Inside Darknet

read nohello.net before contacting

@ykrauq would love to interview you about this

CTF is cooked blog.krauq.com/post/ctf-is-dy…

@vxgiveaways @OSINTindustries hello sir

Our friends at @OSINTindustries have some extra merch to giveaway to 5 lucky winners each winner will receive the following - T-shirt - Hat - Challenge Coin - Stickers Follow @vxgiveaways and @OSINTindustries and comment below to enter

@OSINTindustries @vxunderground @vxdb where do we get that shirt, or do i have to rob @vxdb this summer

You want some to give away? @vxunderground @vxdb

The hottest merch in the game

@vxdb this is badass

In June 2021, Lapsus$ breached Electronic Arts and stole an estimated 780 GB of data, including source code and development tools. I was messing around on Osint Industries searching emails owned by Arion Kurtaj, and found this email: admin@leaks.direct. Arion tried making a website called leaks[.]direct, in early 2021, a potential database/leak sharing site that never released to the public, to my knowledge. Yet an email was still created, admin@leaks[.]direct. After putting that into Osint Industries, we see a very interesting entry. A GitHub profile pretending to be an Electronic Arts Supplier Relationship Management account. Created just a month before the alleged breach on EA’s network. On June 7th, the GitHub account in question opened an issue in the OwnCloud repo: https://github[.]com/owncloud/core/issues/38814 Months before the EA breach goes public, a Lapsus member creates an issue on the owncloud repo asking for help on exporting data out of a deleted LDAP account. In their post, they also claim to see another storage cluster on the network with roughly 13pb of data. They even promote a reward to anyone who can help them with this task. Very interesting find on @OSINTindustries

Gave an interview for Inside Darknet! 🕵️‍♂️ Do you think it’s possible to de-anonymize the leaders of the most dangerous ransom groups? My experience is in the text version of the interview: archive.ph/NKNNP Thanks to @insidedarknet for the interesting questions!

I did another interview, this time with @GangExposed_RU. It's some very interesting work they do, so I had some curious questions buymeacoffee.com/insidedarknet/… The German episode to this will drop next week.

@S1r1u5_ @LiveOverflow badass

btw, i’m hiring for our agents team. you’ll work with me (not so cool), but you do get to work with @LiveOverflow, and i’m telling you, it’s insanely satisfying work every day.

@LulzClumsy lmao

@rickcsong @withpersona I would love to send you a couple of text-based interview questions about the past week, but your DMs are closed :)

Here is our account of what had happened and our reflections on what we will change. The most important change we are going to make: > *Reviewing through a perception lens.* > We are adding a step to our security review process that explicitly evaluates not just "is this secure?" but "could this appear insecure to a reasonable external observer?" > Persona handles sensitive identity verification data. We owe it to our customers and their end users to hold ourselves to a standard that accounts for perception, not just technical risk. withpersona.com/blog/post-inci…

Persona was not hacked. No database was breached. Frontend code source maps were leaked, which means unminified variable names were exposed revealing all the names of our features. These names are already publicly listed in @withpersona's help center and API documentation.

@DutyFrutti @RussianPanda9xx Пожалуйста отправьте мне сообщение- Я не могу отправить его вам из-за ваших настроек)

@insidedarknet @RussianPanda9xx Да, вы можете взять у нас интервью. Пишите

1453 эксплоитов в одном архиве, без дублей, во всех есть скрипт на петухоне. hxxps://forum[.]duty-free[.]cc/threads/6619/ @RussianPanda9xx надо тебе?

What happens when AI meets C2? We sat down with @insidedarknet to break down Ankou — AI-driven, modular agents with local LLM integration that are changing how operations are conducted. The game is changing! 🎧 Listen here: open.spotify.com/episode/2za65p…

@haroonmeer @rad9800 Badass

Our latest Canarytoken: a CrowdStrike API key.. Available at canarytokens.org Take it for a spin. As usual, completely free... @rad9800 with a writeup here: blog.thinkst.com/2026/02/introd…

@techspence can you make it delete all users to enhance PW security in the pingcastle report?

Active Directory is dead. Finished. I vibe coded an AI powered AD hardening engine in 6 minutes. It auto generated 147 new GPOs. Rewrote delegation across 38 OUs. Disabled NTLM. Enforced smart card only logon. Tiered the environment… spiritually. Now no one can RDP. The ERP app is broken. Half the service accounts can’t authenticate. And the CEO can’t print. But technically… it’s zero trust. Checkmate. /s - thanks for the tweet ChatGPT

@inversecos @DebugPrivilege 🥲

@DebugPrivilege 🥲 what is that lmao

Even older lol. My daughter @inversecos used to play this a lot when she was a kid

@vxunderground might as well rebrand to vxdarknet now

@vxunderground you missed all the people being so vx since you made it cool and badass

@onlyPeace62 @toeknee_kim @loseva_pro @grok this is not ascii.

@toeknee_kim @loseva_pro @grok Video to ascii

Hero section design

@AlvieriD @heathen404 @IntelOpsV3 I don't think they will. SLSH claims SH is part of them. SH (and LAPSUS$) claim they are not affiliated with SLSH.

@insidedarknet @heathen404 @IntelOpsV3 confirmed by the same criminals whose DLS is still named ShinyHunters when they change it here I’ll agree w/ u

ShinyHunters must be seeing red They just posted Barron’s number 1 registered investment advisor in the US in 2025 - Mercer Advisors Legendary KKR - Kholberg Kravis and Roberts is an investor in Beacon Pointe

@heathen404 @AlvieriD SLSH is not ShinyHunters, which has been confirmed before. @IntelOpsV3 buymeacoffee.com/insidedarknet/…

@insidedarknet @AlvieriD ? its ShinyHunters