[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

@DarkWebInformer Dark Web Informer - Cyber Threat Intelligence

Several high-profile cyber threats and data breaches have been reported lately. The Archetyp darknet market was seized by law enforcement, and there have been alleged data breaches and sales of sensitive information, including a breach of Aflac and a leak of XXXXXXX TikTok users' data. Additionally, various vulnerabilities have been discovered, including a critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.

Engagements: XXXXXX #

• X Week XXXXXXX +45%
• X Month XXXXXXXXX -XX%
• X Months XXXXXXXXX +54%
• X Year XXXXXXXXXX +6.80%

Mentions: XX #

• X Week XX -XX%
• X Month XXX +16%
• X Months XXX -XX%
• X Year XXXXX +188%

Followers: XXXXXXX #

• X Week XXXXXXX +2.10%
• X Month XXXXXXX +5.30%
• X Months XXXXXXX +36%
• X Year XXXXXXX +116%

CreatorRank: XXXXXXX #

Social Influence #

---

Social category influence countries XXXX% technology brands XXXX% stocks XXXX% social networks XXXX% cryptocurrencies XXXX% finance XXXX% currencies XXXX% gaming XXXX%

Social topic influence github #6, data breach #18, shell 2.91%, auction #134, france #2076, magento 1.94%, instagram #2636, microsoft 1.94%, social networks #51, networks #277

Top accounts mentioned or mentioned by @grok @brutsecurity @ddycome46978 @notdan @internetguy01 @thegreymouser__ @secretschools @billtoulas @sn0ren @bengabp @sn_darkmeta @reestr_ai @antidiluvian777 @sufisindh @z_jcob @arulprak_ @amazing85392019 @_elgringo @cd_slash_x @acz0x1

Top assets mentioned Microsoft Corp. (MSFT) Ethereum (ETH) Alphabet Inc Class A (GOOGL) Cloudflare, Inc. (NET) DoorDash, Inc. (DASH) Bitcoin (BTC)

Top Social Posts #

---

Top posts by engagements in the last XX hours

"🚨Alleged Sale of Chilean E-Shop Admin Panel Category: Initial Access Threat Actor: sc0rpic Forum: Exploit Network: Clearnet Dark Web Details: E-shop with 28887 total orders; 1179 orders in MayJuly. Buyer receives admin access or shell. Starting bid: 300$ Blitz: 700$. Buyer pays for escrow"
@DarkWebInformer on X 2025-07-24 16:13:21 UTC 122.4K followers, 3047 engagements

"🚨Sperta Brute VPN Cracking Tool Listed on a popular forum A cross-platform brute-forcing toolkit named Sperta Brute VPN has been advertised on a dark web forum. Designed to target corporate VPNs (Cisco Fortinet) the tool supports both scanning and credential bruteforce modes. Features: 🔹No license system; unlimited installs 🔹Written in Go supports both CLI and GUI versions 🔹Compatible with all major operating systems 🔹Supports multiple proxy types (HTTP/SOCKS) 🔹Customizable brute configs and logging options 🔹Built-in anti-ban features Price: 300$ per vendor"
@DarkWebInformer on X 2025-07-11 15:56:19 UTC 122.2K followers, 3763 engagements

"Photon: An incredibly fast crawler designed for OSINT"
@DarkWebInformer on X 2025-07-17 16:08:29 UTC 122.1K followers, 25.1K engagements

"🚨R00TK1T ISC CYBER TEAM claims to have leaked 972000 TikTok users:passwords"
@DarkWebInformer on X 2025-04-23 16:26:35 UTC 122.4K followers, 59.3K engagements

"🚨Alleged Sale of U.S.-Based Magento X Admin Access"
@DarkWebInformer on X 2025-06-30 15:02:21 UTC 122.1K followers, 3723 engagements

