This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
- Alleged Sale of AscendEX (BitMax) User Database
- Category: Data Breach
- Content: The threat actor claims to be selling a database from AscendEX (BitMax) crypto exchange. The compromised data reportedly contains 80,000 records that includes name, phone, email and country.
- Date: 2025-10-07T22:22:44Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/267764/)
- Screenshots:
- Threat Actors: btcokiz
- Victim Country: Singapore
- Victim Industry: Financial Services
- Victim Organization: ascendex
- Victim Site: ascendex.com
- Alleged Sale of Ourbit Crypto Exchange User Database
- Category: Data Breach
- Content: The threat actor claims to be selling a database containing personal details of approximately 62,000 active users of the Ourbit Crypto Exchange. The leaked data reportedly includes user’s full names, email addresses, and phone numbers.
- Date: 2025-10-07T22:12:57Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/267762/)
- Screenshots:
- Threat Actors: btcokiz
- Victim Country: UK
- Victim Industry: Financial Services
- Victim Organization: ourbit exchange
- Victim Site: ourbit.com
- Pharaoh’s Team targets multiple Indian websites
- Category: Defacement
- Content: The group claims to have defaced multiple Indian websites.
- Date: 2025-10-07T22:05:26Z
- Network: telegram
- Published URL: (https://t.me/Pharaohs_n/151)
- Screenshots:
- Threat Actors: Pharaoh’s Team
- Victim Country: India
- Victim Industry: Information Technology (IT) Services
- Victim Organization: aalokik services
- Victim Site: aalokik.com
- Rocket Stores falls victim to CHAOS Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 400 GB of the organization’s data. NB: Rocket Stores has previously fallen victim to Cactus Ransomware on March Mar 13, 2025.
- Date: 2025-10-07T21:56:12Z
- Network: tor
- Published URL: (http://hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion/dGMSUMVDjUW1WYDk173ywKODNDG89sQe/www-rocketstores-com)
- Screenshots:
- Threat Actors: CHAOS
- Victim Country: USA
- Victim Industry: Retail Industry
- Victim Organization: rocket stores
- Victim Site: rocketstores.com
- United Pacific falls victim to CHAOS Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 400 GB of the organization’s data. NB: rocketstores.com has previously fallen victim to Cactus Ransomware on March Mar 13, 2025.
- Date: 2025-10-07T21:48:57Z
- Network: tor
- Published URL: (http://hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion/dGMSUMVDjUW1WYDk173ywKODNDG89sQe/www-rocketstores-com)
- Screenshots:
- Threat Actors: CHAOS
- Victim Country: USA
- Victim Industry: Retail Industry
- Victim Organization: united pacific
- Victim Site: rocketstores.com
- indie.inc falls victim to CHAOS Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 100 GB of the organization’s data.
- Date: 2025-10-07T21:07:31Z
- Network: tor
- Published URL: (http://hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion/QHU4zM1ELStrkhq4mfE8vlydMRNGq4UF/indiesemi-com)
- Screenshots:
- Threat Actors: CHAOS
- Victim Country: USA
- Victim Industry: Manufacturing
- Victim Organization: indie.inc
- Victim Site: indiesemi.com
- Alleged Data Breach of Full Disclosure Policy Portal
- Category: Data Breach
- Content: The threat actor claims to have leaked data from Full Disclosure Policy Portal, a subdomain of Department of the Interior and Local Government (DILG), Philippines. The compromised data reportedly contains around 4,500 user credentials and nearly 40 million mixed log of data including audit trails, user histories, document logs, financial records, operational metadata, profile information, access tokens, authorization roles, etc.
- Date: 2025-10-07T21:03:32Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-LEAK-Full-Disclosure-Policy-Portal-fdpp-dilg-gov-ph-22GB)
- Screenshots:
- Threat Actors: 0xSeve
- Victim Country: Philippines
- Victim Industry: Government Administration
- Victim Organization: full disclosure policy portal
- Victim Site: fdpp.dilg.gov.ph
- Alleged data sale of iberclimagas
- Category: Data Breach
- Content: The threat actor claims to be selling leaked data from Iberclimagas. The compromised data reportedly contains 625,000 records of data including names, addresses, phone numbers, dates of birth, IBANs, national ID numbers etc.
- Date: 2025-10-07T19:50:06Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-SPAIN-iberclimagas)
- Screenshots:
- Threat Actors: dry
- Victim Country: Spain
- Victim Industry: Energy & Utilities
- Victim Organization: iberclimagas
- Victim Site: iberclimagas.com
- Alleged data leak of Montbéliard
- Category: Data Breach
- Content: The group claims to have leaked data of Montbéliard.
- Date: 2025-10-07T19:10:13Z
- Network: telegram
- Published URL: (https://t.me/lunarisS3C/51)
- Screenshots:
- Threat Actors: LunarisSec
- Victim Country: France
- Victim Industry: Automotive
- Victim Organization: montbéliard
- Victim Site: montbeliard.fr
- Alleged data sale of National Union of Israeli Students
- Category: Data Breach
- Content: The threat actor claims to be selling leaked data and defaced website of National Union of Israeli Students. The compromised data reportedly contains 132,000 records of data including members, student PII, financial ledgers, vendor agreements, operational docs etc.
