[October-30-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged data breach of EchoBase Services

2. Alleged data breach of Nuovi Casino

3. Alleged data breach of Oses

4. BABAYO EROR SYSTEM targets the website of BPBJ Provinsi Lampung

5. Thompson Dorfman Sweatman LLP falls victim to Obscura Ransomware

6. Alleged sale of credit-card dataset

7. Alleged data sale of Albany Physical Therapy

8. Alleged sale of verified company phone-number list

9. Alleged sale of verified phone numbers of shopping-service consumers in the United States

10. Alleged sale of access to unidentified Insurance company based in France

11. Alleged sale of Verified Shopping Email List from public leaks

12. Alleged sale of Verified Crypto Email List from public leaks

13. Weber Water Resources falls victim to Metaencryptor Team ransomware

14. CMG Constructions Métalliques Grésillon falls victim to Sinobi ransomware

15. Ansell falls victim to CL0P Ransomware

16. Post Ranch Inn falls victim to Sinobi ransomware

17. Alleged Data Breach of SOAS University of London

18. Latcom falls victim to Black Nevas Ransomware

19. Alleged data sale of SOAS University of London

20. Disseny Dental falls victim to Qilin ransomware

21. FA Servers Inc. fallls victim to Qilin ransomware

22. CNLD Neuropsychology fallls victim to Qilin ransomware

23. Alleged data breach of TVRI JAWA TIMUR INDONESIA

24. Alleged Data Breach of deutsche welle

25. Anderson Moore Construction Corp. falls victim to Qilin ransomware

26. Alleged Data Breach of Envia Colombia

27. Saxun by Giménez Ganga falls victim to akira ransomware

28. Architectural Systems Inc. falls victim to akira ransomware

29. SYLHET GANG-SG claims to target the UAE

30. Alleged data sale of YAS Takaful

31. Buffalo Games falls victim to akira ransomware

32. Boilersource falls victim to akira ransomware

  • Category: Ransomware
  • Content: The group claims to have obtained the organization’s data. The compromised information reportedly includes Employees personal information such as addresses, phones, DOB, driver licenses, social security cards, credit cards insurance forms with personal information, accounting information, contracts and agreements, NDA etc.
  • Date: 2025-10-30T13:55:12Z
  • Network: tor
  • Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
  • Screenshots:
  • Threat Actors: akira
  • Victim Country: USA
  • Victim Industry: Electrical & Electronic Manufacturing
  • Victim Organization: meilner mechanical sales
  • Victim Site: boilersource.com

33. Sullivan Brothers Family of Companies falls victim to akira ransomware

  • Category: Ransomware
  • Content: The group claims to have obtained 40 GB of the organization’s data. The compromised information reportedly includes Employees personal information such as passports, addresses, phones, DOB, driver licenses, social security cards, w-9 forms, accounting information, contracts and agreements, incidents and police reports and so on.
  • Date: 2025-10-30T13:39:20Z
  • Network: tor
  • Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
  • Screenshots:
  • Threat Actors: akira
  • Victim Country: USA
  • Victim Industry: Building and construction
  • Victim Organization: sullivan brothers family of companies
  • Victim Site: sullbros.com

34. Trojan 1337 targets the website of Mirzakhil High School and College

35. HMEI7 targets The Ribbon Artist

  • Category: Ransomware
  • Content: The threat actor claims to have deployed ransomware against The Ribbon Artist and encrypted all of its files. NB: The authenticity of the claim is yet to be verified.
  • Date: 2025-10-30T13:12:47Z
  • Network: telegram
  • Published URL: (https://t.me/c/2412030007/1826)
  • Screenshots:
  • Threat Actors: HMEI7
  • Victim Country: India
  • Victim Industry: Retail Industry
  • Victim Organization: the ribbon artist
  • Victim Site: ribbonartist.erainfoservices.in

36. HEB Advisors falls victim to akira ransomware

37. Alleged data breach of MAYA Technologies Ltd.

  • Category: Data Breach
  • Content: The group claims to have breached MAYA Technologies Ltd. The compromised data reportedly includes phone conversations, meetings, and, every rocket, plane, vehicle, and system designed., also they claims that they breached 10TB data from 17 institutions and companies that directly and indirectly serve the Israel defense and military industries, personal data, administrative and technical documents, audio calls, and video recordings. NB: The authenticity of the claim is yet to be verified
  • Date: 2025-10-30T12:47:19Z
  • Network: telegram
  • Published URL: (https://t.me/CyberToufan08/371)
  • Screenshots:
  • Threat Actors: CyberToufan
  • Victim Country: Israel
  • Victim Industry: Machinery Manufacturing
  • Victim Organization: maya technologies ltd.
  • Victim Site: maya-il.com

38. Alleged Sale of Unauthorized FTP Access to a U.S. Corporation

  • Category: Initial Access
  • Content: The threat actor claims to be selling admin-level FTP access belonging to an unidentified corporation based in the United States. The organization reportedly operates in the corporate sector with an estimated revenue of $4.6 billion. The listing indicates that the access includes over 10,000 files totaling more than 5 TB of data.
  • Date: 2025-10-30T12:44:05Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-FTP-ACCESS-4-6B-CORP)
  • Screenshots:
  • Threat Actors: Dark_Alpha
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

39. Alleged data breach of metstroysetka

40. Apache OpenOffice falls victim to akira ransomware

41. Econo-Pak falls victim to akira ransomware

42. Alleged unauthorized access to Energy Installation Control System in Italy

  • Category: Initial Access
  • Content: The group claims to have gained full administrative access to an energy installation control system in Italy, which reportedly controls PID controllers, emergency alerts, temperature/pressure/power parameters, valves, pumps, switches, generator settings, and the accident/failure logging systems.
  • Date: 2025-10-30T11:41:26Z
  • Network: telegram
  • Published URL: (https://t.me/c/2787466017/74)
  • Screenshots:
  • Threat Actors: NoName057(16)
  • Victim Country: Italy
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

43. Gerson falls victim to akira ransomware

44. RPI Roofing falls victim to akira ransomware

45. Askul falls victim to RansomHouse Ransomware

46. HEZI RASH targets the website of Poland

47. Alleged sale of unauthorized access to an unidentified organization in Spain

48. HEZI RASH targets the website of TimRadio

49. Alleged data sale of Pruksa Family Club

50. Alleged data leak of Institute of Quality Technical Safety Management

  • Category: Data Breach
  • Content: The threat actor claims to be leaked data from Institute of Quality Technical Safety Management. The compromised data includes email addresses, full names, phone numbers, register IDs, and course name.
  • Date: 2025-10-30T08:13:05Z
  • Network: telegram
  • Published URL: (https://t.me/c/2758066065/124)
  • Screenshots:
  • Threat Actors: HellR00ters Team
  • Victim Country: India
  • Victim Industry: Education
  • Victim Organization: institute of quality technical safety management
  • Victim Site: iqtsindia.com

51. Alleged unauthorized access to Aeronautical Radio of Thailand Ltd

52. Alleged data leak of CSN Financial Cooperative

53. Alleged unauthorized access to unidentified Australia and U.S. based Water Distribution Control System

54. Alleged data breach of Privatization Holding Company

  • Category: Data Breach
  • Content: A threat actor has claims to have leaked data from Privatization Holding Company, a Jordanian company in the energy and utilities sector. The compromised data includes portion of the company’s source code which may include internal software files, system structures, and proprietary scripts used in Privatization Holding Company operations and made available for download.
  • Date: 2025-10-30T04:06:38Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Source-Code-PHC-com-jo-Data-Breach-Leaked-Download)
  • Screenshots:
  • Threat Actors: 888
  • Victim Country: Jordan
  • Victim Industry: Manufacturing
  • Victim Organization: privatization holding company
  • Victim Site: phc.com.jo

55. Alleged data breach of SkoolBeep

56. Alleged data leak of 1,050 US CVV2 card records

57. ApleNet Co., Ltd falls victim to BlackShrantac Ransomware

58. Evolve Mortgage Services, LLC falls victim to INC RANSOM Ransomware

60. National Coatings, Inc. falls victim to LYNX Ransomware

61. alleged data breach of FBI

The incidents from the provided data indicate a highly active and diversified cyber threat landscape across numerous global sectors. Data Breach remains the most prevalent attack category, with threat actors frequently offering for sale or leaking personally identifiable information (PII), including emails, phone numbers, addresses, and in some cases, highly sensitive financial or medical records. Notable victims of data compromises include organizations in IT Services (EchoBase Services, ApleNet Co.) , Financial Services (Evolve Mortgage Services, CSN Financial Cooperative) , Education (SOAS University of London, SkoolBeep) , and Government entities (Federal Bureau of Investigation-FBI). The volume of data being monetized is significant, including the alleged sale of over 7 million crypto-related emails and 3.2 million company phone numbers in the USA, illustrating a booming underground market for mass consumer and business data.

The threat from Ransomware is also extensive, impacting critical infrastructure and major organizations across multiple countries, with the Akira ransomware group being particularly prolific, listing 14 victims in this batch alone. Industries heavily targeted by ransomware and extortion are Building and Construction and Manufacturing. Beyond data theft and encryption, the trade in Initial Access continues, with offerings for unauthorized RCE access to a French insurance company and administrative access to a water distribution control system affecting both the US and Australia. This combination of mass data leakage, aggressive ransomware deployment, and targeted initial access sales highlights the need for robust defensive measures focused on data classification, network segmentation, and strong access controls across all sectors.

Related Posts