‼️A known initial access broker is selling firewall and network admin panel access to three government entities: 🇹🇭 Thailand Government-Owned Visa Program: Root RCE + shell access on a Linux firewall, priced at $300. 🇵🇸 Palestinian Government Agency (Foreign Aid Portal): Same level of access on a Linux firewall, priced at $400. 🇮🇩 Indonesian Government Land Authority: Root RCE + shell + network admin panel on a Linux firewall, priced at $300.

‼️CVE-2026-25049: N8n AI Workflow Remote Code Execution "This vulnerability allows an attacker to execute arbitrary system commands through misconfigured or insecure AI workflow execution paths. When chained correctly, it can lead to full server compromise depending on deployment configuration." Video Credit: youtube.com/@SecureLayer7

‼️🇷🇸 A data set for GiftOnCard, a Serbia-based gift card platform, is being sold with the seller claiming to still have active access. The leak includes 152,000 web user records with passwords, 130,000 card registration entries, and 2.7 million gift card records containing detailed cardholder PII, transaction data, and loyalty program information.

‼️ PLAY Ransomware claims 3 victims 🇺🇸 Woodfield 🇺🇸 CBH Homes 🇺🇸 ISTS

‼️ 139 TB of data? No shot.

TLDFinder: A streamlined tool for discovering private TLDs for security research. GitHub:

GitHub

GitHub - projectdiscovery/tldfinder: A streamlined tool for discovering private TLDs for security research.

A streamlined tool for discovering private TLDs for security research. - projectdiscovery/tldfinder

▪️TLD based DNS lookups (Passive) ▪️TLD based DNS lookups (Active) ▪️STD IN/OUT and TXT/JSON output

‼️ A large collection of email-only crypto databases is being offered for sale, covering U.S. and mixed geographies from 2021–2026. The actor is providing a list of available databases and samples, with purchases handled via Telegram on a per-database basis.

‼️🇫🇷 Two French educational institutions allegedly breached... Lycée Notre-Dame des Dunes and Lycée Saint-Charles. The data has been posted freely for download. The group also claims to hold 7 TB of unreleased databases from across the French sector, totaling 378 million records, and is threatening further leaks.

‼️ A threat actor has posted three separate listings: China Union Pay: 171 million rows of deduplicated cardholder data allegedly from China UnionPay, including phone numbers, names, national IDs, provinces, carrier info, and dates of birth. Crypto Currency Bundle: A 3.7 GB compilation of 21.2 million records spanning dozens of major crypto platforms including Coinbase, Binance, KuCoin, Poloniex, Bitfinex, and Paxful, containing combo credentials, email leads, and phone-linked customer data. Hong Kong Stock Investment: 920,000 unique rows allegedly from KGI Asia's platform, containing emails, phone numbers, stock names, trade volumes, and transaction amounts dated from February 2025.

‼️🇫🇷 Threat Actor Claims Breach of Loxam Delivery Operations, Offers 828K Records Spanning 2020–2026

Threat Actor Claims Breach of Loxam Delivery Operations, Offers 828K Records Spanning 2020–2026