[August-6-2025] Daily Cybersecurity Threat Report

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged data leak of UPT SMP NEGERI 18 GRESIK

Category: Data Breach
Content: The threat actor claims to have accessed and leaked web assets and documents related to the Indonesian government school subdomain uptsmpn18gresik.sch.id, which belongs to SMP Negeri 18 Gresik. The sample lists multiple URLs referencing cached JavaScript and CSS files, plugin assets from Elementor, and numerous images stored on the school’s WordPress server.
Date: 2025-08-06T00:19:43Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Document-WHOIS-SUB-DOMAIN-UPT-SMPN18-GRESIK-BY-OHKA21)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/43ab30fa-2601-4397-8a91-42c9ba711f38.png
Threat Actors: OHKA21
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: upt smp negeri 18 gresik
Victim Site: uptsmpn18gresik.sch.id

2. Alleged sale of gmail accounts Israel

Category: Data Leak
Content: The threat actor claims to be selling a massive Israeli Gmail data leak containing thousands of accounts. The leaked data reportedly includes full names, ages, dates of birth, phone numbers, and areas of residence linked to the Gmail accounts.
Date: 2025-08-06T00:10:35Z
Network: openweb
Published URL: (https://darkforums.st/Thread-%F0%9F%9A%A8-Massive-Israeli-Gmail-Leak-%F0%9F%93%A7%F0%9F%94%93-Names-Ages-Numbers-More-for-Sale-%E2%80%93-Only-25)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/2ab657d4-f10d-42f2-946c-2ad2757c307c.png
Threat Actors: Hider__Nex
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

3. Alleged data breach of the institute of chartered accountants of india

Category: Data Breach
Content: Threat actors claim to have leaked data from the Institute of Chartered Accountants of India (ICAI).
Date: 2025-08-06T00:37:51Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-Fresh-Leak-cacloud-ca-in)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/93400f81-576e-400b-9a71-37e9c364f7b8.png
Threat Actors: Explorers
Victim Country: India
Victim Industry: Education
Victim Organization: the institute of chartered accountants of india
Victim Site: cacloud.ca.in

4. Alleged data breach of Catanduanes State University

Category: Data Breach
Content: The threat actor claims to have leaked data from Catanduanes State University (catsu.edu.ph), exposing approximately 27,000 records. The compromised dataset reportedly includes usernames, email addresses, plaintext passwords, full names, phone numbers, and gender information.
Date: 2025-08-06T02:10:55Z
Network: openweb
Published URL: (https://darkforums.st/Thread-catsu-edu-ph)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/d6c039f9-0e54-44c4-9d46-10dbac67f3a3.png
Threat Actors: kanie2903
Victim Country: Philippines
Victim Industry: Education
Victim Organization: catanduanes state university
Victim Site: catsu.edu.ph

5. Alleged data breach of Cineverse Media

Category: Data Breach
Content: The threat actor claims to have leaked the Cineverse Media company database. The leaked data reportedly includes over 10,000 user records, containing sensitive information such as usernames, emails, hashed passwords, and other account details.
Date: 2025-08-06T02:11:14Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-cineverse-id-Data-Leaked-Download)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/6a2e830d-4464-450a-9b32-bc88f310cb4b.png https://d34iuop8pidsy8.cloudfront.net/747a2de9-af05-4799-97e3-9a2dc8105c2d.png
Threat Actors: N1KA
Victim Country: Indonesia
Victim Industry: Media Production
Victim Organization: cineverse media
Victim Site: cineverse.id

6. Alleged data leak of WhatsApp data from various countries

Category: Data Leak
Content: The threat actor claims to have leaked WhatsApp user data from multiple countries, including India, Iran, Russia, and Israel. The leaked data reportedly contains personal information such as names, mobile numbers, emails, and account activity details.
Date: 2025-08-06T02:16:19Z
Network: openweb
Published URL: (https://darkforums.st/Thread-WhatsApp-data-from-various-countries-India-Iran-Russia-Israel-and-others)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/659880cb-5708-4a93-afa7-cb786181016e.png
Threat Actors: DigitalGhostt
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

