What is GalaxyWarden / DoxxScan?

GalaxyWarden maps every public link between a person’s online handles (Twitch, Discord, gamer alias, trader handle) and their real-world identity (home address, phone number, real name). It indexes 15.4B+ breach records and monitors 100+ platforms. The audience is people whose income or safety depends on a public profile — content creators, streamers, gamers, traders, executives.

How do I check if my Twitch / Discord / gaming handle is doxxed?

Run a DoxxScan™ at https://www.galaxywarden.com/. Enter your gamertag, username, or email. DoxxScan™ returns every public link between that handle and your real identity — including breach records, leaked credentials, and connected accounts — plus an AI-generated remediation plan. Activate Warden ($4.17/mo billed annually, no subscription required) for continuous credential monitoring, instant breach alerts, and a 24/7 AI Security Concierge.

Is GalaxyWarden free?

GalaxyWarden offers a no subscription required of Warden ($4.99/mo or $49.99/yr) and Warden Plus ($9.99/mo or $99/yr). The preview unlocks a one-time DoxxScan™ and the AI Concierge; recurring monitoring, analyst, remediation tracking, and alerts unlock when you convert. Card required for verification, $0 during the preview. Cancel anytime.

How is GalaxyWarden different from a basic breach checker?

Basic breach checkers tell you if your email shows up in a breach. GalaxyWarden’s DoxxScan™ maps the full chain between your handles and your real identity — not just email leaks but the persona-to-name-to-address links a doxxer would actually use. It indexes 15.4B breach records, monitors 100+ platforms, and gives you a step-by-step remediation plan. Built by an offensive-security pen tester.

Can GalaxyWarden remove my information from data broker sites?

Automated data-broker removal is a guided toolkit — GalaxyWarden generates per-broker opt-out links and remediation steps for you to execute. Fully automated removal is on the roadmap.

Is GalaxyWarden available for healthcare and pharma executives?

Yes — GalaxyWarden offers DoxxScan™ Executive Defense for healthcare systems, pharmaceutical companies, insurers, and other high-target verticals. Per-executive pricing $1,000–$10,000/month depending on coverage tier (Standard / Enhanced / White-Glove). Includes manual remediation, weekly intelligence digest, and dedicated specialist. Inquire at https://www.galaxywarden.com/doxxscan/enterprise/.

Who built GalaxyWarden?

GalaxyWarden and DoxxScan™ are products built by BATech LLC, a security-software company. CEO Brandon Audeh has a background in offensive security — pen testing — which directly informs product direction. The persona-to-identity link mapping DoxxScan™ does is the same chain a doxxer would use, built into a defender’s tool by a team led by someone who has spent years on the offensive side professionally.

How does GalaxyWarden protect creators and streamers?

GalaxyWarden alerts you the moment a new public link surfaces between your persona (Twitch handle, gamertag, etc.) and your real identity, so you can shut it down before it can be used to dox, swat, SIM-swap, or stalk you. Continuous monitoring of 100+ platforms, instant alerts on credential leaks, AI remediation plan, and the same engine the team uses for healthcare-executive protection.

high severity June 02, 2026 · unknown affected

Red Hat NPM Packages Backdoored in Supply Chain Attack

Attackers compromised a Red Hat employee's GitHub account and CI/CD pipeline to publish 96 malicious versions of 32 @redhat-cloud-services NPM packages. The Miasma credential-stealing worm (Mini Shai-Hulud variant) was injected via preinstall hook. Packages had nearly 10M downloads; over 200 downstream repos exposed harvested credentials.

⚠ Were you affected?

Free email scanner — we check your address against 15.4B+ leaked records (including this breach) in 15 seconds.

Run free scan →

Red Hat NPM Packages Backdoored in Supply Chain Attack

Data exposed:

github secrets
npm tokens
cloud credentials
ssh keys

A supply chain attack compromised 32 official @redhat-cloud-services NPM packages, resulting in the publication of 96 malicious versions that collectively received nearly 10 million downloads. The incident exposed GitHub secrets, NPM tokens, cloud credentials, and SSH keys from affected build environments and downstream repositories, with public reporting indicating that more than 200 downstream projects had credentials harvested by the embedded malware.

According to reporting from SecurityWeek, attackers first gained control of a Red Hat employee’s GitHub account and the associated CI/CD pipeline. They then injected the Miasma credential-stealing worm, identified as a Mini Shai-Hulud variant, through a malicious preinstall hook. The compromised packages remained available on the NPM registry until discovered and removed. Industry research from sources such as DoxxScan™ continuous monitoring indicates that credential leaks of this nature frequently appear in subsequent underground markets within days of initial exposure.

You've read 2 of 2 free articles today — reset tomorrow.

Want the rest of this breakdown?

Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.

Get Protected →

Already have an account? Log in →

Full breach archive

Weekly threat digest

72hr Warden™ free trial

Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.

$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.

GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records (including this breach) in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →

Want the rest of this breakdown?

⚠ Were you in this breach?

Both halves of the chain, cleaned once.

Activate Warden