🚨🇰🇷Alleged Naver Data Leak

The leaker claims this isn’t just another public scrape and that this dump allegedly contains real user IDs, hashed passwords, emails, and even some plaintext passwords.

They also released a combolist with about 25% of the data for easier use.

Naver Corporation is a South Korean internet company based in Seongnam, best known for operating the Naver search engine.

Arjun: HTTP Parameter Discovery Suite

https://darkwebinformer.com/arjun-http-parameter-discovery-suite/

🚨Claimed Sale of UK Manufacturing Network Access

A threat actor is auctioning alleged RDWeb access to a UK-based manufacturing company with reported revenue of $11.6 million. The listing includes domain user credentials and the AV is Windows Defender.

Start: 150$
Step: 50$
Blitz: 300$

APKDeepLens is a Python based tool designed to scan Android applications (APK files) for security vulnerabilities.

GitHub: https://github.com/d78ui98/APKDeepLens

alert(1) to win - A set of XSS challenges

Link: https://alf.nu/alert1

🚨Alleged BitMart Data Breach

A threat actor is claiming responsibility for a breach of BitMart, alleging the release of a dataset containing over 1.2 million user records. The leaked data reportedly includes:

• Email addresses
• Phone numbers
• Other sensitive personal information

🚨Claimed Sale of Browser-in-the-Middle (BitM) Platform for 2FA Phishing

A threat actor is advertising a Browser-in-the-Middle (BitM) platform built on Kameleo, designed for full session hijacking, 2FA bypass (TOTP, SMS, backup codes), and realistic browser fingerprinting. The tool captures sessions with cookies and tokens and claims compatibility with major platforms.

Price: $12,000

Key features include:

• Full BitM architecture using real browsers (not proxies)
• Anti-detection HTML/CSS generation
• Session persistence with long-lived cookies
• GraphQL/WebSocket control interface
• Cloudflare-protected hosting, no metadata leaks
• Next.js + NestJS architecture with automation via Kameleo Local API