kblog1

Dark Web News Analysis A threat actor is auctioning access to a large database claimed to belong to Fortinet on a prominent hacker forum. The seller highlights several points to attract buyers: This combination of claims points strongly towards an Access-as-a-Service (AaaS) offering derived from a massive compilation of infostealer ...

Dark Web News Analysis A threat actor is advertising the sale of unauthorized FTP (File Transfer Protocol) access with “ADMIN” privileges to a major US retail company, potentially specializing in sportswear/athletic footwear, with an estimated $6.5 Billion revenue. The sale is listed on a prominent hacker forum for $3,700. This ...

Dark Web News Analysis A threat actor is advertising a massive data trove for sale on a prominent hacker forum, claiming it was stolen from GERAR, identified as a professional training and job placement platform (highly likely operating in Brazil based on data types). The scale of the alleged breach ...

Dark Web News Analysis A threat actor is advertising the sale of unauthorized access credentials allegedly belonging to users at companies known to utilize Fortinet products. This sale is occurring on a prominent hacker forum. Key details from the advertisement include: This is not a typical database sale but rather ...

Dark Web News Analysis A threat actor is advertising the sale of a new, decentralized BotNet loader on a prominent hacker forum. This malware represents a significant evolution in botnet architecture, posing a severe threat to traditional cybersecurity defenses. Instead of relying on centralized, seize-able Command & Control (C2) servers, ...

Dark Web News Analysis A threat actor is advertising the sale of unauthorized, high-privilege access to the internal network of a significant Thai company, potentially named “Access Thailand” (based on the value mentioned). The access being sold is “Domain Admin” (DA), the highest level of administrative privilege within a Windows ...

Dark Web News Analysis A threat actor is advertising the Golang source code for an “automatic extension installer” for $1,500 on a prominent hacker forum. This is a highly malicious tool—effectively a malware loader—designed specifically to target Chrome, Edge, and Opera browsers. The tool’s two primary selling points are persistence ...

Dark Web News Analysis A threat actor is advertising a database for sale on a prominent hacker forum, claiming it contains customer information stolen from an unnamed Taiwanese tour company. The database allegedly includes nearly 20,000 lines of data and is being offered for a low price of $400. This ...

Dark Web News Analysis A threat actor has posted a high-value asset for sale on a prominent hacker forum: a weaponized N-day exploit targeting a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite (EBS). The exploit is being offered for $10,000 USDT (or other cryptocurrencies), with the seller guaranteeing its functionality ...