Supertrain_fan

🚨 CYBER INTELLIGENCE ALERT: ALLEGED DATA LEAK - CHILE 🇨🇱 ⚠️ MODERATE THREAT: ACTOR EXFILTERS OVER 6,000,000 RECORDS OF CHILEAN CITIZENS [STATUS: COMPROMISE UNDER ANALYSIS / PROBABLE REPOST / UNCONFIRMED SAMPLES] A threat actor operating under the alias hxleyys has announced the release of a massive database allegedly containing the private information of 6,000,000 users residing in Chile. The data batch has been hosted on the Mega cloud storage service. The size of the breach and the type of structured fields suggest that this is not a recent intrusion into state infrastructure, but rather has a high technical probability of being a REPOST (recycled or consolidated data) of previous historical incidents. 🎯 Affected Region: Republic of Chile 👤 Threat Actor: hxleyys 📂 Data Volume: 6,000,000 individual records. 📊 ANALYSIS OF EXPOSED INFORMATION FIELDS The published manifesto outlines the extraction of a comprehensive data surface for profiling individuals: 🆔 Mandatory Contact and Identification: Mobile and landline phone numbers, personal email addresses, and the Unique Account Identifier (UID / User ID). 👤 Personally Identifiable Information (PII): Full names, surnames, registered gender, full dates of birth, and marital or relationship status. 📍 Geographic Location Data: Record of current city of residence and hometown. 📈 Social, Employment, and Metadata Activity: History of educational institutions (schools/universities), past and present employment records, interest groups, followed websites or commercial pages, exact date of original account registration, profile creation time, and metadata from the last system update. 🛡️ MITIGATION AND CONTAINMENT RECOMMENDATIONS 🔒 Strengthening Authentication Policies: Financial corporations in Chile should discontinue the use of security questions based on historical location data, date of birth, or previous employment history to validate identities via telephone support. 🔍 Repost Audit: Conduct a cross-correlation analysis of the sample provided by the actor against databases of historical incidents (such as the 2021 Facebook global breach) to confirm the percentage of duplicate data and determine the true extent of the threat. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: https://t.co/wk9bZJ2Nli 🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c #CyberSecurity #Chile #DataLeak #ChileDB #hxleyys #MegaLeaks #PII #SocialScraping #ThreatIntelligence #CyberAlert

🚨 🇨🇱 CYBER INTELLIGENCE ALERT: MASSIVE CAMPAIGN AGAINST DIGITAL INFRASTRUCTURE IN CHILE ⚠️ MORE THAN 120 DOMAINS COMPROMISED The Pharaoh's Team threat group has published a massive list of more than 120 compromised targets, almost all belonging to the Chilean domain name space (.cl). The attackers are offering for sale direct access to control panels (cPanel) and WordPress admin privileges (WP-admin), granting them complete control over the websites and their associated databases. 🎯 Affected Sectors: Government, Education, Legal, Transportation, and Commercial in Chile. 👤 Threat Actor: Pharaoh's Team 🛠️ Access Vectors: cPanel and WordPress Admin Credentials. 📅 Detection Date: May 2026 📊 ANALYSIS OF COMPROMISED ENTITIES 🕵️‍♂️ THREAT SUMMARY The Pharaoh's Team threat group has published a massive inventory of compromised access points targeting almost exclusively Chilean digital infrastructure. The attackers gain complete control through cPanel and WP-admin credentials, allowing them to manipulate files, databases, and institutional emails. These are the entities with the greatest institutional and social impact: 🏛️ Government and Municipal Sector Municipality of Palmilla: https://t.co/HOlQj2TaYO. The compromise of municipal data subdomains represents a critical risk to citizens' privacy and the integrity of local public services. 🎓 Education Sector (Institutions and Schools) San Viator School of Macul: https://t.co/heR1KK1x4f Hispano Americano School: https://t.co/m6d0kf4uw5 Portales School: https://t.co/ogFog5onzb La Igualdad High School: https://t.co/dMsgdpyVWO GRC High School: https://t.co/XuX1X09Yfc Prince of Asturias School (Valdivia): https://t.co/8pJe2wNhcP ⚖️ Notary and Legal Sector (Public Faith Services) Julio Abuyeres Notary Office: https://t.co/TVuAVyAmHQ Renata González Notary Office: https://t.co/bJHWqt7N1X Villalobos Notary Office: https://t.co/z7HYDtFl3Q CEP Abogados: https://t.co/AgdTwOVZsG IP Abogados: https://t.co/X6RLhGHe5W 🚌 Transportation, Unions, and Health Narbus: https://t.co/L5X7dLTvma (Intercity bus company). Starbucks Union: https://t.co/YDUqSKDyLb. Arrayán Mental Health: https://t.co/X3Rd1PKDRo. 💼 Unions and Associations: https://t.co/YDUqSKDyLb (Starbucks Chile Workers' Union). [RISK ANALYSIS]: By gaining access to cPanel, the attacker not only controls the website's visible content (via WP-admin), but also has the ability to intercept institutional emails, load phishing emails, deploy malware to infect visitors, and access databases containing Personally Identifiable Information (PII) of citizens and clients. 🛡️ MITIGATION AND RECOMMENDATIONS 🛑 Credential Reset: Administrators of the listed domains are urged to immediately change passwords at all levels (cPanel, Database, FTP, and WordPress Users). ⚠️ File Audit: Review the root directory for recently uploaded suspicious .php files (Webshells) that could allow the attacker to persist. 🔒 MFA Implementation: Mandatory Multi-Factor Authentication (2FA) must be enabled for access to control panels and content management. 💻 Plugin Audit: Update all WordPress components, as the exploit often stems from vulnerabilities in unpatched plugins. ⚡ MONITORING 🌐 Monitoring System: https://t.co/wk9bZJ3laQ #Cybersecurity #Chile #DataBreach #cPanel #WordPress #PharaohsTeam #CriticalInfrastructure #VECERT #CyberAlert #InfosecChile

