[September-16-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Alleged Breach of Unidentified ICS and SCADA System
  • Category: Data Breach
  • Content: The group claims to have breached an unidentified ICS and SCADA system, disrupting production processes, damaging equipment, deleting automation scripts and databases, and taking customer communication systems under control.
  • Date: 2025-09-16T13:40:03Z
  • Network: telegram
  • Published URL: (https://t.me/unknowns_cyberteam/742)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/a09dc9b6-37c0-4836-a02b-a402c0d9f7d8.png
  • Threat Actors: Unknowns cyber team
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data breach of SK Telecom Co., Ltd.
  1. UNDERGROUND-NET targets the website of SMK Muhammadiyah 2 Wuryantoro
  1. UNDERGROUND-NET targets the website of SMP NEGERI 1 BONOROWO
  1. Alleged data leak of All India Institute of Medical Sciences (AIIMS)
  1. Alleged data leak of Rädlinger Mechanical and Steel Construction
  1. Alleged Unauthorized Access to Water Treatment Control System, United States
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to an advanced electrochemical water treatment control system in the United States. The compromised system reportedly manages solution production, pumps, digital valves, precision sensors, relays, and operational modes, with applications in disinfection, water treatment, and industrial cleaning.
  • Date: 2025-09-16T08:53:29Z
  • Network: telegram
  • Published URL: (https://t.me/n2LP_wVf79c2YzM0/1658)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/bce67b47-465b-49d5-9c90-753d7b3b7c46.png
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged leak of unauthorized access to Kasikornbank Public Company Limited (KBank)
  1. Alleged data leak of Taiwan shopping data
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a database containing Taiwan shopping data. The leak reportedly includes detailed personal information such as names, identification numbers, birthdates, phone numbers, addresses, email addresses, and other personal details. The sample data contains over a thousand records with sensitive customer information, potentially exposing individuals to privacy risks.
  • Date: 2025-09-16T06:09:39Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/266361/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/bad8e8cd-a8dc-4dae-b67a-7a85f30604a8.png
  • Threat Actors: r57
  • Victim Country: Taiwan
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data breach of Allianz Insurance Thailand
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a database of Allianz Insurance Thailand. The leak includes extensive customer data: names, national ID numbers, phone numbers, addresses, policy codes, transaction details, and dates.
  • Date: 2025-09-16T06:02:07Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/266358/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/40d3f4b2-45eb-4a5b-b060-b3bbe2c9e7c4.png
  • Threat Actors: r57
  • Victim Country: Thailand
  • Victim Industry: Insurance
  • Victim Organization: allianz insurance thailand
  • Victim Site: allianz.co.th
  1. Alleged data breach of Prasertphon Use Car
  1. Cyb3r Drag0nz targets the website of Iraqi Society for Photography
  1. Alleged leak of Iraq database
  1. Alleged leak of Iraq citizen data
  1. Alleged data breach of Loopia
  • Category: Data Breach
  • Content: The threat actor claims to have leaked full SQL data from Loopia. The exposed database allegedly includes fields such as: id, date, time, IP, URL requested, agent, referrer, search, nation, OS, browser, search engine, spider, feed, user, and timestamp.
  • Date: 2025-09-16T05:08:40Z
  • Network: telegram
  • Published URL: (https://t.me/bl4ckcyb3rofficial/1941)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/2ac68fb6-f261-4cec-8102-2f709b7a886a.png
  • Threat Actors: BL4CK CYB3R
  • Victim Country: Sweden
  • Victim Industry: Software Development
  • Victim Organization: loopia
  • Victim Site: loopia.se
  1. Alleged leak of login access to phpMyAdmin
  1. Alleged data breach of American Charter Communications LLC

he cyber incidents documented in this report reveal a dynamic and multifaceted threat landscape. Data breaches and leaks are a significant concern, impacting diverse sectors from telecommunications and healthcare to manufacturing and financial services across countries like South Korea, India, Germany, Taiwan, Thailand, Sweden, and the USA. The compromised data is extensive, ranging from personal user information, financial records, and patient data to sensitive ICS/SCADA systems. Beyond data exfiltration, a notable trend is the sale of initial access, with threat actors offering unauthorized entry into corporate networks, including a US-based water treatment control system, and a major financial institution in Thailand. The report also highlights the activity of threat actors like Unknowns cyber team, CoinbaseCartel, and CLOBELSECTEAM, among others, who operate across various networks including Telegram and the Tor network. These incidents collectively underscore the critical need for organizations worldwide to adopt robust cybersecurity measures, including strong access controls, continuous monitoring, and proactive threat intelligence, to defend against these sophisticated and opportunistic attacks.

Related Posts