- Date: 2025-10-07T18:59:30Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-nuis-co-il-Israeli-Student-Union-Data-Dump-132k-Rows-Exfiltrated)
- Screenshots:
- Threat Actors: MoneyTalks
- Victim Country: Israel
- Victim Industry: Education
- Victim Organization: national union of israeli students
- Victim Site: nuis.co.il
- Alleged leak of Ministry of Foreign Affairs and International Cooperation
- Category: Data Breach
- Content: The group claims to have leaked login credentials of Ministry of Foreign Affairs and International Cooperation.
- Date: 2025-10-07T18:58:57Z
- Network: telegram
- Published URL: (https://t.me/fornetcloud/2829)
- Screenshots:
- Threat Actors: FORNET ORG
- Victim Country: Italy
- Victim Industry: Government Administration
- Victim Organization: ministry of foreign affairs and international cooperation
- Victim Site: serviziconsolari.esteri.it
- Kronospan falls victim to Nova Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 280 GB of the organization’s data and intends to publish it within 16-17 days.
- Date: 2025-10-07T18:54:43Z
- Network: tor
- Published URL: (http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/#)
- Screenshots:
- Threat Actors: Nova
- Victim Country: Austria
- Victim Industry: Paper & Forest Products
- Victim Organization: kronospan
- Victim Site: kronospan.com
- Alleged data breach of Loudoun County Republican Committee
- Category: Data Breach
- Content: The group claims to have leaked data of Loudoun County Republican Committee.
- Date: 2025-10-07T18:34:07Z
- Network: telegram
- Published URL: (https://t.me/DIeNlt/584)
- Screenshots:
- Threat Actors: DieNet
- Victim Country: USA
- Victim Industry: Political Organization
- Victim Organization: loudoun county republican committee
- Victim Site: afc.loudoungop.com
- BCR Recovery and Mediation falls victim to Qilin Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 30 GB of the organization’s data.
- Date: 2025-10-07T18:06:23Z
- Network: tor
- Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=504f7c80-d28b-3521-8da9-e59da6947e5e)
- Screenshots:
- Threat Actors: Qilin
- Victim Country: France
- Victim Industry: Financial Services
- Victim Organization: bcr recovery and mediation
- Victim Site: bcr-recouvrement.com
- Alleged Data Breach of Ministry of Defense ( Israel )
- Category: Data Breach
- Content: The threat actor claims to have leaked data from Ministry of Defense, Israel. The compromised data reportedly contains 11,900 records of data including names, ID numbers, phone numbers, email addresses, birth dates, gender, etc. NB: Ministry of Defense (Israel) was previously breached on Fri Jul 2025.
- Date: 2025-10-07T17:35:52Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-11-9K-THOUSAND-ISRAELI-MINISTRY-OF-DEFENSE-DATABASE)
- Screenshots:
- Threat Actors: INDOHAXSEC
- Victim Country: Israel
- Victim Industry: Government Administration
- Victim Organization: ministry of defense
- Victim Site: mod.gov.il
- One law firm in Canada falls victim to ANUBIS Ransomware
- Category: Ransomware
- Content: The group claims to have obtained the organization’s data and intends to publish it within 3-4 days.
- Date: 2025-10-07T17:22:26Z
- Network: tor
- Published URL: (http://om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion/r/UmbXzoEIqfMKY0zjT8nOnUgJnDvMPklSyFdwF664YOHkNOH1eZFixqI1sufrEfpNdYo5wWA84odpSzzATx3JjhyVDJYU2JV)
- Screenshots:
- Threat Actors: ANUBIS
- Victim Country: Canada
- Victim Industry: Law Practice & Law Firms
- Victim Organization: one law firm in canada
- Victim Site: Unknown
- Alleged data leak of Coins for College
- Category: Data Breach
- Content: The group claims to have leaked data of Coins for College, contains payments and full users data.
- Date: 2025-10-07T16:57:30Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7039?single)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: USA
- Victim Industry: Education
- Victim Organization: coins for college
- Victim Site: coinsforcollege.org
- Alleged leak of Efisystem Srl login credentials
- Category: Data Breach
- Content: The group claims have leaked login credentials of Efisystem Srl.
- Date: 2025-10-07T16:45:19Z
- Network: telegram
- Published URL: (https://t.me/fornetcloud/2823)
- Screenshots:
- Threat Actors: FORNET ORG
- Victim Country: Italy
- Victim Industry: E-commerce & Online Stores
- Victim Organization: efisystem srl
- Victim Site: rovigo.efisystem.it
- Alleged Sale of RDP Access to Japanese Automotive Software Company
- Category: Initial Access
- Content: Threat actor claims to be selling unauthorized Web RDP access to a company in Japan that develops automotive software.
- Date: 2025-10-07T16:30:04Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/267732/)
- Screenshots:
- Threat Actors: setvik
- Victim Country: Japan
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- BABAYO EROR SYSTEM targets the website of Serial Immo
- Category: Defacement
- Content: The group claims to have deface the website of Serial Immo.
- Date: 2025-10-07T15:56:20Z
- Network: telegram
- Published URL: (https://t.me/c/2532663346/138)
- Screenshots:
- Threat Actors: BABAYO EROR SYSTEM
- Victim Country: France
- Victim Industry: Real Estate
- Victim Organization: serial immo
- Victim Site: serial-immo.com
- California Golf Club of San Francisco falls victim to Qilin Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 10 GB of the organization’s data.