"The goal of PrivacyTests.org is to understand in detail: what data is each web browser leaking Which web browsers offer the best privacy protections GitHub: Website:"
@DarkWebInformer on X 2025-07-16 22:32:33 UTC 122.4K followers, 71.9K engagements

"Osintgraph: An open-source tool that collects Instagram user follower and followee data into Neo4j to map your targets connections interests and affiliations for OSINT and social network analysis. GitHub:"
@DarkWebInformer on X 2025-07-23 19:01:08 UTC 122.4K followers, 6554 engagements

"🚨CVE-2025-20337: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated remote attacker to execute arbitrary code on the underlying operating system as root. CVSS: XX The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device"
@DarkWebInformer on X 2025-07-17 20:28:52 UTC 122.1K followers, 9424 engagements

"CVE-2025-53770: Microsoft SharePoint Server Remote Code Execution Vulnerability FOFA Query: app="Microsoft-SharePoint" Results: 205k+ FOFA: ZoomEye Dork: app="Microsoft SharePoint" Results: 65.4k+ ZoomEye: CVSS: XXX Write-up:"
@DarkWebInformer on X 2025-07-21 14:32:53 UTC 122.4K followers, 11K engagements

"DarkGPT: The OSINT Assistant Powered by GPT-4-200K for Efficient Database Querying in Traditional OSINT Processes"
@DarkWebInformer on X 2025-06-27 20:28:56 UTC 122.4K followers, 72.8K engagements

"🚨Alleged Network Access for Sale to a Colombian Company Access: Full internal/public web servers database server (C2) DB admin w/ dump rights Revenue: Unknown Price: 4000$ (Negotiable)"
@DarkWebInformer on X 2025-07-23 15:24:28 UTC 122.4K followers, 3598 engagements

"H4X-Tools: Open source toolkit for scraping OSINT and more. GitHub:"
@DarkWebInformer on X 2025-07-22 16:56:30 UTC 122.4K followers, 55.8K engagements

"🚨Alleged data breach of Hello Cake and The Lallantop Hello Cake data compromised: email phone date of birth order id transaction id. The Lallantop data compromised: email addresses and full names"
@DarkWebInformer on X 2025-07-21 20:26:47 UTC 122.4K followers, 5662 engagements

"CVE-2025-53770: SharePoint WebPart Injection Exploit Tool"
@DarkWebInformer on X 2025-07-22 17:26:58 UTC 122.4K followers, 3369 engagements

"🚨Alleged Sale of STIHLShop New Zealand Customer Database Category: Data Breach Threat Actor: Sorb Forum: DarkForums Network: Clearnet Dark Web Details: 987000 unique phone records and 365000 unique emails allegedly from stihlshop.co.nz includes full names addresses phone numbers emails fax and balance info. Priced at 1200$. Escrow accepted. Sample file provided"
@DarkWebInformer on X 2025-07-25 00:01:42 UTC 122.4K followers, 3447 engagements

"Telegram Scrapper 2.0: A powerful Python script that allows you to scrape messages and media from Telegram channels using the Telethon library. Features include real-time continuous scraping media downloading and data export capabilities. GitHub: Major Performance Improvements: 🔸5-10x faster scraping with batch database operations 🔸3x faster media downloads with parallel processing (up to X concurrent downloads) 🔸10-20x faster database operations through connection pooling and batch insertions 🔸Memory-efficient exports that handle large datasets without running out of memory 🔸Enhanced"
@DarkWebInformer on X 2025-07-21 16:47:51 UTC 122.4K followers, 146.9K engagements

"🚨Alleged Sale of 290M+ Pakistani Telecom Records from vipcaller.xyz A threat actor claims to be selling a massive Pakistan telecom data leak allegedly sourced from vipcaller.xyz a VoIP call service provider. The listing includes hundreds of millions of personal records from major Pakistani mobile operators. Data includes: - Phone numbers - Full names - CNIC (Pakistani national ID numbers) - Addresses Operators mentioned: - Zong - Jazz - Ufone - Telenor Statistics provided: - Total records: 400M+ lines - Unique phone numbers: 293M+ - Unique CNICs: 80M+ A sample of the data is shown in CSV"
@DarkWebInformer on X 2025-07-15 23:11:46 UTC 122.4K followers, 7180 engagements

"🚨Alleged Sale of Shell Access to a French Magento based E-Commerce Store"
@DarkWebInformer on X 2025-07-01 16:34:35 UTC 122.1K followers, 3489 engagements

"🚨CVE-2025-25257: Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector PoC: Write-up:"
@DarkWebInformer on X 2025-07-11 19:45:48 UTC 122.2K followers, 11.1K engagements

"🚨German Email Database for Sale A threat actor known as erszan is advertising a German email database on a popular forum. Details: - Data Includes: Full name email and mobile phone - Quantity: 1000 lines for $XXXX - Source: Private not publicly available"
@DarkWebInformer on X 2025-07-21 15:03:32 UTC 122.2K followers, 3438 engagements

"🚨 Alleged CRM Data Leak from wildbalance.es Category: Data Breach Threat Actor: 0kb Forum: Exploit Network: Clearnet Dark Web Details: XX rows of CRM data allegedly from wildbalance.es. includes full names emails phone numbers addresses subscription status and location. CRM access available. Price: 800$. Escrow accepted"
@DarkWebInformer on X 2025-07-25 16:11:26 UTC 122.4K followers, 2522 engagements

"🚨Alleged Sale of 25511 Customer Records from DTX Exchange Category: Crypto Data Breach Threat Actor: erezd Forum: DarkForums Network: Clearnet Dark Web Details: Dataset reportedly includes names emails wallet types wallet addresses tokens mobile numbers nationality DOB referral source and join dates totaling 25511 records from dtxexchange.com. Price listed at 4000$ (non-negotiable)"
@DarkWebInformer on X 2025-07-24 23:20:33 UTC 122.4K followers, 3521 engagements

"Profil3r: An OSINT tool that allows you to find potential profiles of a person on social networks as well as their email addresses GitHub:"
@DarkWebInformer on X 2025-07-23 16:54:16 UTC 122.4K followers, 35.6K engagements

"🚨Auction of 1150 UK Credit Cards Quantity: 1150 Source: Sniffed Validity Check: Not checked Start: 1200$ Step: 300$ Blitz: 3500$"
@DarkWebInformer on X 2025-07-21 15:45:57 UTC 122.4K followers, 3386 engagements

"CVE-2025-5777: Citrix NetScaler Memory Leak Exploit (CitrixBleed 2) GitHub: Write-up:"
@DarkWebInformer on X 2025-07-21 19:20:04 UTC 122.4K followers, 10.8K engagements

"Free🚨Alleged Sale of Citrix Access to Fujitsu Japan"
@DarkWebInformer on X 2025-07-18 16:55:55 UTC 122.1K followers, 3386 engagements

"🚨Alleged Breach of Mexican Government Job Portal Category: Data Breach Threat Actor: Kazu Forum: DarkForums Network: Clearnet Dark Web Details: XXX million user records allegedly breached from Mexicos official employment portal operated by the Servicio Nacional de Empleo (SNE). Exfiltrated data includes job seeker info matching services and workforce development tools. Dataset priced at 2000$; demand listed as 20000$"
@DarkWebInformer on X 2025-07-25 18:17:35 UTC 122.4K followers, 3548 engagements

"Web Check: All-in-one OSINT tool for analysing any website GitHub: Link:"
@DarkWebInformer on X 2025-07-20 19:17:46 UTC 122.4K followers, 62.2K engagements

"🚨Crumbl falls victim to Everest Ransomware Revenue: $XXXX Billion Crumbl stylized as crumbl is a franchise chain of bakeries in the United States and Canada that specializes in cookies and other desserts. Based in Utah it was founded in 2017. As of August 2024 the company has 1071 stores across the United States"
@DarkWebInformer on X 2025-07-25 15:55:03 UTC 122.4K followers, 4125 engagements

"🚨CVE-2025-53770: Microsoft Warns of SharePoint Zero-Day Exploited in the Wild with No Patch Available Key Findings: 🔸Severity: Critical (CVSS 9.8) 🔸Status: Public exploits confirmed in the wild 🔸EPSS Score: Not available (too recent) 🔸CISA KEV Status: Not in catalog (under evaluation) 🔸AI Priority: HIGH (flagged by Gemini analysis) 🔸Viper Risk Score: XXXX (1 alert triggered)"
@DarkWebInformer on X 2025-07-20 16:02:11 UTC 122.2K followers, 8185 engagements

"🚨Claimed Leak of Dominican Republic Covid-19 Data"
@DarkWebInformer on X 2025-07-19 01:30:52 UTC 122.4K followers, 7050 engagements

"🚨CrushFTP has an active 0-Day with a CVSS score of XXX CVE-2025-54309: CrushFTP XX before 10.8.5 and XX before 11.3.4_23 when the DMZ proxy feature is not used mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS as exploited in the wild in July 2025"
@DarkWebInformer on X 2025-07-18 22:33:30 UTC 122.1K followers, 4593 engagements

"The XSS backup site xss.as and the onion site are both back up. http://xssforumv3isucukbxhdhwz67hoa5e2voakcfkuieq4ch257vsburuid.onion"
@DarkWebInformer on X 2025-07-24 00:11:41 UTC 122.4K followers, 23.5K engagements

"🚨🌐Alleged Sale of 1705 Credit Card Mix (Multi-Country) Category: Financial Data Threat Actor: thisisjack Forum: Exploit Network: Clearnet Details: 1405 lines for sale. includes CC number expiry CVV name address city ZIP country; XXX lines with full info XX% VR rate; auction starts at 1000$ USD"
@DarkWebInformer on X 2025-07-23 22:29:27 UTC 122.4K followers, 4003 engagements

""WiFi Pentesting Just Became Easy / Angry Oxide" Video Credit:"
@DarkWebInformer on X 2025-07-15 18:59:43 UTC 122.3K followers, 86.4K engagements

"Clorox sues Cognizant for $380M over alleged helpdesk failures in cyberattack Complaint (PDF): Source:"
@DarkWebInformer on X 2025-07-23 18:34:05 UTC 122.4K followers, 12.2K engagements

"🚨Access to an unidentified shop in Germany for sale A threat actor known as Reve is auctioning access to a German-based shop platform on a dark web forum. 🔹 Custom CMS 🔹 10-15k monthly traffic 🔹 Shell & database access 🔹 150-200 orders per month 🔹 Payment methods: PayPal / Klarna Start: $XXX Blitz: $1000"
@DarkWebInformer on X 2025-07-22 17:45:01 UTC 122.4K followers, 3113 engagements

"🚨🚨Archetyp Darknet Market the world's largest Darknet Market has been seized by law enforcement"
@DarkWebInformer on X 2025-06-16 09:25:47 UTC 122.3K followers, 96.7K engagements

"🚨Alleged Sale of EU IBAN Leads Category: Financial Data Threat Actor: payisano Forum: DarkForums Network: Clearnet Details: IBAN-linked personal data from Germany France Spain Italy which includes name address phone IBAN BIC email (optional)"
@DarkWebInformer on X 2025-07-23 22:04:51 UTC 122.4K followers, 4731 engagements

"🚨Alleged Data Breach and Data Leak of DDoSecrets"
@DarkWebInformer on X 2025-07-17 20:11:42 UTC 122.4K followers, 12.5K engagements

"🚨Alleged Access Sale to Mexican Federal Entity Category: Initial Access Threat Actor: leakman Forum: Exploit Network: Clearnet Dark Web Details: Access includes VPN/domain user credentials to an organization with XXX employees $240M+ revenue and XXX servers. Industry: Federal. Auction starts at 250$. Blitz: 10000$"
@DarkWebInformer on X 2025-07-25 15:26:46 UTC 122.4K followers, 2869 engagements

