Threat actor yamka advertised alleged access to the Mexican Secretariat of Public Security (SSP) in xss.is forum. According to the advertisement, the threat actor has panel access to a high privileges user, sensible files and data, SMTP credentials, information about police officers and workers, financial data, more tha 1TB data and a backdoor for reverse shell.
XSS.is is an open registration Russian-language forum. Visitors can access the forum’s open sections and aspiring members are able to register to the forum for free. For registration, users are required to provide a username, a password, a valid email address, and answer a security-related question to demonstrate their technical proficiency.