Tokyo police have arrested a 15-year-old student over an alleged cyberattack targeting Bandai Channel, the anime and tokusatsu streaming service operated by Bandai Namco Filmworks.
CVE-2026-40138 is a critical pre-authentication vulnerability in the authentication subsystem of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA).
A threat actor using the alias dezetat is advertising a database from Malaysia's Inland Revenue Board (LHDN / IRBM), taken from the MyTax portal, for $20,000.
A threat actor using the alias EvaN47 claims to have breached the Libyan Ministry of Education (moe.gov.ly) and is threatening to publish a 287GB dataset of students' data if the ministry does not make contact.
How a coordinated strike against a 2-million-device botnet exposes the hidden economy of residential proxies, and what it means for anyone with a connected device at home.
A threat actor using the alias Straightonumberone is selling what they describe as data stolen from Grupo ATC, a Mexican logistics conglomerate (comprising TLE, TLEA, and PHES), for $1,000 after a ransom negotiation reportedly failed.
A threat actor using the alias EvaN47 has posted what they describe as a breach of the Libyan Civil Aviation Authority (caa.gov.ly), advertising a roughly 300GB dataset spanning 2015 to 2026 with a contact for acquisition.
A threat actor using the alias lucy is advertising a private, one-time sale of what they describe as comprehensive data from Netim.com, a French domain registrar and hosting provider, for $5,000 in cryptocurrency.
CVE-2026-33017 is a critical unauthenticated remote code execution flaw in Langflow, the popular open-source visual framework for building AI agents and RAG pipelines.
A threat actor using the alias misere, crediting collaborators (ChimeraZ and NightBroker), has posted what they describe as a complete database breach of Pachatours (pachatours.fr / pachatours.pro), a French tour operator specializing in Hajj packages and Tunisian beach holidays.
A threat actor using the alias ChimeraZ has posted what they title “the EPM of the Le Pontet city,” framing it as a database from a juvenile penitentiary for minors aged 13 to 17, and claiming 62,172 lines (about 8.4MB) in CSV format.
Qilin ransomware has listed Musashino University in Japan on its leak site and posted sample documents allegedly stolen from the institution. Unverified.
DragonForce ransomware has published 8.67 GB of data allegedly stolen from VIP Imaging, a U.S. cardiac imaging provider in Anaheim, California. Unverified.
A threat actor using the alias pl4t0v has posted what they describe as a database from DETRAN SP, the motor-vehicle and identity authority of São Paulo state in Brazil, claiming 13 million lines (about 1.59GB) in SQLite format, and is sharing it for free.
A threat actor using the alias Saturne has posted what they describe as an 860MB data leak from Avícola El Madroño S.A. (avicolaelmadrono.com), a Colombian poultry and prepared-foods company based in Bucaramanga, and is sharing it for free.
A U.S. amusement, arcade & attractions company added to the PLAY ransomware data-leak site.
Dark Web Informer
Checked
20 hours 46 minutes ago
A real-time cyber threat intelligence platform that monitors the dark web and clearnet for data breaches, ransomware campaigns, darknet market activity, leaked databases, and active threat actors.