7. Alleged data leak of Fresh US Credit Card Records

Category: Data Leak
Content: The threat actor claims to have leaked 250 fresh US credit card records allegedly sourced from spam campaigns.
Date: 2025-08-06T04:29:35Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/263771/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/24a03212-8bfd-4dd6-a805-62fb555f31e3.png
Threat Actors: CreditCard
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

8. Alleged data leak of Trade French Database

Category: Data Leak
Content: The threat actor claims to have leaked a trading database, allegedly containing sensitive French data.
Date: 2025-08-06T04:54:17Z
Network: openweb
Published URL: (https://leakbase.la/threads/trading-database.41196/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/4315305e-b584-4ae4-8fbe-3aa5649d1174.png
Threat Actors: npm1337
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

9. Alleged Data Breach of Public Services Portal of the Russian Federation

Category: Data Breach
Content: A threat actor claims to be selling a database allegedly stolen from Gosuslugi [2023–2024], the Russian government’s main public services portal. The actor states that the compromised data contains records for approximately 210 million individuals. The exposed information reportedly includes ID numbers, full names, phone numbers, dates of birth, email addresses, SNILS numbers, passport details, residential addresses, and other personally identifiable information (PII).
Date: 2025-08-06T05:14:20Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-DATABASE-GOSUSLUGI-2023-2024-210M)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/c1cd1c7d-5868-4bb7-9909-0afa74352dc4.png
Threat Actors: N0v90rad
Victim Country: Russia
Victim Industry: Government Administration
Victim Organization: public services portal of the russian federation
Victim Site: gosuslugi.ru

10. Alleged data breach of HO CHI MINH CITY UNIVERSITY OF ARCHITECTURE

Category: Data Breach
Content: The threat actor claims to have leaked database from University of Architecture Ho Chi Minh City (uah.edu.vn), claiming to have exposed detailed personal and academic records of students. The dataset includes student IDs, usernames, plaintext passwords, full names, email addresses, phone numbers, birthdates, gender, ethnic and religion data, academic details, study status, parental information, and photos. The leak reportedly contains extensive and structured information about students’ identities, contact details, and educational backgrounds.
Date: 2025-08-06T05:25:43Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-Website-uah-edu-vn)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/24be3e39-d93a-47ff-8f64-97187f829aa4.png
Threat Actors: Ls1jWohGKtwY0iZ2yU
Victim Country: Vietnam
Victim Industry: Education
Victim Organization: ho chi minh city university of architecture
Victim Site: uah.edu.vn

11. Alleged data leak of France Dataset

Category: Data Leak
Content: The threat actor claims to have leaked a French dataset containing user information, including emails, passwords, IP addresses, and other personal details.
Date: 2025-08-06T06:17:41Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-France-Dataset)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/ca48be37-623d-4906-8dfa-8a4ace964739.png
Threat Actors: Loser
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

12. Alleged Unauthorized Access to the Control System of an Indoor Swimming Pool

Category: Initial Access
Content: The group claims to have gained unauthorized access to the control system of the largest indoor swimming pool in Warsaw, enabling them to manipulate chemical dosing, control equipment operation, adjust water parameters, and alter system logs.
Date: 2025-08-06T06:27:39Z
Network: telegram
Published URL: (https://t.me/Z_alliance_ru/782)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/60b06dd8-db0e-46ec-8ded-ab4f8ffa2455.png https://d34iuop8pidsy8.cloudfront.net/d5952dbf-3c6a-4b00-ae01-5eb52f2b1546.png https://d34iuop8pidsy8.cloudfront.net/1e536ebb-cdca-4f1b-a40c-a9ae97a3bd82.png
Threat Actors: Z-ALLIANCE
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

13. Alleged data leak of French corporate data

Category: Data Leak
Content: A threat actor claims to have leaked a French dataset containing user information, including emails, passwords, IP addresses, passport copies, driver’s licenses, ID cards, and other personal details.
Date: 2025-08-06T06:38:26Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-French-corporate-data)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/7d9d7098-c76f-4e16-8e12-9f9c0b4000d3.png
Threat Actors: huerofack
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

14. Alleged leak of 1.2 million mixed email-password credentials

Category: Combo List
Content: A threat actor claims to have leaked a database containing 1.2 million (1.2KK) email and password combinations on a dark web forum.
Date: 2025-08-06T07:05:26Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/263772/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/9427a068-bfda-4c3d-b619-a4d47680d72e.png
Threat Actors: STRADU
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

15. Alleged Data Leak of Vietnamese Officials

Category: Data Leak
Content: The threat actor claims to be selling a database allegedly containing records of Vietnamese officials in 2025. The exposed data includes 9.1 million entries featuring full names, ID numbers, dates of birth, phone numbers, addresses, official titles, affiliated government departments and detailed information of officials from Vĩnh Phúc Province, including vice chairpersons, office heads, and civil servants from various People’s Committees (UBND).
Date: 2025-08-06T07:29:19Z
Network: openweb
Published URL: (https://leakbase.la/threads/vietnamese-officials-2025.41198)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/7514d6fb-313a-4570-80b0-c9ae93888cd6.PNG https://d34iuop8pidsy8.cloudfront.net/b857e13f-e6ba-4006-a31f-37cf56900a6c.PNG
Threat Actors: show_more
Victim Country: Vietnam
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown

16. Alleged data leak of MGES- Migration governance Eco-System

Category: Data Breach
Content: The threat actor claims to have breached the Migration Governance Eco-System (MGES) platform. The exposed dataset includes full names, passport numbers, issuing agencies, passport expiry dates, phone numbers, and medical/training status information.
Date: 2025-08-06T07:32:00Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-mges-global-canditate-list-fresh-leak-breach)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/3f5c7933-c308-40b0-aacd-adc7a578d446.png https://d34iuop8pidsy8.cloudfront.net/1a038fcb-f2e5-4450-b2cf-ede4381bfec7.png
Threat Actors: Explorers
Victim Country: Bangladesh
Victim Industry: Government & Public Sector
Victim Organization: mges- migration governance eco-system
Victim Site: mges.global

17. Alleged data sale of PT Solusi Energy Nusantara (SENA)

Category: Data Breach
Content: The threat actor claims to be selling data from PT Solusi Energy Nusantara (SENA), exposing sensitive recruitment-related information, personal documents, and records from the company’s Human Resource Information System (HRIS).
Date: 2025-08-06T08:52:01Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-INDONESIAN-PT-Solusi-Energy-Nusantara-SENA)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/80f6e546-6617-461b-8fcd-8d7dfd58554c.png https://d34iuop8pidsy8.cloudfront.net/8d71b0d2-3157-454e-b502-1522dc45ba6c.png
Threat Actors: ParanoidHax
Victim Country: Indonesia
Victim Industry: Oil & Gas
Victim Organization: pt solusi energy nusantara (sena)
Victim Site: pt-sena.co.id

18. Alleged data breach of Amazing Enterprises

Category: Data Breach
Content: The threat actor claims to have breached Amazing Enterprises. The exposed database includes ID, name, state ID, customer ID, address, phone number, and more.
Date: 2025-08-06T08:53:40Z
Network: openweb
Published URL: (http://darkforums.st/Thread-DATABASE-Aeimpex-India-aeimpex-in-Leaked-Download)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/1a8876d4-aec1-4126-92d5-e9a684cf5ce7.png https://d34iuop8pidsy8.cloudfront.net/fa20e08a-b745-4873-82f8-494018d6e7d6.png
Threat Actors: N1KA
Victim Country: India
Victim Industry: Manufacturing & Industrial Products
Victim Organization: amazing enterprises
Victim Site: aeimpex.in

19. Alleged data leak of FBI

Category: Data Leak
Content: The threat actor claims to have leaked an FBI database, allegedly reported on July 7, 2016. The reported database contains investigative emails.
Date: 2025-08-06T08:53:47Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-FBI)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/aa8302e8-2f0f-43ea-9dc7-7610bc2a2b60.png https://d34iuop8pidsy8.cloudfront.net/2a229a4a-1f89-445c-82be-1f2e776baff1.png
Threat Actors: YANZXPLOIT
Victim Country: Unknown
Victim Industry: Law Enforcement
Victim Organization: Unknown
Victim Site: Unknown

20. Alleged data leak of Singkawang, Indonesia

Category: Data Leak
Content: The threat actor claims to have leaked a massive dataset containing 18.502 million resident records from Singkawang, Indonesia, covering the West, East, North, and Central regions. The compromised data includes sensitive personal information such as NIK (National Identification Number), full name, address, gender, home ownership status, marital status, occupation, education level, and additional notes.
Date: 2025-08-06T09:09:16Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-DATABASE-SINGKAWANG-RESIDENT-DATA-18-502-MILLION)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/4aac540a-8ed9-4cd0-a038-ed0c23a7bafe.png
Threat Actors: BabayoSysteam
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

