Dark Web Informer - Cyber Threat Intelligence  

@DarkWebInformer@infosec.exchange
1.3K Followers
1 Following
5.9K Posts
Arjun: HTTP Parameter Discovery Suite

Arjun: HTTP Parameter Discovery Suite

Dark Web Informer - Cyber Threat Intelligence

🚨Claimed Sale of UK Manufacturing Network Access

A threat actor is auctioning alleged RDWeb access to a UK-based manufacturing company with reported revenue of $11.6 million. The listing includes domain user credentials and the AV is Windows Defender.

Start: 150$
Step: 50$
Blitz: 300$

APKDeepLens is a Python based tool designed to scan Android applications (APK files) for security vulnerabilities.

GitHub: https://github.com/d78ui98/APKDeepLens

alert(1) to win - A set of XSS challenges

Link: https://alf.nu/alert1

Ransomware blog posts will now display up to the last 5 victims claimed by each group. A new section will be added for this, starting Monday. I may include additional details and some more over time.
Threat feeds now allow you to choose a start and end date to see the amount of alerts per day. After clicking apply it will update within a couple seconds.

🚨Alleged BitMart Data Breach

A threat actor is claiming responsibility for a breach of BitMart, alleging the release of a dataset containing over 1.2 million user records. The leaked data reportedly includes:

• Email addresses
• Phone numbers
• Other sensitive personal information

🚨Claimed Sale of Browser-in-the-Middle (BitM) Platform for 2FA Phishing

A threat actor is advertising a Browser-in-the-Middle (BitM) platform built on Kameleo, designed for full session hijacking, 2FA bypass (TOTP, SMS, backup codes), and realistic browser fingerprinting. The tool captures sessions with cookies and tokens and claims compatibility with major platforms.

Price: $12,000

Key features include:

• Full BitM architecture using real browsers (not proxies)
• Anti-detection HTML/CSS generation
• Session persistence with long-lived cookies
• GraphQL/WebSocket control interface
• Cloudflare-protected hosting, no metadata leaks
• Next.js + NestJS architecture with automation via Kameleo Local API

🚨Claimed Sale of a Fresh Dataset of 305,000 Crypto Investors

A threat actor is auctioning a newly obtained dataset of 305,000 crypto investors, allegedly sourced in early July. The listing mentions filtering by activity or targeting criteria and claims the data is fresh.

Start: $27,500
Step: $2,500

🚨 Claimed Access to UK-Based OpenCart Store

A threat actor is auctioning access to an alleged UK online shop running on the OpenCart CMS. Access includes admin panel and web shell. Payment methods supported are iFrame (Stripe) and Klarna. Order volume claims:

July: 189
June: 478
May: 639
April: 630

Reportedly, 90% of customers pay by card.

Start: $500
Step: $100
Blitz: $2000

×
🚨Alleged Sale of WinRAR RCE 0-Day Exploit for 80.000$