Salen a la luz las pruebas que podrían poner fin al gobierno de Kast Revelan que en los archivos de Viktor Orban, existen documentos donde hay un aporte de 1 millón de dólares a organización presidida por Kast. Al parecer los viajes por el mundo que hizo Kast antes de asumir fueron financiadas por el estado Húngaro. original👇. traducido👇

🚨 CRITICAL CYBER THREAT ALERT: ALLEGED COMPROMISE OF TRANSPORTATION INFRASTRUCTURE – EFE TRENES DE CHILE 🇨🇱🚆🗺️ [STATUS: UNVERIFIED] A social media post has been detected from the threat actor NemorisHacking, suggesting unauthorized access to critical management systems belonging to the State Railway Company (EFE) in Chile. The actor claims to have control over the operations panel for Santiago's railway services. 🏢 Affected Entity: EFE Trenes de Chile (State Railway Company). 👤 Threat Actor: NemorisHacking. 🛠️ Compromised Asset (Alleged): Control and geographic monitoring panel for railway infrastructure. 🔑 Claimed Capabilities: The actor asserts the ability to activate and deactivate train service connection channels within Santiago. 📅 Date of Detection: April 30, 2026. ⚠️ Status: ALLEGED / UNVERIFIED. #CyberSecurity #Chile #EFE #TrenesDeChile #NemorisHacking #CriticalInfrastructure #CSIRT #VECERT #InfoSec #Unverified 🇨🇱🛡️⚠️🚨🚆

🚨 CRITICAL CYBERINTELLIGENCE ALERT: GOVERNMENT INFRASTRUCTURE COMPROMISE – GENERAL TREASURY OF THE REPUBLIC (CHILE) 🇨🇱🏛️🔐 A high-impact technical breach targeting the General Treasury of the Republic (TGR) has been detected. According to activity monitored on specialized Telegram channels, the threat actor "rutify" has compromised and distributed critical administrative access credentials. 🏢 Affected Entity: General Treasury of the Republic (TGR), Chile. 👤 Threat Actor: rutify. 🛠️ Attack Vector: The data was reportedly initially extracted from an Infostealer log (malware designed for credential theft). 🔐 Credential Status: It is reported that the threat actor changed the password following initial access to ensure persistence. 🔑 Compromised Asset: API Design and Management Dashboard. 📅 Date of Detection: April 30, 2026. 📊 Impact Analysis (Public Sector) Access to the TGR's API management platform poses systemic risks: Revenue Collection Area: The user account is associated with external revenue collection processes, thereby compromising the integrity of the State's payment processing services. API Control: As this is a management platform, the attacker could gain visibility into sensitive endpoints, technical documentation, and authentication methods for national financial services. 🛡️ Immediate Response Recommendations 🔒 Recovery and Lockdown: The TGR is urged to perform a forced password reset on the affected account and audit any changes made to the permissions of the managed APIs. 👁️ Mandatory MFA: Implement Multi-Factor Authentication (MFA) for all external access points to render passwords obtained via malware useless. Monitor: https://t.co/wk9bZJ2Nli #CyberSecurity #Chile #TGR #Infostealer #TelegramLeak #APICompromise #CSIRT #VECERT #InfoSec #SinVerificador 🇨🇱🛡️⚠️🚨🔐

🚨 UPDATE: INFRASTRUCTURE AND DATA – CHILE 🇨🇱🏛️📱 Persistent and critical activity targeting major telecommunications and public service entities in Chile has been detected. The threat actor "rutify" has published records suggesting the leakage of sensitive data over the past 48 hours. 📅 Detected Today (04/30/2026): https://t.co/aQpz6XhvkR: Initially classified as "Unclassified," suggesting a breach within the operator's portals or databases. https://t.co/eBxO5M5Thu: Incident categorized under the "Technology" sector, indicating a compromise of the company's infrastructure. 📅 Detected Yesterday (04/29/2026): REGISTRO CIVIL, CORREO, CLAVEÚNICA: This finding is of the utmost severity, as it alleges the compromise of citizen identity systems (ClaveÚnica), civil registries, and mail servers. ⚠️ Risk Implications (VECERT Intelligence) Compromise of National Identity: The alleged compromise of the *ClaveÚnica* (Unique Key) system could allow malicious actors to impersonate citizens in order to conduct legal, banking, and healthcare-related procedures on government portals. Exposure of Telecommunications Data: The breaches at Claro and WOM expose the private information of millions of users, facilitating SIM swapping attacks, extortion, and telephone fraud. 🛡️ Immediate Response Recommendations 🔒 Urgent *ClaveÚnica* Password Change: Citizens are advised to update their passwords on the official *ClaveÚnica* portal and enable additional authentication methods if available. 🔑 Telco System Audit: Claro and WOM are urged to conduct a forensic review of their customer databases and internal system access logs. 👁️ Email Monitoring: Due to the mention of "CORREO" (Mail), users should remain alert for highly sophisticated phishing attempts that leverage actual leaked data. Monitor: https://t.co/wk9bZJ3laQ #CyberSecurity #Chile #RegistroCivil #ClaveUnica #ClaroChile #WOM #DataBreach #CSIRT #VECERT #InfoSec #SinVerificador 🇨🇱🛡️⚠️🚨🔐