‼️🇬🇧 WordPress admin and shell access to a UK-based online shop is being auctioned. The store processes payments via Stripe iframe with roughly 558 orders across the last three months and a 70% unique order rate. The auction starts at $700 with a blitz price of $1,500.

‼️🇪🇸 Guardia Civil Dismantled a Bank Mule Network in La Rioja Under Operation Vicentius, Spain's Guardia Civil has identified 12 suspects linked to fraud, money laundering, and unauthorized access to computer systems. The group allegedly operated fake cryptocurrency investment platforms and used remote access software to drain victims' bank accounts and take out loans in their names, causing an estimated €442,650 in total losses. Stolen funds were funneled to accounts in Denmark, Lithuania, the United Kingdom, and China. The investigation remains ongoing as authorities work to trace and recover the money. Source: Guardia Civil

‼️ .cz BreachForums was briefly defaced by what looks like a XSS vuln in XenForo. XenForo is a popular forum platform that I have seen used by a lot of actors, most of which I have identified in my Threat-Surface repo on GitHub. Credit to antisocial for sending the video. Seems the war is far from over.

Daily Dose of Dark Web Informer - February 4th, 2026

Daily Dose of Dark Web Informer - February 4th, 2026

Threat Attack Update - February 4th, 2026

Threat Attack Update - February 4th, 2026

Ransomware Attack Update - February 4th, 2026

Ransomware Attack Update - February 4th, 2026

‼️ The IOC darkforums[.]io domain has been suspended. The new IOC domain is darkforums[.]me