- Date: 2025-10-07T15:50:21Z
- Network: tor
- Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=cf57b4bd-4cb5-378d-9475-ad04c122446f)
- Screenshots:
- Threat Actors: Qilin
- Victim Country: USA
- Victim Industry: Sports
- Victim Organization: california golf club of san francisco
- Victim Site: calclub.org
- Alleged gain of access to Sky News
- Category: Initial Access
- Content: The group claims to have gained access to Sky News.
- Date: 2025-10-07T15:48:42Z
- Network: telegram
- Published URL: (https://t.me/anonymous_Cr02x/1255)
- Screenshots:
- Threat Actors: Team Azrael Angel Of Death
- Victim Country: UK
- Victim Industry: Broadcast Media
- Victim Organization: sky news
- Victim Site: news.sky.com
- Alleged Sale of unauthorized administrator access to a Spanish e‑commerce site
- Category: Initial Access
- Content: The threat actor claims to be selling unauthorized administrator access to a Spanish e‑commerce site that sells exam topics and tests.
- Date: 2025-10-07T15:48:06Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/267727/)
- Screenshots:
- Threat Actors: sc0rpic
- Victim Country: Spain
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Car Bernhard falls victim to Qilin Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 99 GB of the organization’s data.
- Date: 2025-10-07T15:22:45Z
- Network: tor
- Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=6f97c566-b7b8-354c-8634-4ee175735ef7)
- Screenshots:
- Threat Actors: Qilin
- Victim Country: Austria
- Victim Industry: Automotive
- Victim Organization: car bernhard
- Victim Site: auto-bernhard.at
- Alleged gain of access to ZDC Fashion
- Category: Initial Access
- Content: The group claims to have gained access to ZDC Fashion.
- Date: 2025-10-07T15:11:09Z
- Network: telegram
- Published URL: (https://t.me/bct_muslims/47)
- Screenshots:
- Threat Actors: Bangladesh Cyber Troops – BCT
- Victim Country: India
- Victim Industry: E-commerce & Online Stores
- Victim Organization: zdc fashion
- Victim Site: zdcfashion.com
- Alleged gain access to multiple organization websites
- Category: Initial Access
- Content: Group claims to have gained access to multiple organization websites.
- Date: 2025-10-07T15:10:32Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7030)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Massachusetts Bay Community College falls victim to Qilin Ransomware
- Category: Ransomware
- Content: The group claims to have obtained the organization data.
- Date: 2025-10-07T14:41:55Z
- Network: tor
- Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=89dfbd8f-147b-321f-8a1b-5ae24f7317d8)
- Screenshots:
- Threat Actors: Qilin
- Victim Country: USA
- Victim Industry: Education
- Victim Organization: massachusetts bay community college
- Victim Site: massbay.edu
- J. Lorber Company falls victim to akira Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 45 GB of the organization’s data.
- Date: 2025-10-07T14:40:43Z
- Network: tor
- Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
- Screenshots:
- Threat Actors: akira
- Victim Country: USA
- Victim Industry: Wholesale
- Victim Organization: j. lorber company
- Victim Site: jlorber.com
- SYLHET GANG-SG targets the website of Jewish Unity Through Diversity
- Category: Defacement
- Content: The group claims to have defaced the website of Jewish Unity Through Diversity.
- Date: 2025-10-07T14:40:12Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7033)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: USA
- Victim Industry: Non-profit & Social Organizations
- Victim Organization: jewish unity through diversity
- Victim Site: unitytdiversity.com
- Harbor Diesel and Equipment, Inc. falls victim to akira Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 7 GB of the organization’s data. The compromised data includes Customers information, detailed employee information, detailed financial and accounting files, contracts, agreements, etc.
- Date: 2025-10-07T14:27:58Z
- Network: tor
- Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
- Screenshots:
- Threat Actors: akira
- Victim Country: USA
- Victim Industry: Automotive
- Victim Organization: harbor diesel and equipment, inc.
- Victim Site: gohdi.com
- Alleged unauthorized access to Thailand Golf Booking
- Category: Initial Access
- Content: The group claims to have gained access to Thailand Golf Booking.
- Date: 2025-10-07T14:24:25Z
- Network: telegram
- Published URL: (https://t.me/NigthCrawlerX/995)
- Screenshots:
- Threat Actors: NightCrawlerX
- Victim Country: Thailand
- Victim Industry: E-commerce & Online Stores
- Victim Organization: thailand golf booking
- Victim Site: thailandgolfbooking.com
- Lux Actuaries & Consultants falls victim to MEDUSA Ransomware
- Category: Ransomware
- Content: The Group claims to have obtained 928.5 GB of the organization’s data and plans to publish it within 26–27 days; sample screenshots are provided on their dark web portal.
- Date: 2025-10-07T14:11:45Z
- Network: tor
- Published URL: (http://s7lmmhlt3iwnwirxvgjidl6omcblvw2rg75txjfduy73kx5brlmiulad.onion/detail?id=34d0c3c296655b42e3a066e916155fc4)
- Screenshots:
- Threat Actors: MEDUSA
- Victim Country: UAE
- Victim Industry: Financial Services
- Victim Organization: lux actuaries & consultants
- Victim Site: luxactuaries.com
- Alleged Sale of Romanian Credential Data
- Category: Data Breach
- Content: The group claims to have obtained and is selling complete SQL data comprising Romanian user credentials. The sample data structure they provided indicates the set includes highly detailed personal and professional information, such as login id, api key, gender, lastname, frstname, address, zip, town, fk country, birth place, job, office phone, personal mobile and email.
