Friday , March 28 2025
dark web

‘Hell Paradise’ Claims
Government Websites in 49 Countries at Risk

According to FalconFeeds x post, a threat actor has listed 49 countries as part of an experiment. They also claim that over 1000 government sites are vulnerable. According to Cyber Express, the threat actor is promoting an onion website called ‘Hell Paradise’ which aims to obtain vulnerable government sites and data for free. The actor lists various critical and high-severity vulnerabilities like RCE, LFI, SQLi, etc.

FalconFeeds tweeter post

A cybercriminal has appeared on the dark web, announcing the creation of “Hell Paradise,” an undercover online platform supposedly made for taking advantage of weaknesses in government websites and getting access to important information. The cybercriminal mentions countries like the United Arab Emirates, Albania, Armenia, and Angola as some of their targets.

OpenAI Offering $100K Bounties for Critical Vulns

OpenAI has increased its maximum bug bounty payout to $100,000, up from $20,000, to encourage the discovery of critical vulnerabilities...
Read More
OpenAI Offering $100K Bounties for Critical Vulns

Splunk Alert User RCE and Data Leak Vulns

Splunk has released a security advisory about critical vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These issues could lead...
Read More
Splunk Alert User RCE and Data Leak Vulns

CIRT alert Situational Awareness for Eid Holidays

As the Eid holidays near, cybercriminals may try to take advantage of weakened security during this time. The CTI unit...
Read More
CIRT alert Situational Awareness for Eid Holidays

Cyberattack on Malaysian airports: PM rejected $10 million ransom

Operations at Kuala Lumpur International Airport (KLIA) were unaffected by a cyber attack in which hackers demanded US$10 million (S$13.4...
Read More
Cyberattack on Malaysian airports: PM rejected $10 million ransom

Micropatches released for Windows zero-day leaking NTLM hashes

Unofficial patches are available for a new Windows zero-day vulnerability that allows remote attackers to steal NTLM credentials by deceiving...
Read More
Micropatches released for Windows zero-day leaking NTLM hashes

VMware Patches Authentication Bypass Flaw in Windows Tool

On Tuesday, VMware issued an urgent fix for a security flaw in its VMware Tools for Windows. CVE-2025-22230 allows a...
Read More
VMware Patches Authentication Bypass Flaw in Windows Tool

IngressNightmare
Over 40% of cloud environments are vulnerable to RCE

Kubernetes users of the Ingress NGINX Controller are advised to fix four newly found remote code execution ( RCE) vulnerabilities,...
Read More
IngressNightmare  Over 40% of cloud environments are vulnerable to RCE

(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass

Next.js, a widely used React framework for building full-stack web applications, has fixed a serious security vulnerability. Used by many...
Read More
(CVE-2025-29927)  Urgently Patch Your Next.js for Authorization Bypass

Oracle refutes breach after hacker claims 6 million data theft

A hacker known as “rose87168” claims to have stolen six million records from Oracle Cloud servers. The stolen data includes...
Read More
Oracle refutes breach after hacker claims 6 million data theft

Russian zero-day seller to offer up to $4 million for Telegram exploits

Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits. They seek $500K for one-click...
Read More
Russian zero-day seller to offer up to $4 million for Telegram exploits

The hacker’s message to the Breachforums Community is a clear explanation of the “Hell Paradise” platform, which contains vulnerable government websites and related data categorized by country and vulnerability type.

The hacker claims to have found over 1000 vulnerable government websites from 49 countries. They are promoting “Hell Paradise” as a place to find and take advantage of these vulnerabilities.

Hackers classify vulnerabilities into three main categories: Vulnerabilities, Exposed Gits, and Exposed Env files. Of particular concern are critical and high-severity vulnerabilities such as Remote Code Execution (RCE), Local File Inclusion (LFI), and SQL injection (SQLi), which pose significant security risks if not fixed.

Access to “Hell Paradise” is not free. The hacker charges a $50 registration fee to prevent spam and abuse. This financial barrier helps the operator control access and reduce the risk of exploitation.

The hacker says that no data will be saved by the platform, only email addresses are needed for registration. However, the suggestion to use disposable email services like cock.li suggests that the operation is secretive and raises concerns about the real intentions of “Hell Paradise.”

“Hell Paradise” highlights the growing cyber threats to government infrastructures worldwide. Malicious actors are now more focused on attacking critical systems and stealing sensitive data. This poses a significant risk of widespread disruption and data compromise.

The cybersecurity community needs to collaborate and stay vigilant to face the increasing threat from cybercriminals and state-sponsored actors. We must take proactive measures and respond together to protect digital infrastructure and prevent the harmful effects of cyber exploitation.

Source: FalconFeeds, Cyberexpress

(Media disclaimer: This report is based on research from various sources and is for reference only. Users are responsible for how they use this information. InfoSecbulletin is not liable for the accuracy or consequences of using this information)

Check Also

ChatGPT

Hackers Exploit ChatGPT with CVE-2024-27564

Attackers are actively targeting OpenAI, exploiting CVE-2024-27564, a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s …

Leave a Reply

Your email address will not be published. Required fields are marked *