Dominic Alvieri

BREAKING Microsoft allegedly breached. @campuscodi @vxunderground #cybersecurity #infosec @Microsoft

By popular demand ShinyHunters active onion /shnyhntww34phqoa6dcgnvps2yu7dlwzmy5lkvejwjdo6z7bmgshzayd[.]onion Enjoy!

@Anubis__media @pchdotcom I get it, it’s not personal just business

@AlvieriD @pchdotcom The Anubis team has asked us to convey their apologies regarding your grandmother. They are not to blame for this; rather, it is due to a lack of security at PCH.

Publishers Clearing House breached My meemaw might be getting leaked by Anubis Ransomware - she loves PCH > interesting samples included < 1.4TB in 843,320 files @pchdotcom

Iran is not fucking around, they just bombed AWS infrastructure (again) in Bahrain. No, this isn't an April Fools gag, Iran unironically is bombing AWS infrastructure because of the roll it plays in the United States

The next phase is monetization 5 great YARA rules ⤵️

Keep an eye on Vect Ransomware ShinyHunters is NOT TeamPCP but allegedly working with Vect Ransomware and TeamPCP Developing DragonBall Z situation @vxunderground /vectordntlcrlmfkcm4alni734tbcrnd5lk44v6sp4lqal6noqrgnbyd[.]onion

@vxunderground Team Angel Dust is a bunch of skids I’m wearing Adidas

The streets are speaking [1] and word on the street is ShinyHunters dislike TeamPCP [2] [1] The streets is stinky nerds wearing Naruto pajamas in internet chatrooms [2] It is alleged ShinyHunters call TeamPCP "SkidPCP", a very unique and novel insult

BREAKING New Cisco Update Cisco source code and data was stolen by ShinyHunters claiming 3 breaches Salesforce, Aura and AWS buckets

@BleepinComputer ShinyHunters claimed the Cisco breach

Cisco source code stolen in Trivy-linked dev environment breach bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

@vxunderground Looks like it

Chat, look what images just appeared ON THE DARK WEB (Telegram, where all crime happens on the internet apparently). ShinyHunters posted it. Is this actual stuff from the alleged Cisco data compromise as a result of the Trivy supply chain attack? Are these images unrelated? How sensitive is this data? How is ShinyHunters involved with TeamPCP? Is this even real? Find out on the next action packed episode of Dragon Ball Z

@vxunderground ShinyHunters claimed Cisco

CISCO DATA STOLEN BITCH ITS TUESDAY STOP

context

Recent Nissan history includes: Akira Ransomware 2023 Qilin Ransomware 2024 Crimson Collective 2025 ShinyHunters involved 2025 New alleged Everest claims in 2026

New Nissan alleged customer data breach Most recent files dated January 3, 2026 Auto loan data from Nissan Financial Services - US and Canadian customers 2.5 million unique records - Full names - emails - Phone numbers - Full home addresses Everest Ransom Team chat logs included @Nissan

Claude code source code has been leaked via a map file in their npm registry! Code: …a8527898604c1bbb12468b1581d95e.r2.dev/src.zip

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

New Notepad++ compromise IOCs published notepad-plus-plus.org/assets/data/Io…

Mercor AI has allegedly been breached by Lapsus 939GB of source code 4TB of data in total All data from their TailScale VPN @mercor_ai