Daily Dose of Dark Web Informer - May 12th, 2026
Dark Web Informer daily digest reports multiple breaches, ransomware claims, and threat actor activity.
Summary
This is a daily dark web threat intelligence digest aggregating multiple breach reports, ransomware claims, and threat actor activity from May 12, 2026. Notable incidents include alleged breaches of Kuwaiti government identity records (5.23M citizens), Egyptian e-commerce platform FutureShop, Brazilian betting platform MBet (200k+ KYC docs), Dubai fashion retailer SIVVI (300k+ records), and Indonesian government agency BPJS. The digest also tracks threat actor operations including ShinyHunters domain suspension, Nightmare-Eclipse GitHub releases, and various malware tools like Shai-Hulud being open-sourced.
Full text
Dark Web Informer β Daily Threat Intelligence Digest π API Access Available High-volume threat intelligence, ransomware data, IOC exports, and comprehensive feed access for security teams and researchers. Explore API β π Follow across all official platforms β darkwebinformer.com/socials π₯ Advertising Opportunities Reach a highly engaged audience. View details 56.2k Unique Visitors 122.1k Pageviews Last 30 days as of May 11, 2026. Next update June 11th. π Unlock Premium Intelligence Real-time breach tracking, expert analysis, high-resolution evidence, unredacted feeds, and 5,100+ blog posts. View all plans and features on the pricing page. View Plans & Subscribe β π Legend π°Law Enforcement β LEA updates, investigations β οΈDark Web Notices β forums, markets, announcements βοΈUrgent Threats β breaches, ransomware, vulnerabilities π‘Insights & Tools β guides, OSINT, learning resources π§Ύ Today's Intelligence Threat Intelligence βοΈ Public Authority for Civil Information Allegedly Breached Exposing 5.23 Million Kuwaiti Citizen Records From the Kuwaiti Government Identity Authority FREE βοΈ FutureShop Egypt Allegedly Breached Exposing Thousands of Customer, Order, and Delivery Records From the Egyptian Grocery Delivery Platform FREE X/Twitter Updates π‘ Looks like Instructure made payment to ShinyHunters βοΈ MBet allegedly breached exposing 200,000+ KYC documents and 300,000+ PII records from the Brazilian online casino and sports betting platform βοΈ Nightmare-Eclipse has just released two new GitHub repositories... Same user behind RedSun, UnDefend, BlueHammer βοΈ SIVVI allegedly breached exposing approximately 300,000 customer records from the Dubai-based fashion e-commerce platform βοΈ BPJS Ketenagakerjaan Kota Metro allegedly leaked exposing personal data of RT, RW, and LPM neighborhood officials in Karangrejo, North Metro, Indonesia βοΈ ShinyHunters confirms their clearnet domain was suspended and it is no longer operated or owned by them anymore. π‘ How dumb can you be... βοΈ A threat actor is selling a private cloud-hosted collection of stealer logs totaling 988.7 GB across more than 10,080 files in URL:Login:Password format. βοΈ 313 Team is claiming to target Spotify βοΈ PGP Signed message and the repos now have information: βοΈ TeamPCP has open sourced Shai-Hulud βοΈ Note: This a repost from the leak by threat actor "breach3d." This actor is asking for a $20,000 ransom. It is not verified if anything in this leak differs from the previous leak in April. βοΈ OHNO allegedly breached exposing Telegram user IDs, crypto wallets, and private keys from the on-chain trading automation platform βοΈ AIM Smarter allegedly breached exposing 6,500+ business records from the UK promotional products and marketing distribution group π‘ Bruh
Indicators of Compromise
- malware β Shai-Hulud
- malware β RedSun
- malware β UnDefend
- malware β BlueHammer