- Date: 2025-10-07T14:11:31Z
- Network: telegram
- Published URL: (https://t.me/chipercoreteam01/7)
- Screenshots:
- Threat Actors: CipherCore Team
- Victim Country: Romania
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Sale of Indonesian Credential Data
- Category: Data Breach
- Content: The group claims to have leaked and is offering for sale complete SQL data containing Indonesian user credentials. The advertised data includes sensitive fields such as name, email, username, phone number, password, two factor secret, and two factor recovery codes.
- Date: 2025-10-07T14:05:25Z
- Network: telegram
- Published URL: (https://t.me/chipercoreteam01/6)
- Screenshots:
- Threat Actors: CipherCore Team
- Victim Country: Indonesia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged unauthorized access to Ukrainian Store Management System
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to a Ukrainian store’s sales and inventory management system, accessing modules handling orders, customers, payments, and stock data, potentially exposing sensitive business and customer information and disrupting retail operations.
- Date: 2025-10-07T13:46:32Z
- Network: telegram
- Published URL: (https://t.me/n2LP_wVf79c2YzM0/1851)
- Screenshots:
- Threat Actors: Infrastructure Destruction Squad
- Victim Country: Ukraine
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged unauthorized access to an unidentified food processing facility in Israel
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to an unidentified food processing facility in Israel. The compromised system allegedly allows control over control system of mill, timers and automation, parameters for weight, temperature, water flow, and pump, temperatures
- Date: 2025-10-07T13:40:26Z
- Network: telegram
- Published URL: (https://t.me/Z_ALLIANCE/815)
- Screenshots:
- Threat Actors: Z-PENTEST ALLIANCE
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged unauthorized access to unidentified Czech Heating Control System
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to a Czech heating control system, altering configurations and interfering with boiler, pump, and fan operations, thereby affecting temperature regulation and system processes, potentially disrupting the stability and efficiency of the heating network.
- Date: 2025-10-07T13:19:37Z
- Network: telegram
- Published URL: (https://t.me/c/2549402132/404)
- Screenshots:
- Threat Actors: Inteid
- Victim Country: Czech Republic
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- INDOHAXSEC claims to target Israeli cyberspace
- Category: Alert
- Content: A recent post by the group indicates that they are targeting Israeli cyberspace.
- Date: 2025-10-07T13:10:29Z
- Network: telegram
- Published URL: (https://t.me/INDOHAXSEC/32)
- Screenshots:
- Threat Actors: INDOHAXSEC
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Asahi Group Holdings, Ltd. falls victim to Qilin Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 27 GB of the organization’s data.
- Date: 2025-10-07T12:59:56Z
- Network: tor
- Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=4ab58a1b-fb98-3cc1-8659-559c37b2388c)
- Screenshots:
- Threat Actors: Qilin
- Victim Country: Japan
- Victim Industry: Food & Beverages
- Victim Organization: asahi group holdings, ltd.
- Victim Site: asahigroup-holdings.com
- Alleged unauthorized access to an unidentified control panel of Liquefied natural gas in Poland
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to an unidentified control panel of Liquefied natural gas in Poland. The compromised system allegedly allows control over actuators, network interfaces and external integrations, system services and processes, files, logs, and configurations.
- Date: 2025-10-07T12:54:25Z
- Network: telegram
- Published URL: (https://t.me/TwoNetchannel/20)
- Screenshots:
- Threat Actors: TwoNet
- Victim Country: Poland
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of STNet, Incorporated
- Category: Data Breach
- Content: The group claims to have obtained organization’s data.
- Date: 2025-10-07T12:52:31Z
- Network: telegram
- Published URL: (https://t.me/c/3127628636/141)
- Screenshots:
- Threat Actors: CLOBELSECTEAM
- Victim Country: Japan
- Victim Industry: Network & Telecommunications
- Victim Organization: stnet, incorporated
- Victim Site: stnet.co.jp
- INDOHAXSEC targets multiple websites
- Category: Defacement
- Content: The group claims to have defaced multiple websites from Ecuador.
- Date: 2025-10-07T12:44:37Z
- Network: telegram
- Published URL: (https://t.me/INDOHAXSEC/30)
- Screenshots:
- Threat Actors: INDOHAXSEC
- Victim Country: Ecuador
- Victim Industry: Education
- Victim Organization: instituto superior universitario sucre
- Victim Site: sucrereview.tecnologicosucre.edu.ec
- Alleged data breach of World of Warcraft and Blizzard
- Category: Data Breach
- Content: The threat actor claims to have leaked data from World of Warcraft and Blizzard, allegedly containing ID, user login, user pass, user nicename, user email, user URL, and more.
- Date: 2025-10-07T12:28:45Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-idtankthat-com-World-of-Warcraft-site-Database)
- Screenshots:
- Threat Actors: camillaDF
- Victim Country: UK
- Victim Industry: Gaming
- Victim Organization: world of warcraft and blizzard
- Victim Site: idtankthat.com
- Legion targets the website of Synapse5
- Category: Defacement
- Content: The group claims to have defaced the website of Synapse5.
