Louis Hur

Start!!!! Pwn2Own!!! Let's go!!! @offensive_con #Pwn2Own #Offensive_con 😍📷😍

Today, we successfully hacked two AI systems — so now, only three remain… 🔥 Please refer to the official congratulatory message from OffensiveCon below.🙂 @offensive_con , #Pwn2OWn x.com/thezdi/status/… x.com/thezdi/status/… x.com/thezdi/status/…

@hybirdssss @offensive_con 😀 thank you

@HurLouis43150 @offensive_con Wishing you all success!!

Mirrors of Free City: Investigating the Chinese Marketplace Across Dark & Deep Web What initially appeared to be a single Chinese-language onion marketplace gradually revealed a much broader operational ecosystem built across mirrored infrastructure, Telegram communities, administrative channels, and automated bot activity. As the investigation progressed, Free City consistently demonstrated patterns associated with more mature underground environments, particularly through its use of multiple onion domains and Telegram-based coordination. The investigation also highlighted how closely Telegram and Tor infrastructure now operate together within parts of the Chinese-language underground ecosystem. Marketplace visibility, announcements, escrow-related communication, and promotional activity were no longer confined to hidden services alone, but instead distributed across interconnected Telegram channels and repost networks that helped sustain the platform’s presence over time. At the same time, the fragmented nature of these ecosystems made attribution and infrastructure mapping significantly more challenging. Marketplace references, mirrored domains, automated activity, and community discussions frequently overlapped across unrelated underground spaces, making it difficult to separate direct operational infrastructure from broader ecosystem noise without continuous pivot-based investigation. Although Free City appeared to function as an anonymous escrow marketplace and underground community platform, the investigation ultimately demonstrated something larger: modern underground marketplaces increasingly survive not through a single hidden service, but through distributed ecosystems designed to maintain visibility, continuity, and resilience across multiple interconnected platforms. …lthmole-intelligence-hub.blogspot.com/2026/05/mirror…

@SudoR00tMe @offensive_con @POC_Crew no drink!!!

Cheers to @offensive_con and @POC_Crew

@ashl3y_shen @offensive_con hey Ashley ,i'm also here berlin hilton hotel!

Attending @offensive_con this week! Excited to learn some new hacking skills, catch up with old friends, and meet more of the community!

StealthMole brings its OSINT training to Indonesia! 🇮🇩 This workshop equips you with practical OSINT skills, covering fundamentals, deep and dark web insights, and hands-on investigation using real-world cases on the StealthMole platform. 📍 Location: Ashley Wahid Hasyim Jakarta, Room Downing 10 🗓️ Date: April 29th, 2026 | 9AM – 5PM WIB 💳 Price: IDR 2,500,000 Register now to secure your seat (limited availability)! 👉 Register here: lnkd.in/gaPvkJqF #OSINT #CyberThreatIntelligence #CyberSecurity #DarkWeb #ThreatIntelligence #InfoSec #DigitalInvestigation #JakartaEvents #CyberSecurityTraining #StealthMole

Curious about what resides within the Dark Web? Join Div0 & the DarkNet Intelligence team, who will guide you in exploring the Dark Web through a mini CTF and hands-on exercises. 🔗 RSVP your slots here: forms.gle/i5kU15DEV78jyP… 📍 Marina Bay Sands, Singapore 🗓 28–30 April 2026

Government and Public-Sector Leak Activity Observed in the Third Week of April 2026 During the reporting period, 36 separate postings referenced government, military, police, or other public-sector data and access offerings across multiple underground forums and one onion site. Activity was concentrated around law-enforcement, military, and administrative institutions, with repeated targeting of the United States, Brazil, Paraguay, Pakistan, China, Nigeria, and Ukraine. Several listings appear to be reposts, variants, or related campaigns rather than fully distinct events. This is supported by repeated actor handles, reused contact channels, shared session values, and overlapping infrastructure or sample artifacts across multiple postings.

🚨 Don’t miss StealthMole CEO Louis Hur at #BlackHatAsia 2026! He’ll be diving deep into the DPRK’s financial cyber machine, sharing exclusive insights from defected IT workers and infostealer telemetry. 🗓 Friday, April 24 | 10:55 AM 📍 Business Hall Theatre 2 See you in Singapore! 🇸🇬 #Infosec #CyberCrime #Singapore #StealthMole

Finally secured 3rd place with an all challenges clear. 💪🚀

💡 Sponsor Highlight We are pleased to welcome @stealthmole_int as a Sponsor for our Singapore Community at DEF CON Singapore 2026. We extend our sincere thanks to StealthMole for their support in bringing the community to life!🔥

Not all dark web marketplaces operate alone. Sometimes, they’re just one part of a much larger system: quietly linked through forums, mirrors, and shared infrastructure. We followed one such trail using @stealthmole_int! Read the full report: …lthmole-intelligence-hub.blogspot.com/2026/04/breaki…

Reserve your seat: egv9g.share-na2.hsforms.com/2FzPgoy53The3Q… Don’t wait until it’s full.

[STEALTHMOLE'S CASES] HellCat Ransomware Group: Infrastructure, Affiliations, and Activity on the Dark Web platform.stealthmole.com/cases/56395146…

🚨 Many ransomware attackers didn’t start as ransomware gangs. They often began with simple website defacements, then moved into data leaks, hacking forums, and eventually ransomware operations. Our latest investigation maps how these threat actors evolve over time. 🔎 Read the analysis: …lthmole-intelligence-hub.blogspot.com/2026/03/from-d…⁠ #CyberSecurity #Ransomware #Hackers #OSINT #DarkWeb

Weekly OSINT Security Highlights — 4th Week of February 2026 Reporting this week is dominated by vulnerability advisories and exploit-focused guidance, complemented by multiple malware/scam write-ups with associated file-hash indicators. A notable concentration appears around Cisco SD‑WAN/Catalyst SD‑WAN, where CVE-2026-20127 is referenced across several independent publications. SolarWinds Serv‑U and Juniper Junos OS advisories are also present in multiple sources. Malware-oriented items include campaigns and trojans with hash-based IOCs (predominantly SHA-256–length values, plus one shorter hash).

🚨 LeakBase Seized by Law Enforcement The cybercrime forum LeakBase has reportedly been seized by international law enforcement authorities. This takedown could expose a large network involved in trading leaked credentials and breached databases. Our platform already contains extensive datasets related to leaked credentials, dark web activity, and threat actor infrastructure, which can be used to investigate actors connected to LeakBase. Researchers and investigators can leverage this data to trace identities, infrastructure, and potential links behind the ecosystem. #LeakBase #Cybercrime #DarkWeb #ThreatIntelligence #OSINT