Website: https://darkwebinformer.com
If you would rather subscribe to the website via Crypto: https://darkwebinformer.com/crypto-payments
Advertising (Only Legitimate Companies): https://darkwebinformer.com/advertising
Follow me on X: https://x.com/DarkWebInformer
Discord: https://discord.gg/gDHTYz5N9D
Canary and All Socials: https://darkwebinformer.com/canary
PGP: https://darkwebinformer.com/pgp
Updated: 2025-07-11
| Dark Web Informer | https://darkwebinformer.com |
| X/Twitter | https://www.x.com/DarkWebInformer |
| Medium | https://medium.com/@DarkWebInformer |
| GitHub | https://github.com/DarkWebInformer |
| Telegram | https://t.me/TheDarkWebInformer |
🚨Claimed Sale of UK Manufacturing Network Access
A threat actor is auctioning alleged RDWeb access to a UK-based manufacturing company with reported revenue of $11.6 million. The listing includes domain user credentials and the AV is Windows Defender.
Start: 150$
Step: 50$
Blitz: 300$
APKDeepLens is a Python based tool designed to scan Android applications (APK files) for security vulnerabilities.
alert(1) to win - A set of XSS challenges
Link: https://alf.nu/alert1
🚨Alleged BitMart Data Breach
A threat actor is claiming responsibility for a breach of BitMart, alleging the release of a dataset containing over 1.2 million user records. The leaked data reportedly includes:
• Email addresses
• Phone numbers
• Other sensitive personal information
🚨Claimed Sale of Browser-in-the-Middle (BitM) Platform for 2FA Phishing
A threat actor is advertising a Browser-in-the-Middle (BitM) platform built on Kameleo, designed for full session hijacking, 2FA bypass (TOTP, SMS, backup codes), and realistic browser fingerprinting. The tool captures sessions with cookies and tokens and claims compatibility with major platforms.
Price: $12,000
Key features include:
• Full BitM architecture using real browsers (not proxies)
• Anti-detection HTML/CSS generation
• Session persistence with long-lived cookies
• GraphQL/WebSocket control interface
• Cloudflare-protected hosting, no metadata leaks
• Next.js + NestJS architecture with automation via Kameleo Local API
🚨Claimed Sale of a Fresh Dataset of 305,000 Crypto Investors
A threat actor is auctioning a newly obtained dataset of 305,000 crypto investors, allegedly sourced in early July. The listing mentions filtering by activity or targeting criteria and claims the data is fresh.
Start: $27,500
Step: $2,500
🚨 Claimed Access to UK-Based OpenCart Store
A threat actor is auctioning access to an alleged UK online shop running on the OpenCart CMS. Access includes admin panel and web shell. Payment methods supported are iFrame (Stripe) and Klarna. Order volume claims:
July: 189
June: 478
May: 639
April: 630
Reportedly, 90% of customers pay by card.
Start: $500
Step: $100
Blitz: $2000
🚨Claimed Sale of 15,000+ WordPress Admin Credentials
A threat actor is auctioning over 15,000 allegedly valid WordPress administrator logins in url:login:pass format, claiming 95 to 100% validity. Only bulk purchase is permitted, with no domain selection.
Start: $4000
Step: $1000
Advertised for potential SEO abuse.
🚨CVE-2025-48952: NetAlertX Password Bypass Vulnerability due to Loose Comparison in PHP
PoC and Advisory: https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-4p4p-vq2v-9489
Details: https://www.cvedetails.com/cve/CVE-2025-48952/
CVSS: 9.4