A threat actor named “timcookapple” is offering vast quantities of compromised access credentials, including webshells, WHMCS hosting, and cPanel control panels, impacting over 50,000 domains worldwide. These supplies are targeted at malicious activities such as SEO manipulation and cyber attacks, with prices ranging from thousands of dollars in cryptocurrency. #timcookapple #webshells…
Tag: DARK WEB
A threat actor named “aiyewumi” has claimed to leak user registration data from the Russian company Palevo, an eco-fuel business, dating back to 2021. This data includes usernames, email addresses, account identifiers, and registration timestamps, with the breach categorized as medium severity. #PalevoDataLeak #EcoFuelBreach…
A threat actor named powder12 is offering root SSH access to a US-based tax service provider’s database on the dark web. The compromised system contains sensitive client data, posing a significant security risk. #powder12 #USTaxServiceData…
A threat actor named Abduljabar claims to be selling millions of email addresses from multiple Philippine government agencies. This high-severity data breach involves agencies such as DSWD, DepEd, DICT, DOH, and NCDA, potentially exposing sensitive government communication channels. #Abduljabar #PhilippineGovernmentEmails…
An alleged data breach involving ET Online has surfaced, with threat actor Solonik advertising the sale of a 5 million record database containing personal and transactional information. This incident highlights the ongoing risks faced by media platforms and their users. #ETOnline #Solonik…
Silent Push analysts uncovered a long-running Magecart web-skimming campaign active since at least January 2022 that uses highly obfuscated JavaScript to inject fake payment forms on compromised e-commerce sites and target major payment networks including American Express, Diners Club, Discover, JCB, Mastercard, and UnionPay. Key indicators include domains such as cdn-cookie[.]com…
Meta fixed a vulnerability in Instagram’s password reset process that allowed third parties to request reset emails, but denied any system breach. Recent data leaks, including a database for sale on cybercrime forums, pose serious privacy and safety risks, with affected data potentially circulating on the dark web. #InstagramPasswordReset #DarkWebLeak…
A data breach at French retailer BLACKSTORE has led to the exposure of over 100,000 customer records on a dark web forum. The compromised data includes personal details, order history, and customer service logs, highlighting potential privacy risks. #BLACKSTORE #darkwebbreach…
A Peruvian telecommunications company, WIN Internet, experienced a data breach that exposed nearly 293,573 customer records. The leak was claimed by threat actor “abzerocool,” who distributed the data for free. #WINInternet #DataBreach…
A cyber attack attributed to ShinyCorporation and LAPSUS resulted in the breach of over 5,000 Dell Technologies employee records, including emails, IP addresses, and passwords. The incident highlights the vulnerability of internal Dell systems due to unauthorized access by threat actors. #ShinyCorporation #LAPSUS #DellTechnologies #DataBreach…
A cyber threat actor known as “Near” has claimed to breach the government database of New Caledonia, exposing sensitive resident and vehicle records. The breach includes nearly 290,000 resident permits and over 460,000 vehicle entries, raising significant privacy concerns. #Near #NewCaledoniaGovernmentDatabase…
A breach at Global-e, a third-party e-commerce service used by Ledger, led to the alleged exposure of over 50,000 customer order records. The threat actor ShiJiayi is selling the data, including emails, phone numbers, and order details, on the dark web. #Global-eBreach #ShiJiayi #LedgerCustomerData…
A Polish logistics company, InPost, experienced a significant data breach claimed by threat actor “aiyewumi,” exposing approximately 2 million employee records. The leaked SQL database contains sensitive personal and system information, highlighting a severe security incident in the logistics sector. #InPost #aiyewumi…
Dr. Amit Chaubey discusses the expanding “2026 Business Blast Radius,” emphasizing how external dependencies and geopolitical risks threaten global infrastructure and organizational resilience. The rising cyber threats, including AI-enabled identity attacks and cloud exploits, demand a collective, proactive security approach. #ChakraX #GlobalCyberThreats…
A major data breach has exposed the personal information of approximately 17.5 million Instagram users, with data now circulating on dark web marketplaces. Experts warn that this sensitive information increases the risk of identity theft, social engineering, and account hijacking. #InstagramDataBreach #DarkWebDealings…