This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
1. Cinema Concepts Studios falls victim to Sinobi Ransomware
- Category: Ransomware
- Content: The group claims to have obtained organization’s data.
- Date: 2025-12-16T23:54:47Z
- Network: tor
- Published URL: http://sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onion/leaks/6941ce0b88b6823fa2b57c2b
- Screenshots:
- Threat Actors: Sinobi
- Victim Country: USA
- Victim Industry: Entertainment & Movie Production
- Victim Organization: cinema concepts studios
- Victim Site: cinemaconceptsstudios.com
2. Alleged Data Breach of Social Health Security
- Category: Data Breach
- Content: The group claims to have breached the data from Social Health Security
- Date: 2025-12-16T23:43:54Z
- Network: telegram
- Published URL: https://t.me/crewcyber/383
- Screenshots:
- Threat Actors: 404 CREW CYBER TEAM
- Victim Country: Nepal
- Victim Industry: Government Administration
- Victim Organization: social health security
- Victim Site: bipannapis.hib.gov.np
3. Mercury Wire Products falls victim to Sinobi Ransomware
- Category: Ransomware
- Content: The group claims to have obtained organization’s data.
- Date: 2025-12-16T23:40:56Z
- Network: tor
- Published URL: http://sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onion/leaks/6941cd8788b6823fa2b57a05
- Screenshots:
- Threat Actors: Sinobi
- Victim Country: USA
- Victim Industry: Electrical & Electronic Manufacturing
- Victim Organization: mercury wire products
- Victim Site: mercurywire.com
4. TACK Electronics falls victim to Sinobi Ransomware
- Category: Ransomware
- Content: The group claims to have obtained organization’s data.
- Date: 2025-12-16T23:30:15Z
- Network: tor
- Published URL: http://sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onion/leaks/6941cce288b6823fa2b5731f
- Screenshots:
- Threat Actors: Sinobi
- Victim Country: USA
- Victim Industry: Electrical & Electronic Manufacturing
- Victim Organization: tack electronics
- Victim Site: tackelectronics.com
5. ELC Electroconsult SpA falls victim to Everest Ransomware
- Category: Ransomware
- Content: The group claims to have obtained more than 90GB of organization’s internal data.
- Date: 2025-12-16T23:22:53Z
- Network: tor
- Published URL: http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/news/ELC_Electroconsult_SpA/
- Screenshots:
- Threat Actors: Everest
- Victim Country: Italy
- Victim Industry: Civil Engineering
- Victim Organization: elc electroconsult spa
- Victim Site: elc-electroconsult.com
6. Alleged unauthorized access to an unknown cogeneration plant systems in Italy
- Category: Initial Access
- Content: The group claims to have gained full control of the thermal management system of an unidentified cogeneration plant in Italy. According to the post, the actor alleges access to pumps, valves, fans, and protective mechanisms, with the ability to manipulate engine and heat exchange temperatures and override PID controllers.
- Date: 2025-12-16T22:55:51Z
- Network: telegram
- Published URL: https://t.me/zpentestalliance/858
- Screenshots:
- Threat Actors: Z-PENTEST ALLIANCE
- Victim Country: Italy
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
7. 404 CREW CYBER TEAM targets the website of Cotrading Co. Ltd
- Category: Defacement
- Content: The group claims to have defaced the website of Cotrading Co. Ltd
- Date: 2025-12-16T22:51:09Z
- Network: telegram
- Published URL: https://t.me/crewcyber/384
- Screenshots:
- Threat Actors: 404 CREW CYBER TEAM
- Victim Country: Thailand
- Victim Industry: Food Production
- Victim Organization: cotrading co. ltd
- Victim Site: cotrading.co.th
8. Autohaus Willy Ernst GmbH falls victim to SAFEPAY Ransomware
- Category: Ransomware
- Content: The group claims to obtained the organization’s data and they intend to publish it within 2-3 days.
- Date: 2025-12-16T22:28:47Z
- Network: tor
- Published URL: http://safepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onion/blog/post/ernst-autode/
- Screenshots:
- Threat Actors: SAFEPAY
- Victim Country: Germany
- Victim Industry: Automotive
- Victim Organization: autohaus willy ernst gmbh
- Victim Site: ernst-auto.de
9. Fatimion cyber team targets Ministry of Interior in Kuwait
- Category: Alert
- Content: A recent post by the group indicates that they conducted a prolonged operation against the Ministry of Interior in Kuwait, maintaining access for several months without detection, and was able to monitor systems, spy on activity, and access government databases and documents.
- Date: 2025-12-16T22:22:28Z
- Network: telegram
- Published URL: https://t.me/hak994/4572
- Screenshots:
- Threat Actors: Fatimion cyber team
- Victim Country: Kuwait
- Victim Industry: Government Administration
- Victim Organization: ministry of interior
- Victim Site: moi.gov.kw
10. 404 CREW CYBER TEAM targets the website of Pokhara University School of Business
- Category: Defacement
- Content: The group claims to have defaced the website of Pokhara University School of Business.
- Date: 2025-12-16T22:19:45Z
- Network: telegram
- Published URL: https://t.me/crewcyber/378
- Screenshots:
- Threat Actors: 404 CREW CYBER TEAM
- Victim Country: Nepal
- Victim Industry: Higher Education/Acadamia
- Victim Organization: pokhara university school of business
- Victim Site: sob.pu.edu.np
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Ransomware attacks and defacements are prominent, affecting various sectors from government administration and entertainment to electrical manufacturing and education. The events impacted countries including the USA, Nepal, Italy, Thailand, Germany, and Kuwait. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures to defend against both targeted and opportunistic attacks.