#Archetyp, one of the largest dark web drug markets, has been seized in a global operation. Admin, a German man, arrested in Spain. €250M in trades shut down.
Read: https://hackread.com/archetyp-dark-web-market-seized-admin-arrested-spain/
Nearly 94 billion stolen browser cookies are being traded on the dark web, exposing user sessions & accounts to hijacking. Major privacy risk!
Details: https://hackread.com/nearly-94-billion-stolen-cookies-on-dark-web/
This week's Top 5:
Dark-web dealing A cruel tradition Revisiting Twain Flushing in flux An unlikely reunion
Our editors recommend excellent #longreads this week by Andy Greenberg, Michelle Orange, John Jeremiah Sullivan, Jefferson Mao, and Will Steinfeld.
Dark Web, #USPOL concerns
AIL 6.2 released - Smarter Analysis, Search and Enhanced User Experience
We’re excited to release AIL Framework v6.2, a major update with new features and improved performance. This version makes analysis easier and the overall experience faster and more user-friendly.
Among the highlights are a fully revamped search engine powered by MeiliSearch, improved language detection for short text, local AI-driven image descriptions, and a yara-hunting editor tool.
https://www.ail-project.org/blog/2025/05/28/AIL-v6.2.released/
"In that moment, Akasha says, he felt like he had just become the Pablo Escobar of psychedelics. 'Holy shit,' he thought. 'That is a lot of DMT.'"
Andy Greenberg for WIRED: https://www.wired.com/story/rise-fall-dark-web-psychedelics-kingpin-dmt
Global crackdown: #OperationRapTor leads to 270 arrests, millions seized as law enforcement targets dark web drug, weapon, and crypto vendors.
Read: https://hackread.com/operation-raptor-police-arrests-270-dark-web-vendors/
We implemented a major new feature in the AIL Project that addresses a long-standing issue related to the collection of images or screenshots that may be harmful to analysts (e.g., violent content, CSAM, etc.). The feature allows users to trigger the description of an image before actually viewing it.
The feature will be included in the upcoming release of AIL (version 6.2).
This work is co-funded in the AIPITCH project. We would like to thank Qwen for the open source Qwen2-VL vision-language models which provide an excellent basis for image detection and description while allowing local inferences.
Two-factor your accounts, too, if you haven't!
You should probably change your Steam password: data from over 89 million Steam users is reportedly on the dark web following a vendor breach
https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web
German police have seized the dark web shop #Pygmalion, gaining access to user data tied to 7,250 drug orders. Arrests made, servers down, domains seized.
Read: https://hackread.com/police-seize-dark-web-shop-pygmalion-user-data-orders/
Finally got my @QubesOS > @whonix Gateway > @torproject browser up and running.
Time to surf the waves of the deep dark web 
I might do some real nefarious shit, like go to Silk Road and order 2000 hotdogs, or maybe deepfake videos of me winning arguments 
This is proper use of the dark web, right?
I had the pleasure of presenting at #FIRSTCTI25 in Berlin:
"The Art of Pivoting – How You Can Discover More from Adversaries with Existing Information."
The talk explored how unconventional indicators, like cookie names, QR codes, HTTP headers (HHHash), DOM structures, and reused Google Analytics IDs, can reveal surprising links across threat actor infrastructure and behavior.
We also shared real-world insights from our crawling and analysis with AIL, including:
Slides https://www.ail-project.org/assets/img/slides/the-art-of-pivoting.pdf
#threatintel #threatintelligence #cti #opensource #cybersecurity #darkweb
Thanks to @terrtia for the crazy discussions around correlations!
Major AI data breach: DeepSeek leaks 1M+ records to the Dark Web 
China-based AI startup DeepSeek just exposed a staggering volume of sensitive data:
API keys, backend metadata
Unencrypted traffic via iOS app (ATS disabled)
Open ClickHouse database with full control
This wasn’t just a lapse — it was a floodgate.
AI companies (and anyone integrating LLMs) must:
Audit storage configs Enforce secure transport policies
Monitor for unintentional data exposure
The future of AI relies on building trust. That starts with securing it.
#AI #CyberSecurity #DataBreach #DarkWeb #InfoSec
https://www.darkreading.com/cyberattacks-data-breaches/deepseek-breach-opens-floodgates-dark-web
#BidenCash marketplace has dumped 910K+ stolen credit card records on Russian forum. Dump includes card numbers, CVVs, and expiration dates putting users at risk.
Read: https://hackread.com/bidencash-market-leak-credit-cards-russian-forum/
Hertz confirms a data breach after hackers exploited a flaw in vendor #Cleo’s software. In Dec 2024, the #Cl0p ransomware gang claimed responsibility and leaked the data on the #DarkWeb.
Read: https://hackread.com/hertz-confirms-data-breach-hackers-stole-customer-pii/
Prodaft is taking an aggressive new approach to threat intelligence:
They’re buying access to major dark web forums — including admin and moderator accounts — in exchange for cryptocurrency.
Here’s what they’re offering:
Crypto payments, no questions asked Full anonymity for sellers Access to five top-tier forums
Prioritized payouts for higher access levels
The move aims to give security teams unprecedented visibility into cybercriminal operations — but it also pushes ethical and operational boundaries.
Would your team use intel gathered this way?
#Cybersecurity #ThreatIntel #DarkWeb #InfoSec #Ethics
https://www.darkreading.com/threat-intelligence/threat-intel-firm-crypto-dark-web-accounts
USA secures extradition of criminals/cybercriminals from 9 countries, including two brothers behind #Rydox, a dark web market for stolen data and hacking tools.
Read: https://hackread.com/brothers-rydox-dark-web-market-extradited-to-us/
New AI-powered hacking tool #Xanthorox spotted on the dark web. Modular, offline-ready, and built for code, voice, and image-based attacks.
Read: https://hackread.com/xanthorox-ai-dark-web-full-spectrum-hacking-assistant/
Just In: #OperationStream: Global police op has dismantled #Kidflix, the dark web’s largest known CSAM platform. Its servers were seized by German and Dutch authorities.
Read: https://hackread.com/dark-web-largest-child-abuse-network-kidflix-busted/
It's already on the #DarkWeb, you morons.
