Dark Web Informer - Cyber Threat Intelligence

A threat actor claims to have breached Ícaro Cloud S.L., an Alicante-based managed service provider in Spain, allegedly exposing sensitive configuration data across 20 client networks.

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Cisco has disclosed and patched CVE-2026-20182, a maximum-severity authentication bypass affecting Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager.

A threat actor is advertising a massive collection of allegedly leaked Burkina Faso identity documents, claiming the archive contains more than 50,000 scanned passports and national ID cards in original PDF quality.

A threat actor claims to have breached Xacria XNO (Xacria Network Orchestrator), a carrier-grade, cloud-native network orchestration platform used by Tier 1, 2, and 3 telecommunications operators in Italy for zero-touch provisioning and automation of fiber broadband, mobile, and enterprise network services.

A threat actor is selling a database from mutreasury, the centralized payment gateway connecting more than 28 Egyptian universities for tuition, application fees, and other student payments.

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Federal prosecutors have charged Owe Martin Andresen, a 49-year-old German citizen believed to have served as the lead administrator of the once-massive darknet marketplace Dream Market, with laundering more than $2 million in proceeds tied to the site's commission accounts. German authorities arrested Andresen last week on parallel charges of their own.

A threat actor operating under the PayoutsKing brand (self-described as “Not RaaS”) has listed NTN Bearing Corporation of America on its extortion leak site, claiming to have exfiltrated 596 GB of data from the American manufacturer, a subsidiary of the global bearing maker NTN Corporation with revenue of $1.5B and approximately 4,700 employees.

A threat actor is reposting the previously reported SIVVI database for sale, listing approximately 300,000 UAE customer records from the Dubai-based fashion e-commerce platform founded in 2014 and now owned by noon.

A threat actor claims to have exfiltrated a database from the Ministry of Health of Vietnam containing over 480,000 sensitive records, including the personal data of doctors, nurses, and medical staff.

A threat actor is leaking the customer database of Akitatek, a French IT services and electronics repair company.

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A threat actor claims to have breached FutureShop Egypt, an Egyptian grocery delivery platform, by exploiting an entirely exposed API that required no authentication.

.dwi-post, .dwi-post * { font-family: 'Inter', -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; } .dwi-post { --dwi-card: rgba(127, 127, 127, 0.06); --dwi-border: rgba(127, 127, 127, 0.18); --dwi-muted: rgba(127, 127, 127, 0.85); --dwi-cyan: #38bdf8; --dwi-amber: #fbbf24; max-width: 680px; margin: 0 auto; font-size: 16px; line-height: 1.65; font-feature-settings:

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A threat actor is selling the customer database of KAMS PARIS, a Parisian niche perfumery founded in 1960 and located at 6 Avenue de l’Opéra, specializing in rare niche perfumes, skincare, and beauty products with delivery across Europe.

A threat actor is selling a full archive described as one of the deepest technical leaks in the field of Surface Acoustic Wave (SAW) sensors and their application in smart diapers (Smart Diaper / Wetness Sensing).

Google's Threat Intelligence Group has documented what it describes as the first confirmed instance of threat actors leveraging artificial intelligence to engineer a zero-day exploit, marking a significant escalation in how AI is being weaponized for cyberattacks.

Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution