New LeakBase domain:

CVE Crowd lists CVEs actively discussed on the Fediverse, offering a valuable resource for threat intelligence to strengthen your organization's cybersecurity posture or to stay informed about the latest vulnerability trends. Link:

Threat feeds now allow you to choose a start and end date to see the amount of alerts per day. After clicking apply it will update within a couple seconds.

🚨Alleged BitMart Data Breach. A threat actor is claiming responsibility for a breach of BitMart, alleging the release of a dataset containing over 1.2 million user records. The leaked data reportedly includes:. • Email addresses.• Phone numbers.• Other sensitive personal

🚨Claimed Sale of Browser-in-the-Middle (BitM) Platform for 2FA Phishing. A threat actor is advertising a Browser-in-the-Middle (BitM) platform built on Kameleo, designed for full session hijacking, 2FA bypass (TOTP, SMS, backup codes), and realistic browser fingerprinting. The

🚨Claimed Sale of a Fresh Dataset of 305,000 Crypto Investors. A threat actor is auctioning a newly obtained dataset of 305,000 crypto investors, allegedly sourced in early July. The listing mentions filtering by activity or targeting criteria and claims the data is fresh.

🚨 Claimed Access to UK-Based OpenCart Store. A threat actor is auctioning access to an alleged UK online shop running on the OpenCart CMS. Access includes admin panel and web shell. Payment methods supported are iFrame (Stripe) and Klarna. Order volume claims:. July: 189.June:

🚨Claimed Sale of 15,000+ WordPress Admin Credentials. A threat actor is auctioning over 15,000 allegedly valid WordPress administrator logins in url:login:pass format, claiming 95 to 100% validity. Only bulk purchase is permitted, with no domain selection. Start: $4000.Step:

RT @DarkWebInformer: Mosint: An automated email OSINT tool written in Go that allows you to investigate for target emails. Link: https://t….

GLOBAL Ransom Note has also been added:

MSSqlPwner: An advanced and versatile pentesting tool designed to seamlessly interact and pwn MSSQL servers. Link:

🚨🇺🇸Albemarle County School District has Fallen Victim to INC Ransom Ransomware

🚨CVE-2024-34470: Path Traversal Vulnerability in HSC MailInspector. PoC: FOFA: title==". :: HSC MailInspector ::. ". Video Credit:

RT @DarkWebInformer: 🚨CVE-2025-25257: Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector. PoC: Wri….

🚨🇪🇸Infrastructure Destruction Squad Targeted a Turbine Power Plant Control System in Spain

Medical device company that was hacked between November 20 and November 21, 2024, notifies impacted employees 8 months later. Source:

FBI Atlanta, USA Seizes Major Video Game Piracy Websites. "The FBI's Atlanta Field Office announced today the seizure of several online criminal marketplaces providing pirated versions of popular video games. In addition to the seizure, the FBI has dismantled the infrastructure

Credit: @SinSinology and @watchtowrcyber.

🚨CVE-2025-25257: Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector. PoC: Write-up:

🚨A threat actor is auctioning off 409 U.S. credit cards with a claimed 75% validity rate. 💰 Starting bid: 2500$ | Step: 100$ | Blitz: 4000$.📦 Data format: exp|cvv|name|address|phone|email|location

⚠️Skout which has been offline for months now, is back online. Skout is a service that allows you to verify the authenticity of a vendor account. It does this by collecting data from other markets. Onion: http://skoutchtiq6i473shdg2ycebalkqherg2ham2suvcoto6wtns5fpjvid[.onion/