- Date: 2025-10-07T12:26:09Z
- Network: telegram
- Published URL: (https://t.me/Legion_offlcail/557)
- Screenshots:
- Threat Actors: Legion
- Victim Country: Czech Republic
- Victim Industry: Marketing, Advertising & Sales
- Victim Organization: synapse5
- Victim Site: synapse5.com
- Alleged leak of Active Israeli Phone Numbers
- Category: Data Breach
- Content: The group claims to have successfully performed a scrape operation, compromising and extracting data from 120 active Israeli phone numbers.
- Date: 2025-10-07T12:25:53Z
- Network: telegram
- Published URL: (https://t.me/VFCTeam/251)
- Screenshots:
- Threat Actors: V FOR VENDETTA CYBER TEAM
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- GenZRisingNepal targets the website of Nepal Disaster Risk Reduction Portal
- Category: Defacement
- Content: Group claims to have targets the website of Nepal Disaster Risk Reduction Portal
- Date: 2025-10-07T12:08:20Z
- Network: telegram
- Published URL: (https://t.me/ctrl_nepal/136)
- Screenshots:
- Threat Actors: GenZRisingNepal
- Victim Country: Nepal
- Victim Industry: Government Administration
- Victim Organization: nepal disaster risk reduction portal
- Victim Site: drrportal.gov.np
- Alleged unauthorized access to KOPERS System in Saint‑Rose
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to the KOPERS HMI system in Saint‑Rose, implanting a hidden, unremovable admin account that enabled them to manipulate pumps, chlorine dosing, pressure regulation, and monitoring/alerting functions, granting persistent, covert control over the municipality’s water‑supply management and causing critical operational disruption.
- Date: 2025-10-07T11:58:30Z
- Network: telegram
- Published URL: (https://t.me/c/2634086323/1861)
- Screenshots:
- Threat Actors: NoName057(16)
- Victim Country: Canada
- Victim Industry: Machinery Manufacturing
- Victim Organization: kopers
- Victim Site: kopers.ca
- Legion targets the website of Radek Buk
- Category: Defacement
- Content: The group claims to have defaced the website of Radek Buk.
- Date: 2025-10-07T11:45:06Z
- Network: telegram
- Published URL: (https://t.me/Legion_offlcail/556)
- Screenshots:
- Threat Actors: Legion
- Victim Country: Czech Republic
- Victim Industry: Fine Art
- Victim Organization: radek buk
- Victim Site: radekbuk.com
- Alleged Leak of 1.5 Million Israeli Residents’ Data
- Category: Data Breach
- Content: The group claims to have breached the personal information and passwords of 1.5 million individuals, alleging they are Israeli “occupiers” involved in the conflict. The group threatened to later expose thousands of soldiers and defense industry personnel.
- Date: 2025-10-07T11:37:06Z
- Network: telegram
- Published URL: (https://t.me/CyberToufan02/425)
- Screenshots:
- https://d34iuop8pidsy8.cloudfront.net/0a90a3e9-43e8-48bd-9267-9d4987954221.png
- https://d34iuop8pidsy8.cloudfront.net/c123d18a-d177-4ae3-b19d-2f4597e58af4.png
- https://d34iuop8pidsy8.cloudfront.net/2355ecd6-4fcf-4d56-96c1-2c28fdd854ae.png
- https://d34iuop8pidsy8.cloudfront.net/2987c25b-7da8-4c8c-95d7-07da40f51803.png
- Threat Actors: Cyber Toufan Operations
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- V FOR VENDETTA CYBER TEAM claims to target multiple countries
- Category: Alert
- Content: A recent post by the group indicates they are targeting multiple countries such as china, nepal, israel, japan, indonesia, india, cambodia, malaysia.
- Date: 2025-10-07T11:32:59Z
- Network: telegram
- Published URL: (https://t.me/VFCTeam/262)
- Screenshots:
- Threat Actors: V FOR VENDETTA CYBER TEAM
- Victim Country: China
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- INDOHAXSEC targets multiple websites
- Category: Defacement
- Content: The group claims to have defaced multiple websites from New Zealand and Australia.
- Date: 2025-10-07T11:31:33Z
- Network: telegram
- Published URL: (https://t.me/INDOHAXSEC/29)
- Screenshots:
- Threat Actors: INDOHAXSEC
- Victim Country: New Zealand
- Victim Industry: Building and construction
- Victim Organization: gy construction
- Victim Site: gycon.co.nz
- Lautrec Ltd. falls victim to Akira Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 18 GB of the organization’s data. The compromised data includes financial data (audit, payment details, financial reports, invoices), employees and customers information (passports, driver’s license, Social Security Numbers, birth certificates, emails, phones) confidential information and other documents with detailed personal information.
- Date: 2025-10-07T10:51:26Z
- Network: tor
- Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
- Screenshots:
- Threat Actors: akira
- Victim Country: USA
- Victim Industry: Real Estate
- Victim Organization: lautrec ltd.
