After 25 years, Ask Jeeves (ask.com) has shut down as of yesterday.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π6
This probably doesn't apply to any of you, but this thread on Dread goes into if you have gotten a package seized, received a love letter from the Postal Inspector, different scenarios and what to do.
This relates to buying/selling on Darknet Markets.
Dread: https://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad[.]onion/post/dd338bf888d14d1cbd6b
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
This relates to buying/selling on Darknet Markets.
Dread: https://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad[.]onion/post/dd338bf888d14d1cbd6b
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Someone was gracious enough to check out the VECT Ransomware decryptor I found. Go read their findings! π
https://x.com/DarkWebInformer/status/2050680990822011209
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://x.com/DarkWebInformer/status/2050680990822011209
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
X (formerly Twitter)
Dark Web Informer (@DarkWebInformer) on X
Someone was gracious enough to check out the VECT Ransomware decryptor I found. Go read their findings! π
βΌοΈ New Dark Web Informer Blog Post!
Title: The cPanel Situation Is Spiraling Fast
Link: https://darkwebinformer.com/the-cpanel-situation-is-spiraling-fast/
Title: The cPanel Situation Is Spiraling Fast
Link: https://darkwebinformer.com/the-cpanel-situation-is-spiraling-fast/
Dark Web Informer
The cPanel Situation Is Spiraling Fast
On April 29, CVE-2026-41940 was disclosed: a critical pre-authentication bypass in cPanel/WHM that lets remote attackers skip the login flow entirely and gain elevated access. Within 24 hours, it was already being weaponized. Censys watched the fallout inβ¦
βΌοΈ cPanelSniper: CVE-2026-41940 - cPanel & WHM Authentication Bypass via Session-File CRLF Injection
GitHub: https://github.com/ynsmroztas/cPanelSniper
CVE-2026-41940 - cPanel & WHM Authentication Bypass via Session-File CRLF Injection
4-stage exploit chain Β· Interactive WHM Shell Β· Bulk scanner Β· Pipeline ready Β· stdlib only
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub: https://github.com/ynsmroztas/cPanelSniper
CVE-2026-41940 - cPanel & WHM Authentication Bypass via Session-File CRLF Injection
4-stage exploit chain Β· Interactive WHM Shell Β· Bulk scanner Β· Pipeline ready Β· stdlib only
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€2π₯2
CVE-2026-41940: WebPros cPanel and WHM Authentication Bypass via Login Flow PoC
https://github.com/adriyansyah-mf/cve-2026-41940-poc
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://github.com/adriyansyah-mf/cve-2026-41940-poc
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub
GitHub - adriyansyah-mf/cve-2026-41940-poc
Contribute to adriyansyah-mf/cve-2026-41940-poc development by creating an account on GitHub.
β€2
βΌοΈπ«π· Ars.Sante.fr, a French government health-related platform, has allegedly been breached, with 233,837 user records leaked alongside a public message taunting French authorities and ANSSI.
β
β£ Threat Actor: Anssi
β£ Category: Data Leak
β£ Victim: ars.sante.fr
β£ Industry: Government / Healthcare
β
The actor posted a lengthy message addressed to the French government, ANSSI, BL2C, OFACC, and CNIL, mocking the recent arrests of HexDex and Breach3d and claiming those arrests were the result of poor operational security rather than law enforcement skill. The actor also teased upcoming leaks, including a 19 million record French database currently being scraped, and a separate 3+ million record French database that will be sold exclusively (not leaked) to the highest bidder with a 100K sample for verification.
β
What's in it:
β
βͺοΈ 233,837 compromised users
βͺοΈ Target: ars.sante.fr
βͺοΈ Download link provided behind a forum reply gate
β
Teased upcoming leaks:
βͺοΈ 19 million record French database (currently being scraped)
βͺοΈ 3+ million record French database (to be sold exclusively, 100K sample for verification)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: Anssi
β£ Category: Data Leak
β£ Victim: ars.sante.fr
β£ Industry: Government / Healthcare
β
The actor posted a lengthy message addressed to the French government, ANSSI, BL2C, OFACC, and CNIL, mocking the recent arrests of HexDex and Breach3d and claiming those arrests were the result of poor operational security rather than law enforcement skill. The actor also teased upcoming leaks, including a 19 million record French database currently being scraped, and a separate 3+ million record French database that will be sold exclusively (not leaked) to the highest bidder with a 100K sample for verification.
β
What's in it:
β
βͺοΈ 233,837 compromised users
βͺοΈ Target: ars.sante.fr
βͺοΈ Download link provided behind a forum reply gate
β
Teased upcoming leaks:
βͺοΈ 19 million record French database (currently being scraped)
βͺοΈ 3+ million record French database (to be sold exclusively, 100K sample for verification)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I have added an additional 3 forums to the threat feed since Thursday and still have one more to add in the next day or two. I am currently looking at other forums to onboard and they will be added to the Forum Monitoring Status just above the feed when known.
The historical feed will encompass all of those forums.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
The historical feed will encompass all of those forums.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
πͺ Slice For Life - Part 2 πͺ
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
I have added two new endpoints to the API. These endpoints get the data from the Ransomware IOCs by Group. A little over 19,000 in total for now. You can find the new endpoints and a updated note on the two API pages at the top.
Interested in buying: https://darkwebinformer.com/api-details/
Interested in buying: https://darkwebinformer.com/api-details/
Dark Web Informer
API Subscription Access
β€1
βΌοΈπ΅π¦ MiniMed Panama, the largest private primary healthcare network in Panama, has allegedly been breached, with approximately 400,000 records leaked spanning patients, doctors, and medical imaging data.
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: MiniMed Panama (ClΓnica Laboratorio)
β£ Industry: Healthcare
β
The actor claims access was obtained due to default credentials left on the client's systems by their vendor LATAM MAXIA. Two compromised systems were identified with weak credentials. MiniMed operates over 14 clinics and a hospital in Panama City.
β
What's in it:
β
βͺοΈ ~400,000 total records
βͺοΈ usersdata (74,233): user PII, plaintext passwords, names, usernames, emails, phones, job titles, access levels
βͺοΈ patients (156,869): patient PII, national IDs, names, gender, emails, phones, addresses, DOB, marital status, nationality
βͺοΈ patientsexams (99,304): medical imaging records, patient names, DOB/age, gender, study descriptions, modalities, dates, referring doctors, report/image status
βͺοΈ doctorsinfo (521): doctor PII, plaintext passwords, national IDs, names, emails, phones, specialty, doctor type, status
βͺοΈ appointments (23,511): patient/doctor/radiologist/tech IDs, dates, study types, modalities, payment methods, organizations
βͺοΈ appointmentsnames (23,507): appointment summaries, patient IDs/names, dates/times, study names, modalities, status
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: ohmydays (Waxx Org.)
β£ Category: Data Leak
β£ Victim: MiniMed Panama (ClΓnica Laboratorio)
β£ Industry: Healthcare
β
The actor claims access was obtained due to default credentials left on the client's systems by their vendor LATAM MAXIA. Two compromised systems were identified with weak credentials. MiniMed operates over 14 clinics and a hospital in Panama City.
β
What's in it:
β
βͺοΈ ~400,000 total records
βͺοΈ usersdata (74,233): user PII, plaintext passwords, names, usernames, emails, phones, job titles, access levels
βͺοΈ patients (156,869): patient PII, national IDs, names, gender, emails, phones, addresses, DOB, marital status, nationality
βͺοΈ patientsexams (99,304): medical imaging records, patient names, DOB/age, gender, study descriptions, modalities, dates, referring doctors, report/image status
βͺοΈ doctorsinfo (521): doctor PII, plaintext passwords, national IDs, names, emails, phones, specialty, doctor type, status
βͺοΈ appointments (23,511): patient/doctor/radiologist/tech IDs, dates, study types, modalities, payment methods, organizations
βͺοΈ appointmentsnames (23,507): appointment summaries, patient IDs/names, dates/times, study names, modalities, status
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€1
βΌοΈπ«π· Profil Search, a French recruitment platform (CDD-CDI solutions), has allegedly been breached, with a database of 100,642 candidate records leaked.
β
β£ Threat Actor: Lagui
β£ Category: Data Leak
β£ Victim: Profil Search
β£ Industry: Recruitment / HR
β
The actor states the data was obtained approximately a year ago and is being released to the community. Sample records show candidate application data including PII and contact information.
β
What's in it:
β
βͺοΈ 100,642 complete candidate entries
βͺοΈ Title (Mme/M.)
βͺοΈ First and last names
βͺοΈ Email addresses
βͺοΈ Phone numbers (multiple)
βͺοΈ Full postal addresses
βͺοΈ Postal codes and cities
βͺοΈ Country
βͺοΈ Job titles / positions applied for
βͺοΈ Employer / company information
βͺοΈ Candidate application IDs / URLs
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: Lagui
β£ Category: Data Leak
β£ Victim: Profil Search
β£ Industry: Recruitment / HR
β
The actor states the data was obtained approximately a year ago and is being released to the community. Sample records show candidate application data including PII and contact information.
β
What's in it:
β
βͺοΈ 100,642 complete candidate entries
βͺοΈ Title (Mme/M.)
βͺοΈ First and last names
βͺοΈ Email addresses
βͺοΈ Phone numbers (multiple)
βͺοΈ Full postal addresses
βͺοΈ Postal codes and cities
βͺοΈ Country
βͺοΈ Job titles / positions applied for
βͺοΈ Employer / company information
βͺοΈ Candidate application IDs / URLs
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπ¨π¦ Ontario College of Health & Technology has allegedly been breached, with student databases exfiltrated via an unpatched WHM (WebHost Manager) vulnerability.
β
β£ Threat Actor: Shinigami
β£ Category: Data Leak
β£ Victim: Ontario College of Health & Technology
β£ Industry: Education
β
The actor attributes the May 2026 breach to a critical authentication bypass vulnerability (CVE-2026-41940) in an unpatched WHM (WebHost Manager) installation. The flaw allowed unauthorized administrative access to the college's server, leading to the exfiltration of student databases.
β
What's in it:
β
βͺοΈ Student names
βͺοΈ Email addresses
βͺοΈ Phone numbers
βͺοΈ Residential addresses
βͺοΈ Student records stored across several SQL databases
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: Shinigami
β£ Category: Data Leak
β£ Victim: Ontario College of Health & Technology
β£ Industry: Education
β
The actor attributes the May 2026 breach to a critical authentication bypass vulnerability (CVE-2026-41940) in an unpatched WHM (WebHost Manager) installation. The flaw allowed unauthorized administrative access to the college's server, leading to the exfiltration of student databases.
β
What's in it:
β
βͺοΈ Student names
βͺοΈ Email addresses
βͺοΈ Phone numbers
βͺοΈ Residential addresses
βͺοΈ Student records stored across several SQL databases
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I added another new API endpoint for compromise lookups. One request for a domain or organization will provide data on whether either were compromised against the Ransomware feed, Threat feed, Whiteintel stealer lookup, and HIBP breach lookup. Review the note at the top of the API pages. Interested in subscribing: https://darkwebinformer.com/api-details/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Dark Web Informer
API Subscription Access