Dark Web Informer - Cyber Threat Intelligence

On May 1, 2026, CISA added CVE-2026-31431, better known as "Copy Fail," to its Known Exploited Vulnerabilities (KEV) catalog. Federal civilian agencies have until May 15 to patch under BOD 22-01. Everyone else should read that deadline as a strong hint.

There's something uniquely unsettling about a cybersecurity company getting hacked. It's the digital equivalent of a locksmith calling to say someone picked their front door. This week, Trellix joined that uncomfortable club, confirming that attackers gained unauthorized access to a portion of its internal source code repository.

On April 29, CVE-2026-41940 was disclosed: a critical pre-authentication bypass in cPanel/WHM that lets remote attackers skip the login flow entirely and gain elevated access. Within 24 hours, it was already being weaponized. Censys watched the fallout in real time.

When the Defenders Become the Attackers: Two U.S. Cybersecurity Pros Sentenced in BlackCat Ransomware Case

The Fall of Versus: How a 380,000-User Dark Web Marketplace Met Its End in a Colombian Extradition

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Hacker Ring Busted in Lviv Oblast After Stealing Gaming Accounts and Selling Them in Russia for Nearly UAH 10 Million

Threat Actor 0056113 Selling Compromised Law-Enforcement Emails and EDR-as-a-Service for Fraudulent Emergency Data Requests

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

LCBO (Liquor Control Board of Ontario) Database Breached: 165,840 Customer Records Exposed from Ontario's Crown Corporation

Den kulturelle skolesekken (DKS) Database Breached: 1,389,534 Records Exposed from Norway's National Cultural-Schoolbag Programme

Arkansas State Crime Lab Database Breached: Threat Actor kittykatkrew Leaks Court Calendars and Law Enforcement Personnel Directory

Ledil Immobilier (ledil.immo) Database Breached: Threat Actor 888 Leaks 6,700 French Real Estate User Records

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Taiseer (taiseer.co) Database Breached: Threat Actor Sorb Offering PII of Egyptian Gold Investors for Sale

Chartered Institute of Bankers of Nigeria (CIBN) Database Breached: 250GB Including Member PII, Source Code, and ID Documents Leaked

Global Dining Event Diner en Blanc Breached, 411K Guest Records With Event Details and Invite Codes Listed for Sale

Multiple Indian Schools Hit After Ellucian PowerCampus Platform Compromised, Children's Photos, Aadhaar Numbers, and Medical Data Exposed

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attacks

French Basketball Federation Breached, 1.9 Million Members and 800K Parents Exposed With Addresses, Medical Certificates, and Minor Data