🚨Alleged Sale of Beaconism EDR/XDR Evasion BOF Loader

• Category: Malware
• Threat Actor: Beaconism
• Forum: Exploit
• Network: Clearnet, Dark Web

• Details: The actor is offering a modular payload loader named “Beaconism” with advanced EDR/XDR evasion techniques. It supports native x64 and Beacon x64 BOF frameworks, features signed output, and includes stealth mechanisms such as smart sleep masks, AMSI bypass, ETW patching, SmartScreen bypass, and various anti-analysis techniques.

All for the low price of... 2,000$/month

Daily Dose of Dark Web Informer - 30th of July 2025

https://darkwebinformer.com/daily-dose-of-dark-web-informer-30th-of-july-2025/

Threat Attack Daily - 30th of July 2025

https://darkwebinformer.com/threat-attack-daily-30th-of-july-2025/

Ransomware Attack Update for the 30th of July 2025

https://darkwebinformer.com/ransomware-attack-update-for-the-30th-of-july-2025/

🚨🇮🇱Alleged Leak of 3.9 Million Israeli Citizen Records

• Category: Data
• Threat Actor: OHKA21
• Forum: DarkForums
• Network: Clearnet, Dark Web

• Details: Threat actor claims to possess a database of 3.9 million Israeli citizens. Exposed fields include phone number, UID, email, first name, last name, gender, date registered, birthday, location, hometown, relationship status, education, workplace, pages, and timestamps. Sample records were included showing detailed personally identifiable information (PII) and potential Facebook-originated data.

🚨🇨🇦🇪🇺🇺🇸Auction of 1029 CC+CVV Records

• Category: Fraud
• Threat Actor: upshop33
• Forum: Exploit.
• Network: Clearnet, Dark Web

• Details: Threat actor is auctioning a set of 1,029 CC+CVV records, primarily Canadian, with 63 from the EU and 70 from the US. Data is allegedly from a personal live scrap. Some entries include driver's license numbers. A bonus of 3,000 expired cards from the same source is offered for those who pay the blitz price.

💰Pricing:

Start: 5,000$
Step: 100$
Blitz: 20,000$

ShinyHunters Linked to Salesforce Data Breaches Targeting Qantas, Allianz Life, and LVMH

https://www.bleepingcomputer.com/news/security/shinyhunters-behind-salesforce-data-theft-attacks-at-qantas-allianz-life-and-lvmh/

Autoswagger: A command-line tool designed to discover, parse, and test for unauthenticated endpoints using Swagger/OpenAPI documentation.

GitHub: https://github.com/intruder-io/autoswagger/

🚨CVE-2025-54418: CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

FOFA Query: app="CodeIgniter-PHP-Framework"

Results: 2,254,632

FOFA: https://en.fofa.info/result?qbase64=YXBwPSJDb2RlSWduaXRlci1QSFAtRnJhbWV3b3JrIg%3D%3D

CVSS: 9.8

Advisory: https://github.com/advisories/GHSA-9952-gv64-x94c

🚨🇺🇸Alleged Data Breach of Diamond Respiratory Care, Inc.

https://darkwebinformer.com/alleged-data-breach-of-diamond-respiratory-care-inc/