Daily Dose of Dark Web Informer - May 11th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
KAMS PARIS Allegedly Breached Exposing 187,927 Customer Records From the French Niche Perfumery
A threat actor is selling the customer database of KAMS PARIS, a Parisian niche perfumery founded in 1960 and located at 6 Avenue de l’Opéra, specializing in rare niche perfumes, skincare, and beauty products with delivery across Europe.
SAWTAD Allegedly Leaked Exposing 2,211 Files (2.19 GB) of SAW Sensor Diaper Tech R&D and SPMet Metrology Archive
A threat actor is selling a full archive described as one of the deepest technical leaks in the field of Surface Acoustic Wave (SAW) sensors and their application in smart diapers (Smart Diaper / Wetness Sensing).
Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit
Google's Threat Intelligence Group has documented what it describes as the first confirmed instance of threat actors leveraging artificial intelligence to engineer a zero-day exploit, marking a significant escalation in how AI is being weaponized for cyberattacks.
Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution
Mansoura University Allegedly Leaked Exposing 731 Contact Records From the Egyptian Academic Institution
German Authorities Shut Down Revived "Crimenetwork" Platform, Arrest Operator on Mallorca
German law enforcement has dismantled the relaunched version of the criminal online marketplace "Crimenetwork" and arrested its alleged operator on the Spanish island of Mallorca, the Federal Criminal Police Office (BKA) and the Frankfurt Public Prosecutor's Office's cybercrime unit (ZIT) announced on May 8, 2026.
Kingdom Market Admin Sentenced to 16 Years in Prison
Alan Bill, a 33-year-old Slovakian man from Bratislava, was sentenced Thursday to 200 months (16 years and 8 months) in federal prison by U.S. District Judge Cristian M. Stevens for his role in operating Kingdom Market, a darknet marketplace that ran from March 2021 to December 2023.
Meetic Allegedly Leaked Exposing 7 Million User Records From the French Online Dating Platform
A threat actor claims to have leaked a database from Meetic, a major French online dating platform, releasing 7,169,561 records for free under the hashtag #freebreach3d.
Credilink Allegedly Breached Exposing 243 Million Records From the Brazilian Credit Data Provider
A threat actor is selling a 243 million record dataset attributed to credilink.com.br, described in the post as a Brazilian credit information and risk analysis provider serving financial institutions and retailers.
LDLC Allegedly Leaked Exposing 1.5 Million Customer Records From the French Tech Retailer
A threat actor claims to have leaked a database from LDLC, a major French retailer of computers, components, smartphones, and gaming/audio/TV equipment, releasing 1,504,635 records for free under the hashtag #freebreach3d.
Community Choice Credit Union Allegedly Breached Exposing 1M+ Premium Credit Client Records
A threat actor is advertising what they describe as a US banking / premium credit client dataset tied to communitychoicecu.com, releasing a 1M+ record sample with full card numbers, names, issuing banks, and addresses.
Ivanti Warns of New EPMM Zero-Day Exploited Using Credentials Stolen in January Attacks
Ivanti has issued an urgent security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing five vulnerabilities including one that is actively exploited in the wild.
HOMES Real Estate Platform Allegedly Leaked Exposing 7 Million Agent and Investor Records
A threat actor claims to be selling a 2.47GB CSV database from real estate platform homes.at.world, totaling 7,023,773 lines split between 4,883,773 agent records and 2,140,000 investor records.
US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access
A threat actor claims to be selling live, authenticated admin panel access to a major US Non-Emergency Medical Transportation (NEMT) platform, advertising real-time control over operations rather than a static dump.
Antel TuID Digital Allegedly Breached Exposing 8GB of Data From the Uruguayan State Telecom’s E-Government Platform
A threat actor claims to have compromised TuID Digital, the digital identity platform operated by Uruguayan state-owned telecom Antel, by obtaining the API key stored alongside internal files on Antel’s server backend.
Laboratorios CEFLO Allegedly Breached Exposing 21K Positive HIV, Syphilis, and COVID Test Results From the Mexican Lab
A threat actor describing themselves as specializing in “stealing medical data” claims to have breached Mexican clinical lab Laboratorios CEFLO, releasing the dataset for free out of stated retaliation after the lab allegedly ignored a paid pentest offer.
Belgian Sports/Fitness Chain Allegedly Breached Exposing 105K Customer Records With IBAN Data
A threat actor claims to be selling a customer database from a Belgian sports/fitness business (gym branding visible in the post as “ANIMO”), advertising it as containing 105,000 customers with full IBAN banking details. The seller is offering tiered pricing with $90 per 1,000 customers or $8,500 for the full dataset.
MoreIdeas General Trading Allegedly Re-Leaked Exposing 787,217 Student Records From the Dubai EdTech Firm
A threat actor claims to have re-dumped the moreideas.ae database, stating this version is “more juicy than before” and dating the breach to May 2026
Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
A threat actor claims to have leaked a database from Indonesia’s Ministry of Energy and Mineral Resources (Kementerian ESDM), specifically the list of distributors for general commercial business entities of fuel oil for the second semester of 2025
Daily Dose of Dark Web Informer - May 6th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
A real-time cyber threat intelligence platform that monitors the dark web and clearnet for data breaches, ransomware campaigns, darknet market activity, leaked databases, and active threat actors.