Github knew for hours, they delayed telling you and they wont be honest in the future. what an amazing run, its been an honor to play around with the cats over the past few months. #teamPCP #github

There are vulnerability brokers who have never published a single CVE, never spoken at a conference, never appeared in any public research. They just buy zero days quietly, resell them to governments quietly, and make more money than most Series A startups.

if bug bounty's arent treating you correctly and you're getting played by triagers - hmu on matrix:) matrix.to/#/#cybercats-chat:…

😮😬 🚨 TeamPCP has posted a community statement addressing rumors and announcing the end of a partnership with HasanBroker. The actor states that TeamPCP will no longer work with HasanBroker, citing poor treatment of staff and claiming HasanBroker was phished and lost access to his own domains and database, allegedly having to ask TeamPCP to retrieve it from an earlier breach attributed to Xploitrs. The actor frames the post as a "sign of life," denying speculation that the team's spokesperson had been arrested or compromised, and explains that control of the alias would have transferred to another operator had that occurred. The actor invites contact regarding the forum, partnering on operations, or access and data, providing Session and Tox accounts. Claim is unverified. 💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing

github.com/kernelstub/Ferrum hmmm toolkit for windows vulnerabilities someone lmk if its good (and ive been asked to tell you to star it aswell)

run it back👀

🇺🇸 Dynatrace - A threat actor is claiming to sell an alleged internal Dynatrace GitHub organization dump containing 246 repositories and approximately 8.46 GB of data. According to the actor, the dataset was obtained through a compromised developer Personal Access Token (PAT) and includes infrastructure topology, CI/CD configurations, Kubernetes management details, Terraform modules, ArgoCD deployment information, cloud account references, and internal deployment credentials. The actor is offering the dataset for $12,000 and claims it contains information that could assist in mapping Dynatrace's internal cloud and software delivery environments. Daily Dark Web has not independently verified the authenticity of the claims or the alleged repository contents. Analyst Note: Infrastructure and CI/CD exposures can present greater long-term risk than traditional customer data leaks, as they may provide attackers with visibility into deployment pipelines, cloud environments, privileged service accounts, and software supply chain operations. #DDW #Intelligence #DarkWeb #Dynatrace

CTI very subtle now days.

alright who rootkitted the vps cough up

> be @github > be acquired by @Microsoft > get annoyed because @ChaoticEclipse0 published 0-days or because @xploitrsturtle2 published github's compromise evidences / proofs that github was successfully breached > start a ban-wave targeting any "hacker related profile" > ban me on Monday around 4am without any notices > let my appeal ticket rot forever under some infinite SLA with zero explanation for the ban > lock me out from updating dozens of open-source repos i contribute to dude, i know i don’t have a profile full of followers, stars, famous projects or hype-driven repos, and i’m still learning so i can publish better work, but what kind of insane policy is this? randomly banning security researchers with no warning, no reason, not even a basic email explaining what happened, just because @msftsecresponse has beef with some other security researcher? are triagers’ egos really that weak? i’ve already seen multiple people on X getting hit by the same thing (like @yebtimothy, @MiroslavSraga, @CollinsCaxton4, @wavey0x and another guy that i forgot his username here on X), so i’m definitely not the only one. now imagine everyone else who doesn’t want to go public and is just taking this garbage silently, GEEZ

github.com/portbuster1337/Ar… star plz

bleh

🚨🇺🇸 A threat actor known as xpl0itrs is advertising a dataset allegedly tied to Dynatrace, a publicly traded observability and monitoring SaaS platform whose primary customers are Fortune 500 enterprises. The actor claims to have dumped the company's internal infrastructure GitHub organization using a developer's Personal Access Token (PAT), totaling 246 repositories and 8.46 GB. The listed manifest allegedly includes complete infrastructure topology, Vault endpoints and secret paths, ArgoCD deployment infrastructure, AWS account IDs and GCP KMS infrastructure, CI/CD pipelines, Kubernetes cluster state, signing certificate infrastructure, and secret management details. The actor further claims the dump exposes over 1,000 employee records with GitHub handles, names, and corporate emails, along with Sigstore developer signing material. Samples and a sample repository have been posted as alleged proof, with the data offered for $12,000 USD (negotiable) and contact arranged via Tox and a Session ID. Claim is unverified. 💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing

matrix.to/#/#cybercats-chat:… come chat >:)

976-evil

Incase some of you are keeping up with a "team" trying to profile me and some of the people i affiliate with, they've updated their AI "dossier" stating i havent refuted anything, they arent any threat to teampcp or xploitrs but i find it funny so ill keep responding XD

turtle systems back online :O