[October-20-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. MSC-Wireless falls victim to Sinobi ransomware
  1. Alleged sale of access to Binance support panel
  1. Alleged sale of Doxbinscrape
  1. Greater Mental Health of New York falls victim to Sinobi Ransomware
  1. Alleged leak of XWorm 6.5 Crack
  1. Tryon Distributing Co falls victim to Sinobi Ransomware
  1. Grupo JSA falls victim to Sinobi Ransomware
  1. Phoenix Village Dental falls victim to Sinobi Ransomware
  1. South Atlanta Medical Clinic falls victim to Sinobi Ransomware
  1. Alleged gain of access to the control panel of industrial equipment, Italy
  1. Harmony Outdoor Brands falls victim to Sinobi Ransomware
  1. Catholic Diocese of Memphis falls victim to Brain Cipher Ransomware
  1. Oxford County falls victim to Brain Cipher Ransomware
  1. Alleged Sale of France Forex leads
  1. Alleged sale of Eticex
  1. Orange County Bar Association falls victim to Kairos Ransomware
  1. Cape Dara Resort, Pattaya falls victim to Obscura Ransomware
  1. Selig Enterprises, Inc. falls victim to akira Ransomware
  • Category: Ransomware
  • Content: Group claims to have obtained 81 GB of the organization’s data. The compromised information reportedly includes Employee personal documents (passports, DLs), clients personal information (Full name, DOB, SSN, phone and so on), detailed accounting and financials, credit cards details, projects (confidential ones), drawing and specifications, NDAs, police reports and other interesting information, etc.
  • Date: 2025-10-20T18:45:01Z
  • Network: tor
  • Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/79db57c4-49cd-4614-889b-80604c8e2848.png
  • Threat Actors: akira
  • Victim Country: USA
  • Victim Industry: Real Estate
  • Victim Organization: selig enterprises, inc.
  • Victim Site: seligenterprises.com
  1. Integra BCG falls victim to DragonForce Ransomware
  1. SAACKE GmbH falls victim to LYNX Ransomware
  1. Computer World WLL falls victim to BlackShrantac Ransomware
  1. Al Ahly Leasing & Factoring Company falls victim to BlackShrantac Ransomware
  1. Altas Temizlik falls victim to BlackShrantac Ransomware
  1. Alleged data breach of Edri Ltd
  1. Alleged data breach of SuperFanVerse
  1. Cabinets 2000, LLC falls victim to BlackShrantac Ransomware
  1. Alleged sale of log data from unidentified country
  1. Alleged Sale of Amazon Japan Database
  • Category: Data Breach
  • Content: Threat actor claims to be selling data from Amazon Japan. The compromised data reportedly contains personal data of buyers, employees, and other sensitive data.
  • Date: 2025-10-20T14:27:45Z
  • Network: telegram
  • Published URL: https://t.me/rubiconhack/44
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/2e359e23-4dd3-4dfe-9b6b-1833eb90e99f.png
  • Threat Actors: Rubiconhack
  • Victim Country: Japan
  • Victim Industry: E-commerce & Online Stores
  • Victim Organization: amazon japan
  • Victim Site: amazon.co.jp
  1. Alleged sale of multi-module resident bot
  1. Alleged leak of crypto database from USA
  1. Corneilhan falls victim to Ciphbit Ransomware
  1. Seraphita falls victim to DragonForce Ransomware
  1. Alleged data leak of Makan Bergizi Gratis
  1. B.+G. Schneider Treuhand AG falls victim to PEAR Ransomware
  1. LEHNEN Group falls victim to Nova Ransomware
  1. Alleged unauthorized access to St Miquel / Cherries Glamour farm greenhouse systems
  1. EgaraSet falls victim to DragonForce Ransomware
  1. Alleged data breach of SwiftOptionTrades
  1. Alleged data breach of Deliver2Alaska
  • Category: Data Breach
  • Content: The threat actor claims to have leaked all user data from Deliver2Alaska.com, a U.S.-based mail and package forwarding service. The exposed dataset allegedly includes user IDs, full names, email addresses, Stripe customer IDs, account creation dates, mailing information, and account status details.
  • Date: 2025-10-20T06:18:42Z
  • Network: openweb
  • Published URL: https://darkforums.st/Thread-Deliver2Alaska-com-All-User-Data
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/2e2ed68d-888f-4c4d-8c82-20fac07a06f6.png
  • Threat Actors: interference
  • Victim Country: USA
  • Victim Industry: Transportation & Logistics
  • Victim Organization: deliver2alaska
  • Victim Site: deliver2alaska.com
  1. Alleged data breach of Avnet
  1. Alleged data leak of USA Driving Licence
  1. Alleged data breach of Court Decisions of Ukraine
  1. Alleged leak of database from Argentina
  1. Alleged Unauthorized Access to Climate Control System at STABILIMENTO ALSALAB
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to the advanced climate control system of STABILIMENTO ALSALAB in Italy. The system manages air handling units (UTA), heat pump, pressure, energy use, and alarm controls within the facility. It ensures precise regulation of temperature, humidity, and air quality essential for production and research. The system also includes intelligent energy management and automatic fault recovery,
  • Date: 2025-10-20T03:38:56Z
  • Network: telegram
  • Published URL: https://t.me/n2LP_wVf79c2YzM0/2026
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/d5816285-68db-46a2-87e0-08912d3bee9b.png
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Italy
  • Victim Industry: Manufacturing
  • Victim Organization: stabilimento alsalab
  • Victim Site: alsalab.it
  1. Alleged data breach of Konecta

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats.

Ransomware attacks are highly prominent, primarily by the Sinobi and BlackShrantac groups, targeting a variety of sectors including Real Estate (Brazil, USA), Hospital & Health Care (USA), Information Technology (IT) Services (Bahrain, Guatemala, USA), and Financial Services (Egypt), often compromising massive amounts of data ranging up to 6 TB. Other notable ransomware groups include Brain Cipher, Kairos, Obscura, akira, LYNX, Ciphbit, DragonForce, PEAR, and Nova, affecting organizations in Canada, USA, Thailand, Germany, Switzerland, France, and Spain.

Data Breach incidents involve the sale or leak of sensitive information across a wide spectrum:

  • Customer/User Data: Financial leads (France, USA), user data from an e-commerce site (USA), a massive database from Argentina (over 10 million records), and detailed user information from a social media platform (USA).
  • Corporate/Sensitive Data: The complete EMEA data lake from a major electronics distributor (Avnet, USA), detailed engineering designs and sensitive military documents (Indonesia), and customer/database leaks from a Turkish IT services company (Eticex).
  • Personal Identifiable Information (PII): A private pack of US driver’s licenses, personal data from Amazon Japan, and 44 million case records from the Court Decisions of Ukraine.

Initial Access remains a critical threat vector, with threat actors offering access to:

  • High-Value Systems: Binance support panel.
  • Industrial Control Systems (ICS): The STABILIMENTO ALSALAB climate control system and unnamed industrial equipment control panel in Italy, as well as an agricultural facilities management system in Spain, demonstrating a clear focus on disrupting operational technology (OT) environments.

The market for Malware is also active, with the alleged sale of a multi-module resident bot and a cracked version of the XWorm 6.5 tool, underscoring the readily available offensive capabilities in the cyber underground.

The concentration of successful attacks across diverse sectors and geographies emphasizes the critical importance of robust cybersecurity measures, continuous monitoring, and proactive threat intelligence to defend against sophisticated and opportunistic attacks.

Related Posts