Allegations Emerge of a Massive 1.2B Facebook Data Leak on the Dark Web https://dailydarkweb.net/alleged-new-facebook-database-breach-surfaces-on-dark-web/ #DarkWebNews&Services #CyberSecurity #datasecurity #allegedleak #databreach #APIabuse #Facebook #darkweb

Telegram Shuts Down 'Largest Illicit Online Marketplace' After Elliptic's Insights - Telegram has shut down the illicit marketplace Haowang Guarantee, formerly Huione Guarant... - https://www.coindesk.com/business/2025/05/15/telegram-shuts-down-largest-illicit-online-marketplace-after-elliptics-insights #criminalactivities #marketplaces #telegram #elliptic #finance #darkweb #crime #news

Update:

Doesn't appear to be a breach, but, ya know, it's still good security practice to change your password and use 2FA anyway.

Original:

Two-factor your accounts, too, if you haven't!

You should probably change your Steam password: data from over 89 million Steam users is reportedly on the dark web following a vendor breach

https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web

External-Attack-Surface-Management mit Modulen für Social-Media und Datenlecks

#Angriffsfläche #Bedrohungslage #DarkWeb #Datenleck #DigitalRiskProtection #EASM #ExternalAttackSurfaceManagement @Outpost24 #Risikomanagement #Schwachstelle #SocialMedia #ThreatIntelligence

https://netzpalaver.de/2025/05/08/external-attack-surface-management-mit-modulen-fuer-social-media-und-datenlecks/

German police have seized the dark web shop #Pygmalion, gaining access to user data tied to 7,250 drug orders. Arrests made, servers down, domains seized.

Read: https://hackread.com/police-seize-dark-web-shop-pygmalion-user-data-orders/

Mapping China’s Fentanyl Supply Chain to the U.S.

This 16-page OSINT report exposes real vendors, domestic Chinese platforms, and digital trafficking infrastructure — far beyond what Google can see.
We dug into the real China’s internal ecosystem — domains, seller communications, logistics tactics — and mapped how fentanyl flows toward the U.S.

Read the full report here:
https://epcyber.com/blog/f/mapping-china%E2%80%99s-fentanyl-supply-chain-epcyber-report

AI, Automation, and the Dark Web Are Supercharging Cybercrime

The future of cyberattacks isn’t coming.
It’s already here — faster, smarter, and more dangerous than ever.

- FortiGuard Labs' 2025 Global Threat Report reveals a massive leap in attack speed and sophistication.
- Attackers now automate reconnaissance, weaponize vulnerabilities faster, and scale operations like never before.
- AI tools like FraudGPT, WormGPT, and BlackmailerV3 are making it easy for anyone to launch targeted attacks.

Here’s how the threat landscape is evolving:
- Automated scanners now launch 36,000 vulnerability scans per second.
- AI-generated phishing, deepfakes, and identity theft campaigns are exploding.
- Dark Web marketplaces are booming — with 42% more stolen credentials for sale year-over-year.
- Initial Access Brokers (IABs) are selling direct entry into corporate networks, VPNs, and admin panels.

No one is safe — and attackers no longer need technical skills.
A few clicks, a few dollars, and you have the tools to breach global enterprises.

Especially at risk:
- Manufacturing (attacks up 17%)
- Business Services (up 11%)
- Retail and Construction (up 9% each)

Defense strategies must evolve too:
- Think like an attacker — not just a defender.
- Emulate real-world adversaries through red and purple teaming.
- Prioritize rapid patch management and automate threat detection at scale.

In 2025, standing still is losing.
Security teams need to outpace — or be outplayed.

Finally got my @QubesOS > @whonix Gateway > @torproject browser up and running.

Time to surf the waves of the deep dark web

I might do some real nefarious shit, like go to Silk Road and order 2000 hotdogs, or maybe deepfake videos of me winning arguments

This is proper use of the dark web, right?

Have you ever walked into a supermarket, pharmacy, or department store looking to buy a specific item, only to find the layout confusing? Perhaps you ended up aimlessly strolling around, purchasing other items? This is deliberate, and known as the Gruen Transfer. The 'Transfer' part is the moment that you, as a consumer surrounded by a deliberately confusing layout, lose track of your original intentions.
We've all experienced it, and now it's starting to consume the internet. #Internet #GruenTransfer #DarkWeb #WWW #Enshitification

https://sebs.website/blog/the%20gruen-transfer-is-consuming-the-internet

DeepSeek Breach Opens Floodgates to Dark Web #breach #darknet #darkweb https://www.darkreading.com/cyberattacks-data-breaches/deepseek-breach-opens-floodgates-dark-web

I had the pleasure of presenting at #FIRSTCTI25 in Berlin:

"The Art of Pivoting – How You Can Discover More from Adversaries with Existing Information."