21. Alleged data breach of SFT – Société Française des Télécoms

Category: Data Breach
Content: The group claims to have breached Société Française des Télécoms (SFT), gaining access to over 1,500 client servers. They allege that client data was deleted, leaving behind only a warning file. The attackers further claim to have intercepted and disabled Wi-Fi modems, routers, and managed network equipment across the system.
Date: 2025-08-06T09:17:29Z
Network: telegram
Published URL: (https://t.me/WeAreKillnet_Channel/251)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/60046761-ab37-44ee-8a01-a6a4ddfaab49.JPG https://d34iuop8pidsy8.cloudfront.net/e188c349-a6ba-4e4b-ba08-6becf0f2b6f7.JPG
Threat Actors: WE ARE KILLNET
Victim Country: France
Victim Industry: Network & Telecommunications
Victim Organization: sft – société française des télécoms
Victim Site: sftidf.fr

22. Alleged sale of WhatsApp and Telegram takeover exploit

Category: Malware
Content: The threat actor claims to be selling an exploit capable of triggering account takeovers on platforms such as WhatsApp and Telegram with just 1–2 user interactions. The exploit can be delivered through various channels, including browsers, SMS, and QR code scans.
Date: 2025-08-06T09:25:36Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-exploit-for-1-2-click-whatsapp-telegram-account-takeover)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/59a8139a-2d1f-4d15-9082-b233ed6c4367.png
Threat Actors: catana
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

23. Alleged data leak of driver’s licenses, passports, and identity documents

Category: Data Leak
Content: The threat actor claims to have leaked driver’s licenses, passports, and identity documents.
Date: 2025-08-06T09:26:37Z
Network: openweb
Published URL: (https://darkforums.st/Thread-%F0%9F%87%BA%F0%9F%87%B8%F0%9F%87%B3%F0%9F%87%B1-Driver-License-Passports-Identity-%F0%9F%91%80%F0%9F%94%A5)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/a7cde6f7-cfd6-4db2-b7e9-ebbac93d579b.png
Threat Actors: LEAKX1
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

24. Alleged data breach of NewEraCom

Category: Data Breach
Content: The threat actor claims to have leaked the SQL database of NewEraCom. The compromised data, allegedly dumped on June 30, 2023, includes over 476,000 records containing names, emails, CNSS numbers, salaries, phone numbers, CIN scans, user credentials, password reset tokens, and more.
Date: 2025-08-06T10:10:57Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-%F0%9F%87%B2%F0%9F%87%A6-Neweracom-ma-ERP-Breach-%E2%80%94-476K-HR-Clients-Projects-Salaries-CIN-Scans)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/8a41ee0b-66b4-4bf9-b02a-05f4e3a182dd.png
Threat Actors: Chucky_BF
Victim Country: Morocco
Victim Industry: Network & Telecommunications
Victim Organization: neweracom
Victim Site: neweracom.ma

25. Alleged data breach of Naver store

Category: Data Breach
Content: The threat actor claims to have leaked the SQL database of Naver Store. The compromised data, allegedly dumped on January 6, 2024, includes over 2.6 million records containing company names, phone numbers, full addresses, business categories, and more.
Date: 2025-08-06T10:10:59Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-Naver-com-Store-SQL-Breach-%E2%80%94-2-6M-B2C-Listings-Companies-Phones-Addresses)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/ec57e93e-2486-40d9-8a4a-41e5daf58274.png
Threat Actors: Chucky_BF
Victim Country: South Korea
Victim Industry: E-commerce & Online Stores
Victim Organization: naver corp
Victim Site: naver.com

26. Alleged data leak of UJ Group

Category: Data Breach
Content: The threat actor claims to have leaked a 200MB SQL database from UJ Group which includes detailed process records related to vehicle configurations and work specifications. Data fields include vehicle name, type, engine type, mounting details, refrigeration system info, paint specifications, labor costs, and timestamps for creation and modification.
Date: 2025-08-06T10:54:15Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DATABASE-UJ-group-truck-uj-com-Leaked-Download)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/da19db6f-4d03-4dd0-aa6f-53f2df3f3f56.png
Threat Actors: N1KA
Victim Country: Japan
Victim Industry: Transportation & Logistics
Victim Organization: uj group
Victim Site: truck-uj.com

