user accounts with emails, phones, and role/access levels
▪️ 3,118 doctor records with associated information
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇵🇦 Clinica Hospital Panamericano (ch-panamericano.com), a Panamanian hospital, has allegedly been breached, with a database containing patient and medical data leaked for free.
⠀
‣ Threat Actor: ohmydays (Waxx Org.)
‣ Category: Data Leak
‣ Victim: Clinica Hospital Panamericano
‣ Industry: Healthcare / Hospital
⠀
The actor claims the database was pulled from an unsecured system, marking the second Panamanian medical leak released by the same threat actor.
⠀
What's in it:
⠀
▪️ 16,884 patient records with full PII (name, national ID, sex, date of birth)
▪️ 25,893 medical appointments linking patients to specific studies and schedules
▪️ 570 doctor records with national ID, user ID, full names, and additional information
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇪🇨 Banco de Machala, an Ecuadorian bank, has allegedly been breached, with over 100,000 biometric customer records leaked for free.
⠀
‣ Threat Actor: GondorPe
‣ Category: Data Leak
‣ Victim: Banco de Machala
‣ Industry: Banking / Finance
⠀
The actor claims the bank's biometric authentication system was compromised, granting full access to the customer database and image repository, which was reportedly stored without proper protection.
⠀
What's in it:
⠀
▪️ 100,000+ biometric records of customers
▪️ Biometric photographs (full face) of all customers as of May 1, 2026
▪️ Photographs of identity cards
▪️ Full names
▪️ ID numbers
▪️ Face photos linked to each ID number
▪️ Files distributed in JPG format
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️ A threat actor is allegedly selling YouTube Society Award Play Button codes for $160. The nature of how these codes were obtained is unclear, but the listing suggests unauthorized acquisition and resale of official YouTube creator award redemption codes.
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️ QuimaRAT v2.0.0, a new cross-platform Java-based RAT, is allegedly being sold on a hacking forum, targeting Windows, macOS, and Linux systems.
⠀
‣ Threat Actor: QuimaCORE
‣ Category: Malware / RAT Sale
‣ Product: QuimaRAT v2.0.0
‣ Industry: Cybercrime / Malware-as-a-Service
⠀
The actor is advertising a Java 17 + JavaFX based remote access trojan claiming FUD (Fully Undetectable) output, end-to-end encryption (Mutual TLS + AES-256-GCM), and no Java requirement on target machines.
⠀
What's advertised:
⠀
▪️ 70+ Windows modules / 44+ macOS & Linux modules
▪️ Surveillance: keylogger, clipboard logger, screenshot/screen recorder, hidden VNC, webcam/microphone capture, hidden browser
▪️ Credential theft: browser recovery (Chromium/Firefox/Edge), email clients, LSASS dump, RDP/VPN credentials, crypto wallet artifacts, token stealer
▪️ Evasion: AMSI bypass, ETW patcher, UAC bypass, Defender/Firewall disable, process hollowing, DLL injection, shellcode loader, rootkit module
▪️ Network: scanner, SOCKS5/reverse proxy, port forwarding, lateral movement, AD enumerator
▪️ Builder output formats: JAR, EXE (Launch4j), BAT, VBS, NATIVE formats with embedded JRE
▪️ ProGuard obfuscation with 15,600+ runtime classes
⠀
Pricing: $200 (1 month) / $400 (3 months) / $600 (6 months) / $800 (12 months) / $2,400 (lifetime)
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇨🇴 Hospital Universitario Nacional de Colombia (hun.edu.co), a major Colombian university hospital, has allegedly been breached, with a full database dump (8 DBs, 197 tables) being sold along with confirmed live access to the production server.
⠀
‣ Threat Actor: macaroni
‣ Category: Data Leak / Network Access
‣ Victim: Hospital Universitario Nacional de Colombia
‣ Industry: Healthcare / Education
⠀
The actor claims the data was extracted on May 2, 2026 from a production server that remains running and accessible on the internet. The listing emphasizes an open MySQL port (3306) exposed publicly, presenting an immediate lateral movement opportunity for any buyer looking to pivot into the internal network. Price is set at $1,500 XMR.
⠀
What's in it:
⠀
▪️ 8 databases / 197 tables (full schema + real data)
▪️ REDCap clinical research platform: 639 user accounts, SHA-512 hashes with 100-char salts, TOTP seeds in plaintext, 10K+ patient records, clinical notes, research project files
▪️ Hospital pharmacy system: 22 users with plaintext passwords, 10K drug transactions with prices and suppliers
▪️ Employee directory: 583 staff members with full names, national ID numbers, job titles, personal emails
▪️ WordPress multisite intranet: internal communications, API keys, admin PII, login logs with timestamps
▪️ Server fingerprint: Apache 2.4.17 / PHP 5.6.23 on Windows
▪️ Live proof: open MySQL port 3306, valid SSL cert until October 2026, active phpMyAdmin (IP-restricted)
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations