❗️🇫🇷 Data from "Choisir le service public," the French government's official public sector job portal, is allegedly being sold. The listing claims to contain records of 377,418 job seekers, with proof screenshots showing candidate profiles including personal details, emails, phone numbers, and application history.

OSINT-D2 ingests usernames and/or emails, aggregates public evidence from multiple OSINT sources, and enriches the dataset with targeted scrapers. GitHub:

GitHub

GitHub - Doble-2/osint-d2: Beyond enumeration: Automated identity triangulation and cognitive profiling for modern OSINT investigations. 🕵️‍♂️🧠

Beyond enumeration: Automated identity triangulation and cognitive profiling for modern OSINT investigations. 🕵️‍♂️🧠 - Doble-2/osint-d2

‼️ CISA has added 4 vulnerabilities to the KEV Catalog

CISA KEV Catalog

CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability

‼️🇺🇸 USA - Bank Firewall & Network Admin Panel access listed for sale ($300) 🇺🇸 USA - College Software Suite (SaaS) Firewall & Network Admin Panel access listed for sale ($200) 🌏 Asia - Largest Real Estate Developer Firewall & Network Admin Panel access listed for sale ($300) 🇺🇦 Ukraine - Accounting & Finance Company Firewall & Network Admin Panel access listed for sale ($200) 🇺🇸 USA - Electronic Device Manufacturer Firewall & Network Admin Panel access listed for sale ($200) 🇨🇳 China - Luxury Jewelry Company Firewall & Network Admin Panel access listed for sale ($200)

❗️🇨🇳 Firewall and network admin panel access to a Chinese finance organization is being sold for $300. The listing claims root RCE plus shell access on a Linux-based firewall device. The seller, a known initial access broker, is accepting contact through Session.

‼️🇺🇸 IT access to a U.S. company with $20M+ in revenue is being auctioned, with proof showing a remote monitoring and management (RMM) panel connected to multiple endpoints. The listing claims access to over 8,040 networks with daily updates. The auction starts at $2,000 with a blitz price of $3,500. Note: The green bars are not done by me.

‼️🇮🇷 A data set from the Islamic Azad University in Iran has allegedly been leaked, exposing multiple tables of sensitive records. The data includes user credentials with national IDs and passwords, student personal information, faculty payment records, and administrative department structures. The leak also contains detailed student registration data with extensive academic and personal fields.

‼️ Reuters reports that French prosecutors raided X’s Paris offices on Tuesday as part of a criminal investigation originally opened in January 2025 over alleged algorithm manipulation. The probe has since expanded to include charges of complicity in distributing child sexual abuse material, generating sexually explicit deepfakes via the Grok AI chatbot, and Holocaust denial, which is a crime under French law. The raid was carried out by the Paris prosecutor’s cybercrime unit with support from Europol and French police. Voluntary interview summonses for April 20 have been issued to both Elon Musk and former X CEO Linda Yaccarino. X has previously denied wrongdoing and characterized the French investigation as politically motivated.

❗️🇲🇹 Gozo Channel, the ferry operator connecting Malta's islands, confirmed it was targeted in a cyberattack on Tuesday. The company said the incident impacted certain internal IT systems but was quickly contained thanks to existing infrastructure safeguards and contingency protocols. Ferry services were not disrupted. The company emphasized that all vessels continue to run on their normal schedule and that operations remain fully unaffected. Technical teams are currently working to restore the administrative systems that were impacted, and the company plans to bring in specialist cybersecurity forensic experts to support the investigation and recovery effort.

Gozo Channel Ltd. maintains full ferry operations following cyber security incident - The Malta Independent

Gozo Channel Ltd said that it has experienced a cyber security incident affecting certain IT systems. The Company wishes to reassure the public tha...

❗️🇵🇰 Internal documents from the Pakistan Institute of Education (PIE) have allegedly been leaked, including strategic planning documents, budget breakdowns, and organizational charts. The threat actor claims the leak focuses on institutional operations and priorities rather than personal data, and has teased additional leaks to follow.