❗️🇦🇺 A threat actor known as "ed1n1ca" is auctioning access to an Australian WordPress-based shop with hosting account control panel permissions. The site reportedly processes PayPal transactions, with monthly revenues of 813, 827, and 998 for January, December, and November respectively. The auction starts at $500 with a $1,500 blitz price.

❗️🇪🇸 Naturapps.es, a Spanish outdoor and nature app platform, has allegedly had its user database leaked by "IntelShadow," exposing 130,814 total lines with 6,724 containing relevant user data including IDs, device information, emails, and dates.

AutoPentestX - Linux Automated Pentesting & Vulnerability Reporting Tool GitHub:

GitHub

GitHub - Gowtham-Darkseid/AutoPentestX: AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool

AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool - Gowtham-Darkseid/AutoPentestX

⚠️ The Weekly Whiskey - 02/02/2026 This is a 1:1 copy from Dread user /u/samwhiskey

The Weekly Whiskey 02/02/2025

‼️ Notepad++ was Hijacked by State-Sponsored Hackers You can read more about the incident at:

Notepad++ Hijacked by State-Sponsored Hackers | Notepad++

If you use Notepad++ make sure you are running the latest version which is v8.9.1. TLDR; The breach originated at the hosting provider level, where attackers kept server access until maintenance on September 2, 2025. After losing direct access, they still held internal service credentials until December 2, 2025, allowing them to continue intercepting traffic.

‼️🇺🇸 Alleged Sale of Unauthorized Root Access to 1,500+ Linux Systems at Stevens Sales Company (SSCO)

Alleged Sale of Unauthorized Root Access to 1,500+ Linux Systems at Stevens Sales Company (SSCO)

‼️ A new infostealer called "Datura" (formerly Blitzed Grabber) is being advertised by "heistwtf" on a popular cybercrime forum. The infostealer is a fully undetected C++/ASM-based stealer with 30+ features including browser credential theft, crypto wallet harvesting, VPN/FTP client extraction, and a crypto clipper, priced from $10/week to $145/lifetime. It includes a web-based dashboard called "Candyland" that organizes stolen credentials from major platforms like TikTok, OpenAI, Instagram, Spotify, and more. IOC: candyland[.]zip

‼️ A threat actor is selling a hidden crypto contract checker tool built in Go for $15,000 ($12,000 for the first buyer), which scans EVM addresses across multiple networks including Ethereum, BSC, Polygon, Arbitrum, and Avalanche to identify contracts with hidden balances not detected by platforms like DeBank, with lifetime updates and planned XMR, Monero, and Solana support.

❗️🇪🇸 Gran Quina de Nadal, a Christmas charity event portal run by Club Natació Lloret and Club Hoquei Lloret in Spain, has allegedly had its administrator credentials leaked, with proof showing full access to the intranet's collaborator management panel containing 363 active and 101 inactive donor/sponsor records.

❗️🇪🇸 TopDirectas, a Spanish online streaming site (topdirectas.ucoz.es), has allegedly had its database leaked by a threat actor, exposing 860 user records including usernames, emails, full names, genders, IP addresses, and dates of birth.