- Victim Site: lautrecltd.com
- Public Hacktivist targets the website of Dodson Natural Pharmacy
- Category: Defacement
- Content: The group claims to have defaced the website of Dodson Natural Pharmacy. Mirror Link: https://www.zone-h.org/mirror/id/41463708
- Date: 2025-10-07T10:32:19Z
- Network: telegram
- Published URL: (https://t.me/publichacktivis/211)
- Screenshots:
- Threat Actors: Public Hacktivist
- Victim Country: Israel
- Victim Industry: Healthcare & Pharmaceuticals
- Victim Organization: dodson natural pharmacy
- Victim Site: davidsonhealth.co.il
- HEZI RASH claims to target Iran
- Category: Alert
- Content: A recent post by the group indicates that they are targeting Iran.
- Date: 2025-10-07T10:08:53Z
- Network: telegram
- Published URL: (https://t.me/hezirash/1802)
- Screenshots:
- Threat Actors: HEZI RASH
- Victim Country: Iran
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of Taldor
- Category: Data Breach
- Content: The threat actor claims to have breached Israeli IT provider Taldor, alleging long-term access to internal systems and exfiltration of sensitive data linked to Elbit Systems, IDF, Rafael, the Ministry of Defense, and Mossad, potentially compromising national security.
- Date: 2025-10-07T10:03:20Z
- Network: openweb
- Published URL: (https://nasir.cc/pages/taldor.html)
- Screenshots:
- Threat Actors: Nasir Security
- Victim Country: Israel
- Victim Industry: Information Technology (IT) Services
- Victim Organization: taldor
- Victim Site: taldor.co.il
- Alleged data breach of KOHEP
- Category: Data Breach
- Content: The group claims to have leaked data from KOHEP.
- Date: 2025-10-07T09:51:51Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7027)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: France
- Victim Industry: Health & Fitness
- Victim Organization: kohep
- Victim Site: kohep.com
- Alleged data breach of Nigerian and Canadian Business Network
- Category: Data Breach
- Content: The group claims to have obtained the organization’s data.
- Date: 2025-10-07T09:48:28Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7027)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Canada
- Victim Industry: Business and Economic Development
- Victim Organization: nigerian and canadian business network
- Victim Site: ncbn.ca
- Alleged data breach of BIGLOBE Inc.
- Category: Data Breach
- Content: The group claims to have obtained 8GB of organization’s data.
- Date: 2025-10-07T09:46:44Z
- Network: telegram
- Published URL: (https://t.me/c/3127628636/141)
- Screenshots:
- Threat Actors: CLOBELSECTEAM
- Victim Country: Japan
- Victim Industry: Information Technology (IT) Services
- Victim Organization: biglobe inc.
- Victim Site: biglobe.co.jp
- Alleged data breach of IDC Frontier Inc.
- Category: Data Breach
- Content: The group claims to have obtained 13GB of organization’s data.
- Date: 2025-10-07T09:44:28Z
- Network: telegram
- Published URL: (https://t.me/c/3127628636/141)
- Screenshots:
- Threat Actors: CLOBELSECTEAM
- Victim Country: Japan
- Victim Industry: Information Technology (IT) Services
- Victim Organization: idc frontier inc.
- Victim Site: idcf.jp
- Alleged data leak of Smart City Plaza
- Category: Data Breach
- Content: The group claims to have leaked data from Smart City Plaza.
- Date: 2025-10-07T09:13:22Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Netherlands
- Victim Industry: Information Services
- Victim Organization: smart city plaza
- Victim Site: smartcityplaza.nl
- Alleged data leak of 50PLUS Emmen
- Category: Data Breach
- Content: The group claims to have leaked data from 50PLUS Emmen.
- Date: 2025-10-07T09:08:38Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Netherlands
- Victim Industry: Political Organization
- Victim Organization: 50plus emmen
- Victim Site: emmen50plus.nl
- Alleged data leak of International Fellowship of Birdwatching Rotarians (IFBR)
- Category: Data Breach
- Content: The group claims to have leaked data from International Fellowship of Birdwatching Rotarians (IFBR)
- Date: 2025-10-07T09:01:17Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Netherlands
- Victim Industry: Non-profit & Social Organizations
- Victim Organization: international fellowship of birdwatching rotarians
- Victim Site: ifbr.nl
- Alleged data leak of Findmino
- Category: Data Breach
- Content: The group claims to have leaked data from Findmino.
- Date: 2025-10-07T08:57:40Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Netherlands
- Victim Industry: Online Publishing
- Victim Organization: findmino
- Victim Site: findmino.nl
- Alleged data leak of Rapenburg Chamber Orchestra
- Category: Data Breach
- Content: The group claims to have leaked data from Rapenburg Chamber Orchestra.
- Date: 2025-10-07T08:53:50Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Netherlands
- Victim Industry: Performing Arts
- Victim Organization: rapenburg chamber orchestra
- Victim Site: rapenburgkamerorkest.nl
- Alleged data leak of France biotech
- Category: Data Breach
- Content: The group claims to have leaked data from France biotech.
- Date: 2025-10-07T08:51:18Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: France
- Victim Industry: Biotechnology
- Victim Organization: france biotech
- Victim Site: france-biotech.fr
- Alleged data leak of Les Ambassadeurs de Mulhouse Sud Alsace
- Category: Data Breach
- Content: The group claims to have leaked data from Les Ambassadeurs de Mulhouse Sud Alsace.
- Date: 2025-10-07T08:45:49Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: France
- Victim Industry: Non-profit & Social Organizations
- Victim Organization: les ambassadeurs de mulhouse sud alsace
- Victim Site: ambassadeurs-mulhouse.fr
- Alleged data breach of Job Service
- Category: Data Breach
- Content: The group claims to have obtained the organization’s data.
- Date: 2025-10-07T08:35:57Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7025)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: USA
- Victim Industry: Human Resources
- Victim Organization: job service
- Victim Site: jobinfoservice.com
- Alleged data leak of MediaConcept
- Category: Data Breach
- Content: The group claims to have obtained the organization’s data.
- Date: 2025-10-07T08:01:06Z
- Network: telegram
- Published URL: (https://t.me/SylhetGangSG1/7024)
- Screenshots:
- Threat Actors: SYLHET GANG-SG
- Victim Country: Israel
- Victim Industry: Graphic & Web Design
- Victim Organization: mediaconcept
- Victim Site: mediaconcept.co.il
- Alleged data leak from an unidentified server in Israel
- Category: Data Breach
- Content: The group claims to have successfully hacked a phpMyAdmin database and changed its credentials. They state they will leak the full panel database soon.
- Date: 2025-10-07T07:00:22Z
- Network: telegram
- Published URL: (https://t.me/c/3019913760/193)
- Screenshots:
- Threat Actors: AL-MUJAHIDEEN FORCE 313
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Choithrams falls victim to Black Nevas
- Category: Ransomware
- Content: The group has leaked sensitive data allegedly belonging to T. Choithram and Sons, LLC (Choithrams), a well-known grocery retail and distribution chain operating across the UAE, Bahrain, Qatar, and Oman. The threat actors claim to possess scanned passports of nearly all employees, SQL and SAP databases, and even internal corporate network access. The leaked data reportedly includes documents from the company’s IT department, along with internal chat screenshots showing communications related to IT and administrative operations.
- Date: 2025-10-07T06:24:01Z
- Network: tor
- Published URL: (http://ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion/publications/details/d5deb426-7ff6-4951-a75e-4dcd304dd8fd)
- Screenshots:
- Threat Actors: Black Nevas
- Victim Country: UAE
- Victim Industry: Retail Industry
- Victim Organization: choithrams
- Victim Site: choithramsgcc.com
- Alleged data breach ofSecretaría de Educación Pública (SEP)
- Category: Data Breach
- Content: A threat actor claims to have leaked student data from SEP institutions, including INE, CURP, birth certificates, and professional IDs, affecting campuses like CBTIS and CETIS, with files reportedly shared in .xlsx format.
- Date: 2025-10-07T06:16:21Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATA-OF-STUDENTS-OF-SEP)
- Screenshots:
- Threat Actors: Alz_157s
- Victim Country: Mexico
- Victim Industry: Government Administration
- Victim Organization: secretaría de educación pública (sep)
- Victim Site: sep.gob.mx
- Alleged data breach of Superior Court of Justice of Lima Norte
- Category: Data Breach
- Content: The threat actor claims to have leaked 1.9 GB of sensitive data including Personally Identifiable Information (PII) from the Superior Court of Justice of Lima Norte
- Date: 2025-10-07T05:51:22Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-PERU-SUPERIOR-COURT-OF-JUSTICE-OF-LIMA-NORTE-1-9GB)
- Screenshots:
- Threat Actors: malconguerra2
- Victim Country: Peru
- Victim Industry: Judiciary
- Victim Organization: superior court of justice of lima norte
- Victim Site: gob.pe/csjlimanorte
- Alleged data breach of DepEd Aurora
- Category: Data Breach
- Content: Threat actor claims to have leaked data from the Department of Education (DepEd) Aurora, Philippines. The alleged breach involves multiple databases and a backup file (1.5 GB), which they say have been exfiltrated and shared publicly.
- Date: 2025-10-07T05:37:04Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-PHILIPPINES-DEPED-AURORA-DATA-LEAK-OF-FULL-DATABASE)
- Screenshots:
- Threat Actors: Quantum_Security_Group
- Victim Country: Philippines
- Victim Industry: Education
- Victim Organization: deped aurora
- Victim Site: depedaurora.ph
- NightCrawlerX targets the website of C-TECH Chanaphonkhan Technology College
- Category: Defacement
- Content: The group claims to have deface the databases of C-TECH Chanaphonkhan Technology College.
- Date: 2025-10-07T05:14:04Z
- Network: telegram
- Published URL: (https://t.me/NigthCrawlerX/988)
- Screenshots:
- Threat Actors: NightCrawlerX
- Victim Country: Thailand
- Victim Industry: Education
- Victim Organization: c-tech chanaphonkhan technology college
- Victim Site: c-tech.ac.th
- LightSec targets the website of Grupo Torres Center Lda.
- Category: Defacement
- Content: The threat actor claims to have defaced the website of Grupo Torres Center Lda.
- Date: 2025-10-07T05:01:33Z
- Network: openweb
- Published URL: (https://x.com/l1ghts3c/status/1975202313087369610?s=46)
- Screenshots:
- Threat Actors: LightSec
- Victim Country: Angola
- Victim Industry: Building and construction
- Victim Organization: grupo torres center lda.
- Victim Site: grupotorrescenter.ao
- Alleged leak of login access to Departmental Personnel Information System (DPIS) – Ministry of Interior
- Category: Initial Access
- Content: The group claims to have leaked unauthorized login access to Human Resource Information System (HRIS) portal operated by Thailand’s Ministry of Interior (MOI), used for managing personnel data across provincial and central government departments.
- Date: 2025-10-07T04:20:49Z
- Network: telegram
- Published URL: (https://t.me/nxbbsec/2794)
- Screenshots:
- Threat Actors: NXBB.SEC
- Victim Country: Thailand
- Victim Industry: Government & Public Sector
- Victim Organization: ministry of interior (moi)
- Victim Site: dpis.moi.go.th
- Alleged leak of admin access to Universidad Salesiana (UNISAL)
- Category: Initial Access
- Content: Threat actor claims to have leaked admin credentials belonging to Universidad Salesiana (UNISAL).
- Date: 2025-10-07T03:54:59Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Argentinian-aulavirtual-unisal-edu-ar-Admin-Access)
- Screenshots:
- Threat Actors: crazyboy68
- Victim Country: Argentina
- Victim Industry: Higher Education/Acadamia
- Victim Organization: universidad salesiana (unisal)
- Victim Site: unisal.edu.ar
- Alleged unauthorized access to an unidentified organization in Japan
- Category: Initial Access
- Content: The threat actor is offering to sell RDP user access to an unidentified organization in Japan with 52,000 employees.
- Date: 2025-10-07T02:55:48Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/267692/)
- Screenshots:
- Threat Actors: setvik
- Victim Country: Japan
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged leak of login crendentials from NetVoiss Chile
- Category: Data Breach
- Content: The group claims to have leaked login credentials from NetVoiss Chile.
- Date: 2025-10-07T02:46:47Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223795)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Chile
- Victim Industry: Network & Telecommunications
- Victim Organization: netvoiss chile
- Victim Site: crm.netvoiss.cl
- Alleged data breach of Terminales Portuarios Peruanos
- Category: Data Breach
- Content: The threat actor claims to have leaked a 10GB internal data archive belonging to Terminales Portuarios Peruanos (TPP), a logistics operator in Peru and part of the Woll Group. Posted on a known dark web forum, the leak allegedly contains sensitive documents such as infrastructure diagrams, internal procedures, and security-related materials in formats like XLSX, PDF, and DOCX.
- Date: 2025-10-07T02:38:53Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Document-2025-10GB-internal-data-from-TPP)
- Screenshots:
- Threat Actors: abzerocool
- Victim Country: Peru
- Victim Industry: Transportation & Logistics
- Victim Organization: terminales portuarios peruanos
- Victim Site: tpp.com.pe
- Alleged leak of multiple login credentials from Swap Energía S.A
- Category: Data Breach
- Content: The group claims to have leaked 100nset of user login credentials from Swap Energía S.A
- Date: 2025-10-07T02:24:31Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223725)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Spain
- Victim Industry: Energy & Utilities
- Victim Organization: swap energía s.a
- Victim Site: swapenergia.com
- Alleged leak of login crendentials from Timely
- Category: Data Breach
- Content: The group claims to have leaked login credentials from Timely
- Date: 2025-10-07T02:05:30Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223731)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: New Zealand
- Victim Industry: Software
- Victim Organization: timely
- Victim Site: app.gettimely.com
- Alleged leak of multiple login credentials from Nexus Energía, S.A.
- Category: Data Breach
- Content: The group claims to have leaked multiple login credentials associated with Nexus Energía, S.A.
- Date: 2025-10-07T00:57:48Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223749)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Argentina
- Victim Industry: Energy & Utilities
- Victim Organization: nexus energía, s.a.
- Victim Site: nexusenergia.com
- Alleged leak of login crendentials from BiGO IPTV.
- Category: Data Breach
- Content: The group claims to have leaked login credentials from BiGO IPTV.
- Date: 2025-10-07T00:49:24Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223746)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Pakistan
- Victim Industry: Entertainment & Movie Production
- Victim Organization: bigo iptv
- Victim Site: my.bigoiptv.com
- Alleged leak of multiple login credentials from PAI
- Category: Data Breach
- Content: The group claims to have leaked login crendentials including admin credentials from PAI.
- Date: 2025-10-07T00:40:00Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223734)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Peru
- Victim Industry: International Trade & Development
- Victim Organization: pai
- Victim Site: pai.org.pe
- Alleged data leak of Programa de Apoyo a la Internacionalización (PAI)
- Category: Data Breach
- Content: The group claims to have leaked admin crendentials from Programa de Apoyo a la Internacionalización (PAI).
- Date: 2025-10-07T00:28:48Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223734)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Peru
- Victim Industry: International Trade & Development
- Victim Organization: programa de apoyo a la internacionalización (pai)
- Victim Site: pai.pe
- Alleged leak of credentials from Amperios
- Category: Data Breach
- Content: The group claims to have leaked login credentials from Amperios
- Date: 2025-10-07T00:16:15Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/223741)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: Spain
- Victim Industry: Renewables & Environment
- Victim Organization: amperios
- Victim Site: amperiosenergia.com
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats, strictly based on the provided information. Data breaches and Ransomware attacks remain prominent, targeting sectors from Financial Services and Retail to Government and Education across various geographies, with a notable concentration in the USA, Israel, and Japan. Initial Access broker activity is also observed, with threat actors selling access to corporate and critical infrastructure systems. The compromised data ranges from personal user information and credentials to financial records, internal data archives, and large customer databases, underscoring the persistent and varied threats faced by organizations globally.