This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
1. Alleged data leak of an unidentified logistics company
- Category: Data Breach
- Content: Threat actor claims to be leaked data from an unidentified logistic company.
- Date: 2025-12-12T23:59:09Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271964/
- Screenshots:
- Threat Actors: remotedesktop
- Victim Country: Unknown
- Victim Industry: Transportation & Logistics
- Victim Organization: Unknown
- Victim Site: Unknown
2. STARTEK Engineering Inc. falls victim to Obscura Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 0.30 GB of the organization’s data and intends to publish it within 17 to 18days
- Date: 2025-12-12T23:50:37Z
- Network: tor
- Published URL: http://obscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onion/leaks/14
- Screenshots:
- Threat Actors: Obscura
- Victim Country: Taiwan
- Victim Industry: Management Consulting
- Victim Organization: startek engineering inc.
- Victim Site: startek-eng.com
3. Alleged data breach of Mossad
- Category: Data Breach
- Content: The group claims to have leaked the data of Mossad.
- Date: 2025-12-12T23:49:24Z
- Network: telegram
- Published URL: https://t.me/c/3470684086/83
- Screenshots:
- Threat Actors: RED EYES
- Victim Country: Israel
- Victim Industry: Government Administration
- Victim Organization: mossad
- Victim Site: mossad.gov.il
4. StanleyCo Corporate Services Sdn Bhd falls victim to Obscura Ransomware
- Category: Ransomware
- Content: The group claims to have obtained 300 GB of the organization’s data and intends to publish it within 18 to 19 days.
- Date: 2025-12-12T23:14:45Z
- Network: tor
- Published URL: http://obscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onion/leaks/14
- Screenshots:
- Threat Actors: Obscura
- Victim Country: Malaysia
- Victim Industry: Accounting
- Victim Organization: stanleyco corporate services sdn bhd
- Victim Site: stanleyco.com.my
5. Alleged unauthorized access to unidentified industrial control systems in the USA
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to unidentified Industrial Control Systems such as Chemical Control System, Tank Monitoring System, Pressure Control System, Speed and Rotation Control System, Alarm and Status System, Menu and Settings System, Text Input and Command System, Navigation and Movement System and Results and Indicator Display System.
- Date: 2025-12-12T23:08:54Z
- Network: telegram
- Published URL: https://t.me/n2LP_wVf79c2YzM0/2846
- Screenshots:
- Threat Actors: Infrastructure Destruction Squad
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
6. Alleged leak of login access to DigitalOcean, LLC
- Category: Initial Access
- Content: Group claims to have leaked admin login credentials belonging to DigitalOcean, LLC.
- Date: 2025-12-12T23:08:10Z
- Network: telegram
- Published URL: https://t.me/ZirconGroupPublic/642
- Screenshots:
- Threat Actors: Zircon Group
- Victim Country: USA
- Victim Industry: Information Technology (IT) Services
- Victim Organization: digitalocean, llc
- Victim Site: digitalocean.com
7. Alleged sale of unauthorized remote code execution (RCE) and shell access to Canada Revenue Agency (CRA)
- Category: Initial Access
- Content: Threat actor claims to be selling unauthorized remote code execution (RCE) and shell access to Canada Revenue Agency (CRA).
- Date: 2025-12-12T22:59:27Z
- Network: openweb
- Published URL: https://darkforums.hn/Thread-Selling-Access-Canadian-Government-Revenue-Recovery-Management-SaaS-RCE-Shell
- Screenshots:
- Threat Actors: miyako
- Victim Country: Canada
- Victim Industry: Government Administration
- Victim Organization: canada revenue agency (cra)
- Victim Site: canada.ca
8. LulzSec Hackers claims to target NMS Infrastructure Limited
- Category: Cyber Attack
- Content: A recent post by the group claims that they plan to launch a cyberattack targeting NMS infrastructure Limited
- Date: 2025-12-12T21:55:07Z
- Network: telegram
- Published URL: https://t.me/LulzSecHackers/110
- Screenshots:
- Threat Actors: LulzSec Hackers
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
9. Alleged leak of login credentials to Uniseven Engineering & Infrastructure Pvt. Ltd.
- Category: Initial Access
- Content: The group claims to have leaked WordPress login credentials for Uniseven Engineering & Infrastructure Pvt. Ltd.
- Date: 2025-12-12T21:45:57Z
- Network: telegram
- Published URL: https://t.me/crewcyber/367
- Screenshots:
- Threat Actors: 404 CREW CYBER TEAM
- Victim Country: India
- Victim Industry: Mining/Metals
- Victim Organization: uniseven engineering & infrastructure pvt. ltd.
- Victim Site: uniseven.in
10. HKR Architects falls victim to DragonForce Ransomware
- Category: Ransomware
- Content: Group claims to have access to 134.05 GB of organization data and to publish it within the next 3–4 days.
- Date: 2025-12-12T21:31:57Z
- Network: tor
- Published URL: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog
- Screenshots:
- Threat Actors: DragonForce
- Victim Country: UK
- Victim Industry: Architecture & Planning
- Victim Organization: hkr architects
- Victim Site: hkrarchitects.com
11. Alleged data leak of Datappl.com
- Category: Data Breach
- Content: The group claims to have leaked database allegedly belonging to Datappl.com, a knowledge and study center specializing in data analysis and training for data analysts and data scientists.
- Date: 2025-12-12T21:26:34Z
- Network: telegram
- Published URL: https://t.me/AnonGhostIDN/17
- Screenshots:
- Threat Actors: AnonGhost Indonesian
- Victim Country: Israel
- Victim Industry: Information Technology (IT) Services
- Victim Organization: datappl.com
- Victim Site: datappl.com
12. Alleged Sale of Unauthorized PMA and Admin Access to an unidentified organization
- Category: Initial Access
- Content: A threat actor claims to be selling a listing offering PMA and Admin Access to a website with a reported GEO distribution of France, Italy, and Canada.
- Date: 2025-12-12T20:46:51Z
- Network: tor
- Published URL: https://exploitivzcm5dawzhe6c32bbylyggbjvh5dyvsvb5lkuz5ptmunkmqd.onion/topic/271942/
- Screenshots:
- Threat Actors: bobby_killa
- Victim Country: France
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
13. LunarisSec claims exploitation of RCE Vulnerabilities across thousands of targets
- Category: Vulnerability
- Content: The group claims to have exploited and gained data over thousands of websites and systems vulnerable to Remote Code Execution (RCE).
- Date: 2025-12-12T20:10:44Z
- Network: telegram
- Published URL: https://t.me/lunarisS3C/76
- Screenshots:
- Threat Actors: LunarisSec
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
14. Alleged Data Leak of Multi-Platform User Email List
- Category: Data Breach
- Content: A threat actor claims to have leaked 218,000 email addresses allegedly taken from Axiom.trade, Padre.gg, Pump.fun, and Gmgn.ai.
- Date: 2025-12-12T19:51:06Z
- Network: openweb
- Published URL: https://darkforums.hn/Thread-Selling-CRYPTO-Solana-Trenches-User-Emails-%E2%80%93-axiom-trade-padre-gg-pump-fun-gmgn-ai
- Screenshots:
- Threat Actors: opsivian
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
15. Alleged leak of web shell access to the E‑Journal Portal of Universitas Pakuan (UNPAK)
- Category: Initial Access
- Content: The group claims to have leaked unauthorized web shell access to E‑Journal Portal of Universitas Pakuan (UNPAK).
- Date: 2025-12-12T19:50:32Z
- Network: telegram
- Published URL: https://t.me/c/3321178780/162
- Screenshots:
- Threat Actors: BROTHERHOOD CAPUNG INDONESIA
- Victim Country: Indonesia
- Victim Industry: Education
- Victim Organization: universitas pakuan (unpak)
- Victim Site: journal.unpak.ac.id
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and ransomware are prominent, affecting various sectors from government and logistics to education and IT services, and impacting countries including the USA, Canada, Israel, India, Taiwan, Malaysia, and Indonesia.
The compromised data ranges from personal user information and customer databases to sensitive government documents and industrial control system access. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to corporate networks, government revenue agencies, and industrial infrastructure.
The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence.