The article recounts how hacker Kai Logan West, known as IntelBroker, abandoned his Monero‑only policy for a $250 Bitcoin payment, allowing FBI investigators to trace the transaction through KYC‑linked services and ultimately expose his identity, leading to his arrest.
A dark‑web seller offers an alleged 109 GB JSON dump of 850 million Indian Aadhaar records for a few dollars, prompting analysis of the data’s scope, possible leakage paths, security implications, and defensive measures for large‑scale identity systems.
The article recounts the seven‑year evasion of a dark‑web drug trafficker who converted illicit cryptocurrency into gold bars, mailed them to his German address, and was ultimately exposed through blockchain analysis and KYC‑linked purchases, illustrating that cryptocurrency is not truly anonymous.
A threat actor named MrLucxy is selling a purported "OpenAI dataset" on the dark web, claiming a compressed size of about 14.6 GB and over 62 GB uncompressed, containing chat logs, Slack exports, internal tickets, infrastructure SQL dumps, contractor PII, API key files, and monitoring data, but a veteran security analyst doubts its authenticity, noting the unusually large 8 MB API‑key file and suggesting it may be repackaged old leaks or fabricated data, as reported by Undercode News.
A dark‑web listing advertises iExploit Lab v1.0, a purported iOS 13‑17.2 exploit kit priced at $20,000, claiming remote code execution, sandbox escape, privilege escalation, and data theft via a C2 panel, though its authenticity remains unverified.
In early 2026 a rival hacker group released 918 previously paid breach databases for free on Telegram, exposing internal disputes within ShinyHunters and aiming to cripple their attempt to revive BreachForums by making the data openly available.
A hacker known as xone9to1 posted on a dark‑web forum a so‑called “Zero‑click RAT” that can silently infect iPhone 17 (iOS 26.2) and Android 16, offering real‑time camera, microphone, wallet theft, and remote control capabilities, while experts debate its authenticity and advise urgent security updates.
The article explains how ransomware gangs steal MySQL databases, automate ransom‑payment portals on the dark web, auction unsold data, and accept Bitcoin, revealing the scale of over 85,000 databases for sale at roughly $500‑$550 each.
Over 85,000 MySQL databases are being sold on the dark web for around $500 each, with attackers automating ransom notices via portals on sqldb.to and dbrestore.to, demanding Bitcoin payments, auctioning unpaid data after nine days, and targeting a range of database platforms since 2017.
After his father's PC was infected by the GANDCRAB ransomware, the author recounts the alarming symptoms, explains how ransomware works, explores the role of the dark web and DASH cryptocurrency in ransom demands, and shares practical backup methods—from simple USB copies to the 3‑2‑1 principle—to protect personal data.
In early June, AcFun announced a massive hack that leaked nearly ten million user records, including IDs, nicknames and encrypted passwords, urging users—especially those who haven’t logged in since July 2017 or use weak passwords—to change them immediately, while noting that the data is already being sold on the dark web.