27. Alleged data sale of Dolce & Gabbana

Category: Data Breach
Content: The threat actor claims to be selling a 69MB database of Dolce & Gabbana. The compromised data includes over 545,000 records containing names, emails, store and franchise details, phone numbers, CRM data, and more.
Date: 2025-08-06T10:59:31Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-%F0%9F%87%A7%F0%9F%87%B7-DolceGabbana-com-Brazil-Breach-%E2%80%94-545K-Customers-Franchise-Stores-Suppliers)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/52790c7f-fe01-4825-ade3-fe9074bb170b.png
Threat Actors: Chucky_BF
Victim Country: Brazil
Victim Industry: Retail Industry
Victim Organization: dolce & gabbana s.r.l
Victim Site: dolcegabbana.com

28. Alleged sale of X-Code BNC v1.0 – Binance phishing panel

Category: Malware
Content: The threat actor claims to be selling X-Code BNC v1.0 – Binance Live Panel, a phishing toolkit designed to impersonate Binance’s live interface with full-featured control over victims. The panel mimics the authentic Binance environment, including dark mode support, email/phone number login, and a Binance-like 2FA page. It offers real-time tracking of victim activity, including user page position, online/offline status, and notification features that integrate with Telegram.
Date: 2025-08-06T11:14:23Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-SELLING-Binance-Live-Panel-BNC-full-feature)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/f01eb7ea-b982-4e3a-8754-2f9cd4f0965b.png https://d34iuop8pidsy8.cloudfront.net/d7e13ecc-fb22-4b0c-84de-6a05a0ef0709.png
Threat Actors: HxGRD
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

29. Alleged sale of access to an unidentified School site

Category: Initial Access
Content: The threat actor claims to be selling unauthorized website access to an unidentified school site.
Date: 2025-08-06T11:27:58Z
Network: openweb
Published URL: (https://darkforums.st/Thread-School-Site-edu-ph)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/bd643a24-e252-44fe-ab6f-9ced54db8d1d.png
Threat Actors: lolp1x3l
Victim Country: Unknown
Victim Industry: Education
Victim Organization: Unknown
Victim Site: Unknown

30. Alleged data sale of Arzaan Online Shopping

Category: Data Breach
Content: The threat actor claims to be selling a database containing 149,217 records from Arzaan Online Shopping. The compromised data includes sensitive customer details such as email addresses, full names, mobile numbers, phone numbers, fax, city, ZIP code, state/province, and billing addresses, posing risks of identity theft, spam, and targeted fraud.
Date: 2025-08-06T11:29:54Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-SELLING-arzaan-pk-149K-users)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/f34d95ee-69a3-456f-9b83-c33cc6919786.png
Threat Actors: Wieko
Victim Country: Pakistan
Victim Industry: E-commerce & Online Stores
Victim Organization: arzaan online shopping
Victim Site: arzaan.pk

31. Alleged data sale of Casa Dorita

Category: Data Breach
Content: The threat actor is selling a full database allegedly extracted from Casa Dorita, a hotel in Italy, via unauthorized access in June 2025. The compromised data includes 2,300 high-quality scans and photographs of guest identity documents, all stored in JPG format.
Date: 2025-08-06T11:47:43Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-ITALY-Full-Database-of-Hotel-Casa-Dorita-Italy-%E2%80%93-Customers)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/9535b310-b0e3-4c29-b7c8-1bdc9a7542c5.png https://d34iuop8pidsy8.cloudfront.net/33125c4e-2e72-446f-a562-3226198c86b7.png
Threat Actors: mydocs
Victim Country: Italy
Victim Industry: Hospitality & Tourism
Victim Organization: casa dorita
Victim Site: casadorita.wbzak.net/it

