[October-29-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Dilosa Food Companies falls victim to INC RANSOM Ransomware
  1. BABAYO EROR SYSTEM targets the Kabupaten Sukabumi websites
  1. Alleged database leak of USA citizens
  1. Alleged Leak of Israeli Donor Email Addresses
  1. FSB GROUP LTD. falls victim to Brain Cipher Ransomware
  1. SEMAG falls victim to Brain Cipher Ransomware
  1. AXXIA BMW Motorrad falls victim to Brain Cipher Ransomware
  1. Alleged dale of Admin Access to an US-based sports-betting SaaS company
  • Category: Initial Access
  • Content: Threat actor claims to be selling full administrative access to a US-based sports-betting SaaS company. The claim describes root SSH access to Linux servers, administrative RDP on Windows servers, access to production databases hosted on AWS and Azure, and admin cloud/accounts and code-repo keys. The listing is unverified.
  • Date: 2025-10-29T21:31:04Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/269231/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/f34625cd-03cd-496e-8ee9-d0cb1baa7cda.png
  • Threat Actors: ducreux
  • Victim Country: USA
  • Victim Industry: Gaming
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data sale of Multiestetica
  1. Alleged Sale of Unauthorized VPN & Admin Access to Unidentified EU Pharmaceutical
  1. Alleged data sale of Itaka
  1. Clackamas Community College falls victim to MEDUSA ransomware
  1. Alleged data sale of SuperGrosz
  1. Alleged data sale of Alles-fuer-Selbermacher
  1. OpenEyes Technologies Inc. falls victim to RADAR group ransomware
  1. BABAYO EROR SYSTEM targets the website of Kecamatan Cimanggu
  1. Alleged sale of unauthorized access to unidentified company from Сanada
  1. BABAYO EROR SYSTEM targets the website of Kecamatan Kabandungan
  1. Alleged Sale of Unauthorised CRM access to an unidentified UAE real-estate organization
  1. BABAYO EROR SYSTEM targets the website of Kecamatan Cidolog
  1. BABAYO EROR SYSTEM targets the website of Pemerintah Kabupaten Sukabumi
  1. Alleged data breach of TBM Service Group
  1. BABAYO EROR SYSTEM targets the website of MTs Darussalam Kebonan
  1. Alleged Sale of Mail-Pass Access to UAE Real-Estate
  1. BABAYO EROR SYSTEM targets the website of Madrasah Ibtidaiyah Negeri 4 Wajo
  1. BABAYO EROR SYSTEM targets the website of Kecamatan Tegalbuleud
  1. BASSETTI Group falls victim to Nova ransomware
  1. Time Equities Inc. falls victim to Payouts King ransomware
  1. Alleged data leak of Bank of Jerusalem
  1. Alleged sale of Google Account and 254 GB of corporate data belonging to VIZ Media
  1. Phillips Printing Company falls victim to Nitrogen ransomware
  1. We R Family Foundation falls victim to NightSpire ransomware
  1. SuperValue Co., Ltd. falls victim to Qilin ransomware
  1. Clarion Safety Systems falls victim to akira ransomware
  1. Tanya Creations, A Division of Unique Designs, Inc. falls victim to Qilin ransomware
  1. Alleged sale of admin access to an unidentified e-commerce store in France
  • Category: Initial Access
  • Content: The threat actor claims to be selling admin access to an unidentified e-commerce store in France, including a web shell and Adminer (database) access, and the ability to modify the iFrame credit-card payment integration.
  • Date: 2025-10-29T16:22:01Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/269201/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/b9c26d60-e84f-470d-a4c0-d127ea8e33b7.png
  • Threat Actors: black18
  • Victim Country: France
  • Victim Industry: E-commerce & Online Stores
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of Chinese car owners database
  1. Alleged unauthorized access to the customer database of HSBC USA
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to the customer database of HSBC USA. The compromised data includes names, addresses, Social Security numbers (SSN), dates of birth, phone numbers, email addresses, bank account details, and transaction histories.
  • Date: 2025-10-29T16:14:19Z
  • Network: telegram
  • Published URL: https://t.me/itrussia_ib/212
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/3a474d9d-9dcc-4d7d-b628-49b31766e3c0.png
  • Threat Actors: IT RUSSIA
  • Victim Country: USA
  • Victim Industry: Banking & Mortgage
  • Victim Organization: hsbc usa
  • Victim Site: Unknown
  1. Ritz Clark & Ben-Asher LLP falls victim to akira ransomware
  1. BELL Engineering, Inc. falls victim to akira ransomware
  1. Alleged sale of Vietnam citizen database
  1. Alleged leak of Chinese airlines database
  1. Price & Ramey Insurance falls victim to Qilin ransomware
  1. Southern Specialty & Supply, Inc. falls victim to Qilin ransomware
  1. Alleged data breach of VirtusBet
  • Category: Data Breach
  • Content: The threat actor claims to be selling data from VirtusBet containing 1,280,787 records of Brazilian users. The compromised data are ID,name,email, Created in, Country, Phone1, Phone2, CPF,Inviter, Mother’s Name”,”Date of Birth,”Display Name ,Withdrawal Balance, Bonus Balance etc.
