🇻🇪 Venezuela – DIGITEL Customer Database Allegedly Exposed * A threat actor claims to have breached systems associated with Venezuelan telecommunications provider DIGITEL. * According to the listing, approximately 393,815 active customer records were allegedly extracted. * The actor claims the exposed data includes: * First names * Last names * Mobile numbers * Service plans * Account balances * Account status information * Email addresses * Customer identifiers * Document/identification types * Payment-related attributes * Internal customer IDs * The post includes a proof-of-concept sample allegedly demonstrating access to the underlying dataset. * If verified, the exposed information could enable: * SIM-swap targeting * Telecommunications fraud * Account takeover attempts * Identity theft * Phishing and smishing campaigns * Customer impersonation attacks * Social engineering against telecom support teams * Telecommunications providers remain highly attractive targets because subscriber records can be leveraged to facilitate downstream attacks against banking, government, and digital identity services. Analyst Note: Telecom breaches often have consequences beyond customer privacy. Mobile numbers serve as a core identity layer for many online services, making telecom datasets particularly valuable to threat actors conducting account recovery abuse, OTP interception campaigns, and targeted fraud operations. #DDW #Intelligence #DarkWeb #Venezuela

🚨🇻🇪 A threat actor known as GordonFreeman, claiming to act under the group L4TAMFUCK3RS, says they breached Venezuela's National Institute of Land Transportation (INTT) via an SQL injection on a subdomain that was taken offline during the extraction. The actor claims around 788,000 records were pulled from a database of 8.65 million licenses, including document numbers, full names, nationality, sex, age, blood type, allergies and medical notes, emails, phone numbers, and detailed home addresses. A proof-of-concept sample has been posted, with threats of further attacks on Venezuelan systems. Claim is unverified. 💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing

🌐 Grindr (designed specifically for the LGBTQ community) Database Allegedly Offered for Sale A threat actor claims to be selling a database allegedly associated with Grindr users The listing advertises more than 15 million records According to the post, the exposed fields allegedly include usernames, email addresses, profile information, location data and account metadata The seller claims the dataset contains demographic information, account activity details, device information and profile attributes The listing references highly sensitive categories of data, including sexual orientation and geolocation-related fields The authenticity of the data, the number of affected users and the source of the alleged breach remain unverified Analyst Note: If authentic, exposure of dating platform user data could present significant privacy and safety risks. The combination of identity, contact information, profile attributes and location-related data may enable targeted phishing, extortion, doxxing, stalking and other forms of abuse against affected individuals. Daily Dark Web has not independently verified the authenticity of the claims or the alleged leaked data. #DDW #Intelligence #DarkWeb #Grindr

🇻🇪🇺🇸Lo tengo que denunciar! @somoscashea se está LUCRANDO con la crisis en Vzla Familiares y amigos me dicen que no logran pagar a tiempo la cuota y x 3 días de retraso te suben 5$ NO SEAN SÁDICOS! Ustedes hicieron estudios, sabían q el vzlano al final paga Bajenle dos!

Today Instagram had this massive exploit where hackers were just stealing rare handles left and right. Hundreds of accounts gone. People losing handles they’ve owned since 2010, some worth hundreds of thousands. I own a few rare ones so I was actually stressed watching this happen in real time, which I haven’t been in years. Obama White House account got hit. These aren’t some random new accounts, these are verified, locked down accounts and they still got compromised. The thing is the exploit is so simple it’s almost funny. Attacker goes to Forgot Password, says their account is hacked, turns on a VPN to match the target’s location (which now you can find on the about section of the page). Instagram’s AI support flow asks them to verify with a selfie. They grab a photo from the target’s profile, run it through an AI video generator to make an animation of the person’s face moving around, upload that to Meta’s AI as proof. And Meta’s AI just accepts it because it can’t tell the difference between a real selfie and an AI-generated video of someone’s face . Once verified they change the email to theirs. Password reset link goes to their email. They own it now. 2FA gets bypassed somehow in the process but honestly I don’t know exactly how, just that it did. Point is even locked down accounts went down. Then you try to recover your account and you’re talking to a chatbot that has zero ability to help. You can’t escalate to a human. You’re just stuck. Your asset is gone and there’s no one to call. The whole thing just highlighted how stupid it is to automate account security without any human in the loop. One AI fooling another AI while there’s literally no person anywhere to catch it. Meta took hours to even acknowledge it while accounts were getting stolen every minute. Now thankfully it’s patched but I don’t think it will be the last one. Stay safe!

@BDT_VE Good luck!!

THIS IS HUGE‼️ 🌐 “OnlyFans Mega Leak” allegedly containing approximately 340 million user records involving both fans and creators. According to the visible listing, the claimed dataset may include: • usernames and display names • email addresses • linked phone numbers • account creation dates • follower/subscriber metrics • likes and content statistics • creator/fan classifications • linked social profiles • partial payment card metadata (claimed last 4 digits) If authentic, this would represent one of the most operationally sensitive adult-platform-related exposures observed due to the combination of: • identity data • behavioral metadata • financial indicators • social linkage information • creator activity metrics The biggest risk here is not necessarily direct financial theft. The primary danger is: • extortion • doxxing • blackmail • targeted harassment • reputational attacks • account takeover campaigns • relationship/social exposure Adult-platform ecosystems are uniquely sensitive because attackers can combine: • usernames • linked social media • email reuse • payment references • creator/fan relationships • behavioral activity patterns to deanonymize users who believed their identities were separated from their online activity. For creators specifically, risks may include: • impersonation • stalking • swatting • revenue theft • subscriber fraud • credential compromise • targeted phishing pretending to be platform support or agencies For fans/users: • sextortion campaigns • phishing emails • credential stuffing • blackmail attempts • fake legal notices • cryptocurrency scams • exposure of private consumption habits One particularly concerning element is the reference to: • linked profiles • activity metrics • internal identifiers because these fields may allow correlation attacks across multiple platforms and previously leaked datasets. However, several important caveats exist: • extremely large breach claims are often exaggerated • underground actors frequently recycle older datasets • “scraped” data may originate from multiple unrelated leaks • partial data collections are sometimes rebranded as “internal databases” At this stage, the authenticity, source, freshness, and completeness of the alleged dataset remain unverified. Recommended immediate actions for users potentially affected: • change passwords immediately • enable MFA • avoid password reuse • monitor phishing attempts • review connected social accounts • monitor for impersonation attempts • remain alert for extortion emails or social engineering campaigns Platforms operating creator ecosystems should additionally: • monitor credential stuffing spikes • review API abuse • audit scraping protections • monitor underground marketplaces • strengthen anti-bot controls • alert high-risk creators proactively Because of the reputational and emotional sensitivity associated with adult-platform ecosystems, even limited verified exposure could have disproportionate real-world impact. 🌐 #DDW #Intelligence #CyberSecurity #DarkWeb #ThreatIntelligence #DataBreach #Infosec #OSINT #Privacy #OnlyFans

NVIDIA has removed "gaming revenue" from their financial reports. It's now a footnote in their "Edge Computing" section of their filings. Datacenters are the bulk of the report. It's so over, boys.

CXMT DDR5 DRAM Die Appears in Corsair Memory

🚨 THE MEMORY CARTEL IS ABOUT TO FALL. Ex-Samsung chip boss says heavy Chinese investment in the memory market could crush the 414% DDR5 price spike within a year. Goldman calls it RAMageddon. Samsung, SK Hynix, and Micron control 70% of global DRAM and pushed prices from $6.84 to $27.20 in 3 months. Now China is gearing up to flood the market. Cheap memory = cheap AI compute = the cartel cracks.