32. Alleged VPN-RDP Access Sale to Unidentified Chilean Agricultural Organization

Category: Initial Access
Content: The threat actor claims to be selling VPN-RDP access to a Chile-based organization in the agriculture sector, with an alleged revenue of 17KK. The exposed access reportedly includes over 40 PCs running Kaspersky antivirus.
Date: 2025-08-06T11:59:55Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/263779/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/fd5cca21-3d96-4fbe-9524-8e29799f448f.PNG
Threat Actors: decide
Victim Country: Chile
Victim Industry: Agriculture & Farming
Victim Organization: Unknown
Victim Site: Unknown

33. Alleged Data Leak of U.S. Homeowners

Category: Data Leak
Content: The threat actor claims to be selling a database allegedly containing records of U.S. homeowners, dated around 2025. The dataset reportedly includes 281,000 lines in CSV format.
Date: 2025-08-06T12:07:59Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/263781/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/0cb17c61-6b4c-471c-b08f-97dc4da4ab50.PNG
Threat Actors: Eww
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

34. Alleged data sale of Hotel Ca’ dei Conti

Category: Data Breach
Content: The threat actor is reportedly selling a dataset containing 38,000 high-resolution scanned images of guest passports and national ID cards obtained from Hotel Ca’ dei Conti, a 4-star boutique hotel in Venice, Italy. The data was allegedly exfiltrated via unauthorized access in July 2025.
Date: 2025-08-06T12:10:06Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-ITALY-38-000-Scanned-IDs-Passports-Spain-France-Italy-Hotel-Ca%E2%80%99-dei-Conti)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/f3e490c3-af8d-468b-8993-53f7941b9b05.png https://d34iuop8pidsy8.cloudfront.net/ebce489e-aeca-4169-9b67-01c5ae0cfdbb.png https://d34iuop8pidsy8.cloudfront.net/2301fd01-29e1-424d-a045-00c15c0cd9e3.png
Threat Actors: mydocs
Victim Country: Italy
Victim Industry: Hospitality & Tourism
Victim Organization: hotel ca’ dei conti
Victim Site: cadeiconti.com

35. Alleged Leak of 15K Mixed Domains Mail Access

Category: Data Leak
Content: The threat actor claims to be offering access to a dataset containing 15,000 email credentials linked to mixed domains.
Date: 2025-08-06T12:17:00Z
Network: openweb
Published URL: (https://leakbase.la/threads/15k-mixed-domains-mail-access.41200/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/5ac963b1-5adf-4c20-8caf-a592b5236614.PNG
Threat Actors: cidiia
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

36. Alleged data leak of TASIKMALAYA

Category: Data Leak
Content: The threat actor claims to have leaked a TASIKMALAYA data. The reported data contains usernames, server names, passwords, and more.
Date: 2025-08-06T12:19:00Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Source-Code-TASIKMALAYA)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/f5f8a1b9-496e-4567-8c95-1db0a28610df.png https://d34iuop8pidsy8.cloudfront.net/2a8826eb-27de-4d5d-90f9-14551e2bede9.png
Threat Actors: YANZXPLOIT
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

37. Alleged Leak of GiveWP Donor Data

Category: Data Breach
Content: The threat actor claims to have leaked data allegedly obtained from GiveWP, a popular WordPress donation plugin. The exposed database reportedly includes 110,000 donor entries across 47 websites, containing names and email addresses.
Date: 2025-08-06T12:23:16Z
Network: openweb
Published URL: (https://leakbase.la/threads/givewp-donor-leak-47-sites-110k-entries-names-email.41202/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/f58e90ea-717b-4053-9267-d24dc44f0236.PNG
Threat Actors: Erase21
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: givewp
Victim Site: givewp.com

38. Alleged Sale of 2.1 Million Mixed Combolist Credentials

Category: Combo List
Content: The threat actor claims to be selling a combolist consisting of 2.1 million (2.1KK) email and password pairs.
Date: 2025-08-06T12:27:08Z
Network: openweb
Published URL: (https://leakbase.la/threads/2-1kk-mixed-combolist.41203/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/e1fd6709-5b7f-408a-9455-501ba5a94ab8.PNG
Threat Actors: Hromium
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

39. Alleged Sale of 10,997 Mixed Mail Access Credentials

Category: Combo List
Content: The threat actor claims to be offering 10,997 high-quality (HQ) mail access hits from mixed domains.
Date: 2025-08-06T12:30:29Z
Network: openweb
Published URL: (https://leakbase.la/threads/10-997-mixed-hq-mail-access-hits.41207/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/851b3101-5844-40a4-8143-85bcea227c2d.PNG
Threat Actors: cidiia
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