The talk explored how unconventional indicators, like cookie names, QR codes, HTTP headers (HHHash), DOM structures, and reused Google Analytics IDs, can reveal surprising links across threat actor infrastructure and behavior.

We also shared real-world insights from our crawling and analysis with AIL, including:

• How “weak” indicators can gain strength through composite correlation
• Unexpected metadata reuse across Tor services and social platforms
• How AIL enables more creative and effective pivoting workflows

Slides https://www.ail-project.org/assets/img/slides/the-art-of-pivoting.pdf

#threatintel #threatintelligence #cti #opensource #cybersecurity #darkweb

@misp @ail_project @circl

Thanks to @terrtia for the crazy discussions around correlations!

Major AI data breach: DeepSeek leaks 1M+ records to the Dark Web

China-based AI startup DeepSeek just exposed a staggering volume of sensitive data:
1M+ chat logs
API keys, backend metadata
Unencrypted traffic via iOS app (ATS disabled)
Open ClickHouse database with full control

This wasn’t just a lapse — it was a floodgate.

AI companies (and anyone integrating LLMs) must:
Audit storage configs
Enforce secure transport policies
Monitor for unintentional data exposure

The future of AI relies on building trust. That starts with securing it.

#AI #CyberSecurity #DataBreach #DarkWeb #InfoSec
https://www.darkreading.com/cyberattacks-data-breaches/deepseek-breach-opens-floodgates-dark-web

Schweizer Cybersecurity-Anbieter kauft Konten von Hackerforen - inside-it.ch https://www.inside-it.ch/schweizer-cybersecurity-anbieter-kauft-konten-von-hackerforen-20250415 #Darknet #Darkweb #Deepweb

If @Jhaddix says so, you can be sure.

#BreachForum down
Gruppo pro-palestina rivendica l'attacco.
Alcuni commenti fanno pensare ad un'azione legale contro #IntelBroker che però non riceve conferme al momento.
Meglio attendere, troppe voci
#darkweb #CTI

Prodaft is taking an aggressive new approach to threat intelligence:
They’re buying access to major dark web forums — including admin and moderator accounts — in exchange for cryptocurrency.

Here’s what they’re offering:
Crypto payments, no questions asked
Full anonymity for sellers
Access to five top-tier forums
Prioritized payouts for higher access levels

The move aims to give security teams unprecedented visibility into cybercriminal operations — but it also pushes ethical and operational boundaries.

Would your team use intel gathered this way?

#Cybersecurity #ThreatIntel #DarkWeb #InfoSec #Ethics

https://www.darkreading.com/threat-intelligence/threat-intel-firm-crypto-dark-web-accounts

Over 200 German politician email addresses appear on dark web
https://proton.me/blog/de-politicians-dark-web

That's not surprising. There are even more German politicians on the darkest web, using X as their primary and official communication channel.

Les hackers peuvent se faire aussi hacker ! Le site du gang Everest piraté sur le #DarkWeb. Le groupe de hackers russes Everest a dû faire face à une mauvaise surprise en ce début de semaine. Le #siteweb qu'il utilisait pour ses #fuites a en effet été saisi par quelqu'un d'autre !
https://www.clubic.com/actualite-560460-les-hackers-peuvent-se-faire-aussi-hacker-le-site-du-gang-everest-pirate-sur-le-dark-web.html

“Don’t do crime, CRIME IS BAD xoxo from Prague” — the Everest ransomware gang’s leak site was hacked and defaced this weekend.

https://techcrunch.com/2025/04/07/someone-hacked-everest-ransomware-gang-dark-web-leak-site/

Funny? Sure. But here’s the dark side:

When ransomware gangs get hacked, victim data often ends up even more exposed—spreading further across the dark web, forums, and private channels.

Hackers hacking hackers isn’t justice. It’s just collateral damage for victims.

Everest ransomware’s dark web leak site just got a surprising takedown—with a cheeky message from Prague left in its place. What does this mean for cybercrime networks? Read more about this unexpected twist.

https://thedefendopsdiaries.com/everest-ransomwares-dark-web-leak-site-defaced-and-taken-offline/

#ransomware
#cybersecurity
#darkweb
#infosec
#cybercrime