"Monero (XMR) Explained and good reasons why you should use it over any other coin"
@DarkWebInformer on X 2025-07-19 17:45:02 UTC 122.4K followers, 15.9K engagements

"Xteam: All in one Instagram Android Phishing OSINT and WiFi Hacking Tool GitHub:"
@DarkWebInformer on X 2025-07-24 18:07:27 UTC 122.4K followers, 40.4K engagements

"YARA rules for detecting specific web shells deployed via SharePoint CVE-2025-53770 exploitation. 👇"
@DarkWebInformer on X 2025-07-20 23:37:00 UTC 122.4K followers, 12.3K engagements

"There appears to be a massive outage going on. Twitch Discord Google Cloud Google Google Meet Google Nest CharacterAI Etsy Khan Academy Google Drive Google Maps Pokemon TCG Dialpad Mailchimp HighLevel Amazon Web Services OpenAI Cloudflare Anthropic Breezeline Dragon Ball State Farm Embark Studios Gmail Rocket League DoorDash Wells Fargo Marvel MLB TV Google Gemini Fortnite Spotify Shopify Snapchat Tekken Box Equifax Roll20 Cursor Looker Studio FuboTV IKEA reCAPTCHA GitLab Steam Clover POS Systems AMC Theatres NPM"
@DarkWebInformer on X 2025-06-12 18:21:03 UTC 122.4K followers, 719.5K engagements

"🚨Alleged 0-Day of macOS Local Privilege Escalation Exploit for Sale A new claimed 0-day LPE exploit targeting macOS XXXX XXXX (including macOS XX Beta) is being sold on a popular forum. 🔹 Vulnerability Type: Logical 🔹 Reliability: Claimed XXX% 🔹 Price: 130000$ 🔹 Payment: BTC with optional forum escrow"
@DarkWebInformer on X 2025-07-22 14:47:25 UTC 122.4K followers, 5458 engagements

"Darkus: An Onion website searcher that uses deep/dark web searcher engines to search a specific word and give you back the link results. GitHub:"
@DarkWebInformer on X 2025-07-18 23:35:22 UTC 122.4K followers, 50.2K engagements

"Former National Crime Agency (NCA) officer stole XX bitcoin from Silk Road XXX Darknet admin and sentenced to five-and-a-half years"
@DarkWebInformer on X 2025-07-17 23:04:30 UTC 122K followers, 8345 engagements

"PryingDeep: An OSINT tool to collect intelligence on the dark web. GitHub: 🔒Public Archive"
@DarkWebInformer on X 2025-07-19 00:19:51 UTC 122.4K followers, 17.5K engagements

"🚨Public Release of Rust-Based Loader (Tribute to Lumma) Category: Malware Threat Actor: DeWorm14 Forum: RAMP Network: Clearnet Dark Web Details: Actor shares a Rust + x64 assembly loader named ttl_loader written as a tribute to Lumma. Claims full EDR bypass compiled using modified Fortinet panel and tested stub. No encryption or injection modules included; a DHL-based C2 variant also exists. Attachment: ttl_loader.zip provided"
@DarkWebInformer on X 2025-07-25 17:25:28 UTC 122.4K followers, 4044 engagements

"🚨The pro-Russian hacker group NoName057(16) known for its cyberattacks has been taken offline following an international law enforcement operation. Europol Eurojust and participating police forces including authorities from the Netherlands announced the successful action on Wednesday"
@DarkWebInformer on X 2025-07-16 18:02:52 UTC 122K followers, 6282 engagements

"BlackBird: An OSINT tool to search for accounts by username and email in social networks"
@DarkWebInformer on X 2025-07-20 16:39:19 UTC 122.4K followers, 114.4K engagements