CVE-2026-48907 is a critical unauthenticated remote code execution flaw in the Joomla Content Editor (JCE), the most widely installed editor extension for Joomla.
A threat actor using the alias ChimeraZ has posted what they describe as the database of TakTikimmo (taktikimmo.fr), a French professional real-estate software platform that helps agencies manage property listings, client relationships, and sales processes.
A threat actor using the alias Rhodes is advertising the sale of a claimed 116GB dataset of around 125,000 files said to be stolen from VNIIR-M, described in the listing as a Russian scientific research institute focused on radio communications and electronic defense and involved in defense-related R&D.
A threat actor using the alias 0cx00iq has listed for sale what they describe as a dataset of employees of Kuwait's National Security Agency, the country's domestic intelligence service.
Threat actors using the aliases ChimeraZ and misere have posted what they describe as a partial database of Autosur (autosur.fr), a French professional vehicle inspection and technical-control (contrôle technique) service used by car owners and dealerships.
A threat actor using the alias ChimeraZ has posted what they describe as a partial database of Inter Mutuelles Habitat (referenced as ima.eu / imha.fr), a French organization specializing in home-insurance assistance and claims management for policyholders of partner mutual insurers.
A threat actor using the alias 0xSec has posted what they describe as the full database of Local'Emploi (localemploi.fr), a French public employment platform that aggregates local job offers, internships, permanent contracts, and training in the Paris-Saclay area.
A threat actor using the alias ChimeraZ has posted what they describe as a scrape of public data from Superimmo (superimmo.com), a French real-estate platform that aggregates property listings from agencies and developers.
A threat actor using the alias ChimeraZ, working with a collaborator named Cybernox, claims to have leaked the member database of Lancy FC, a Swiss football club based in Geneva that runs teams across all age groups.
Threat Feed 3.0 adds an interactive OSINT investigation toolbox, threat triage and verdicts, expanded enrichment, and a refreshed interface. Early access June 12.
CVE-2026-35273 is a critical unauthenticated remote code execution vulnerability in Oracle PeopleSoft Enterprise PeopleTools. Rated CVSS 9.8, the flaw affects PeopleTools versions 8.61 and 8.62 and requires immediate mitigation.
A threat actor using the alias Orcinusorca claims to have gained deep access to the production infrastructure of Wickr Enterprise, the AWS-owned secure enterprise messaging platform.
A threat actor using the alias ChimeraZ claims to have leaked the database of Jestimo (jestimo.com), a French real-estate valuation platform used by estate agents and rental managers.
A threat actor using the alias ChimeraZ claims to be leaking a partial database of Capifrance (capifrance.fr), a French network of independent real-estate agents.
A threat actor using the alias azazeljakel (posting under the tag "CORTEX") claims to have compromised Localizacion Empresarial Telcel (LET), a business location and fleet-tracking platform operated under the Mexican telecom brand Telcel (let.telcel.com).
A threat actor using the alias Zab26 is advertising for sale what they describe as a 533 GB "full-stack" healthcare dataset spanning French and European health systems.
A threat actor using the alias ChimeraZ claims to have breached Proprietes-Privees.com, a French real-estate network operating through independent property consultants.
Dark Web Informer
Checked
2 hours 39 minutes ago
A real-time cyber threat intelligence platform that monitors the dark web and clearnet for data breaches, ransomware campaigns, darknet market activity, leaked databases, and active threat actors.