40. Alleged sale of full access of CorreosChile systems

Category: Initial Access
Content: The threat actor claims to be selling full access of CorreosChile systems.
Date: 2025-08-06T13:16:57Z
Network: openweb
Published URL: (https://darkforums.st/Thread-SELLING-Full-Access-to-Correos-de-Chile-Systems)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/e50a3a2b-0cf2-412c-82fa-24b758c36766.png
Threat Actors: ByteToBreach
Victim Country: Chile
Victim Industry: Unknown
Victim Organization: correoschile
Victim Site: correos.cl

41. Alleged data leak of StealSeek

Category: Data Breach
Content: The threat actor claims to have leaked the database of Stealseek platform.
Date: 2025-08-06T13:22:17Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Source-Code-Stealseek-io-Src)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/1bc21860-21e1-4b7e-b9f2-2a55c039b045.png
Threat Actors: Iamalok
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: stealseek
Victim Site: stealseek.io

42. Alleged sale of SHA1 Cracking tool for BreachDirectory

Category: Alert
Content: The threat actor claims to be selling a Python-based SHA1 password cracker designed to reveal censored passwords from BreachDirectory. By using the known prefix and full SHA1 hash shown on the site, the tool brute-forces the remaining characters to recover the full password. It works without a GPU, runs on Windows, Linux, and Termux, and is promoted as a workaround to freemium restrictions on breach data platforms.
Date: 2025-08-06T13:22:23Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-DOCUMENTS-SHA1-Password-Cracker-for-BreachDirectory-org)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/2c6d35c2-3ca0-4854-b66a-8f902e0ea5a8.png https://d34iuop8pidsy8.cloudfront.net/9cf86468-c7cf-4096-8bc1-b161eb8b1bb2.png
Threat Actors: soujinsan69
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: breachdirectory
Victim Site: breachdirectory.org

43. Alleged sale of admin access to a major unidentified Bulgarian university

Category: Initial Access
Content: The threat actor claims to be selling full administrator access to a major unidentified Bulgarian university’s website.
Date: 2025-08-06T14:01:31Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-Bulgaria-Big-University-Administrator-Access)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/2a8bbf37-f600-4005-a181-328f68016f36.png
Threat Actors: Z10N
Victim Country: Bulgaria
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

44. Alleged data sale of Uni Air

Category: Data Breach
Content: The threat actor claims to be selling 530,711 records from UNI Air, a regional airline in Taiwan. The compromised data includes sensitive personal information such as email addresses, first and last names, and dates of birth.
Date: 2025-08-06T14:01:40Z
Network: openweb
Published URL: (https://breachforums.hn/Thread-SELLING-uniair-com-tw-530-7K-users)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/01631a14-8a42-4942-b5a1-53144d966224.png
Threat Actors: Wieko
Victim Country: Taiwan
Victim Industry: Airlines & Aviation
Victim Organization: uni air
Victim Site: uniair.com.tw

45. Alleged Leak of Stealseek.io Source Code

Category: Data Breach
Content: The threat actor claims to have leaked the source code for the Stealseek.io platform. The leaked material includes the API-related source code.
Date: 2025-08-06T14:12:05Z
Network: openweb
Published URL: (https://leakbase.la/threads/stealseek-io-source-code.41208/)
Screenshots: https://d34iuop8pidsy8.cloudfront.net/fdca8381-07b0-4cdf-bf14-da248f2f3ebc.PNG
Threat Actors: voyaloj9
Victim Country: Unknown
Victim Industry: Software Development
Victim Organization: stealseek.io
Victim Site: stealseek.io

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education and hospitality to government and e-commerce, and impacting countries including Indonesia, India, the Philippines, Russia, Vietnam, France, Pakistan, Chile, Brazil, South Korea, Japan, Morocco, and Italy. The compromised data ranges from personal user information and credit card details to sensitive government records, academic records, and corporate data.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to university websites, corporate systems, and industrial control systems. The sale of malware, including a phishing toolkit and an account takeover exploit, further underscores the availability of offensive capabilities in the cyber underground.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.