  • Date: 2025-10-29T14:52:58Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/269189/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/585e5557-71e6-4d77-ae73-54aa349e28e8.JPG
  • Threat Actors: ronyking247
  • Victim Country: Brazil
  • Victim Industry: Gambling & Casinos
  • Victim Organization: virtusbet
  • Victim Site: virtusbet.bet
  1. Reese Group, Inc. falls victim to Qilin ransomware
  1. Wright-Gardner Insurance falls victim to Akira Ransomware
  1. Renaissance Network Reinvent falls victim to Qilin ransomware
  1. Truro Cannabis falls victim to Qilin ransomware
  1. A. Liss & Co Inc. falls victim to Qilin ransomware
  1. Echo Lake Foods falls victim to Qilin ransomware
  1. Chi Rho Chiropractic falls victim to Qilin Ransomware
  1. U.P. Engineers & Architects, Inc. falls victim to Qilin ransomware
  1. Alleged unauthorized access to Eco termica S.r.l.
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to heating equipment control system owned by Eco termica S.r.l. in Italy. The compromised access allegedly allows control over automated process control system, burner modes, pumps and emergency alarm system.
  • Date: 2025-10-29T13:20:37Z
  • Network: telegram
  • Published URL: (https://t.me/c/2787466017/55)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/f3149b19-75e5-4975-b2bc-8964f99ee75b.JPG
  • Threat Actors: РЕЗЕРВNNNM057(16)
  • Victim Country: Italy
  • Victim Industry: Wholesale
  • Victim Organization: eco termica s.r.l.
  • Victim Site: ecotermicasrl.com
  1. Alleged data breach of the Indonesian General Election
  1. Alleged data breach of Babu Banarasi Das University
  1. Z-BL4CX-H4T targets the website of Unique Trade Line
  1. Sadler, Gibb & Associates, LLC falls victim to Akira Ransomware
  1. Malibu Boats Australia falls victim to Qilin ransomware
  1. Enessance Holdings Co.,Ltd falls victim to Qilin ransomware
  1. Alleged sale of admin access to an unidentified private NAS server in USA
  1. KT ALTIMEDIA falls victim to Qilin ransomware
  1. Alleged data sale of Manage My Shoppe
  1. Alleged data sale of The Savvy Accountant
  1. Bridgehead IT, LLC. falls victim to Akira Ransomware
  1. Yateem Group falls victim to Black Nevas Ransomware
  1. Alleged unauthorized access to Ranieri Impiantistica srl
  1. G&H Distributing Inc. falls victim to Akira Ransomware
  1. Z-BL4CX-H4T targets the website of Ridhi Group
  1. Alleged unauthorized access to unidentified scada system in Italy
  1. Alleged data leak of Burundi Phone Number Data
  1. Chillicothe Metal Company falls victim to INTERLOCK Ransomware
  1. Pritchard Brown falls victim to INTERLOCK Ransomware
  1. Alleged leak of Burkina Faso Phone Number Data
  1. Alleged data leak of Cambodian phone numbers
  1. Alleged leak of Bulgaria Phone Number Data
  1. BEST LOG falls victim to NightSpire Ransomware
  1. Alleged leak of Brunei Phone Number Data
  1. Alleged unauthorized login access to Family Adoption Programme of Yenepoya University
  1. Alleged leak of S7comm Exploit Targeting Siemens PLCs
  • Category: Vulnerability
  • Content: Group claims to have leaked a functional exploit targeting Siemens S7-1200 and S7-1500 PLC controllers.The code allegedly sends a malicious S7comm command to stop the CPU, halting all connected industrial processes.Siemens has not yet confirmed any active exploitation related to the leak.
  • Date: 2025-10-29T04:36:09Z
  • Network: telegram
  • Published URL: (https://t.me/n2LP_wVf79c2YzM0/2162)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/04c2a043-811b-4027-b2d1-7fa332658400.png
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Federal Auto Holdings Berhad falls victim to Obscura Ransomware
  1. Alleged leak of restricted Northrop Grumman schematics
  1. Simon Property Group falls victim to MEDUSA Ransomware
  1. Alleged data breach of Ferrari S.p.A.
  1. Alleged sale of Windscribe Checker v1.0
  • Category: Malware
  • Content: Threat actor is offering Windscribe Checker v1.0 a fast, console-based proxy and account validator that processes bulk Windscribe VPN account data with multithreaded performance, integrated proxy handling, retry logic, real-time Good/Bad/Error reporting, ASCII-branded terminal UI, and exportable logs; classified as a credential-validation/checker utility optimized for speed and throughput but potentially usable for large-scale account-testing, proxy-backed validation, or other abusive automation.
  • Date: 2025-10-29T01:49:37Z
  • Network: openweb
  • Published URL: https://demonforums.net/Thread-Windscribe-Checker-by-Evil-Bane
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/eb2ed554-5696-4b18-acd4-673013816dcd.png
  • Threat Actors: Starip
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged leak of highly confidential military intelligence data from multiple countries
  1. Alleged sale of credit card data from US
  1. MasTec falls victim to CL0P Ransomware
  1. Spijkermat falls victim to Radiant Group Ransomware

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats.

Data breaches and leaks are prominent, affecting various sectors from education and gaming to healthcare and automotive, and impacting countries including Bangladesh, Mexico, Malaysia, India, Indonesia, France, Brazil, and Israel. The compromised data ranges from personal user information and credit card details to sensitive patient records, classified military components, and large customer databases.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to banking systems, corporate networks (including RDWeb access to Canadian and UK firms), and even government and military infrastructure like the Royal Thai Air Force and Madrid’s irrigation system. The sale of malware, including penetration testing tools and DDoS tools, further underscores the availability of offensive capabilities in the cyber underground.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts