[August-18-2025] Daily Cybersecurity Threat Report

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

---

1. Alleged leak of Saudi Arabia military and Government internal documents

• Category: Data Leak
• Content: The threat actor claims to have leaked a database containing Saudi Arabian military and government internal document details.
• Date: 2025-08-18T14:16:17Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Document-%F0%9F%98%BFSaudi-Arabia-Military-and-government-internal-documents-leak%F0%9F%98%BD
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3bd70287-8543-46c4-aa34-d6c4d1d053b2.png
• Threat Actors: jrintel
• Victim Country: Saudi Arabia
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

2. Alleged data sale of Non-VBV credit cards

• Category: Data Leak
• Content: The threat actor claims to be selling Non-VBV credit cards (cards without Verified by Visa) allegedly available from multiple countries. These cards reportedly do not have 2FA enabled, making them easier to exploit for fraudulent transactions.
• Date: 2025-08-18T13:52:29Z
• Network: openweb
• Published URL: https://leakbase.la/threads/nonvbv-c4rds-with-high-balance-1k-12k-available-on-telegram-sxv1337.41619/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/2be84cd4-2b1a-4ae3-be87-a9ea1169a8b4.png
• Threat Actors: Ness1337
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

3. Alleged sale of classified documents

• Category: Data Leak
• Content: The threat actor claims to have leaked classified documents allegedly sourced from insiders within the USA, Russia, UK, NATO, and China.
• Date: 2025-08-18T13:47:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Document-%E2%AD%90%EF%B8%8F-SELLING-CLASSIFIED-2025-DOCS-USA-RUS-UK-NATO-CN-%E2%AD%90%EF%B8%8F
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5df557ac-024b-4f04-bc9f-755f1ad18298.png
  • https://d34iuop8pidsy8.cloudfront.net/69229756-21c7-4d93-9db4-43ed6f572e99.png
  • https://d34iuop8pidsy8.cloudfront.net/9fe4760d-c40d-404e-b84e-b38b95ea22b7.png
  • https://d34iuop8pidsy8.cloudfront.net/6de493a5-c0a4-402a-84a0-6828c4576a31.png
  • https://d34iuop8pidsy8.cloudfront.net/d2da93e5-1c13-4c3a-99ac-816f0e7b016a.png
  • https://d34iuop8pidsy8.cloudfront.net/9ea9b488-8dd2-4c7a-8d79-1b0446101a89.png
  • https://d34iuop8pidsy8.cloudfront.net/0308bb63-96c3-4eac-94b5-3815dd138777.png
  • https://d34iuop8pidsy8.cloudfront.net/982934e7-a635-4ead-b464-7d28fa3acf16.png
  • https://d34iuop8pidsy8.cloudfront.net/c9dcdd09-186c-436f-a902-c851aac846c7.png
  • https://d34iuop8pidsy8.cloudfront.net/604da66b-d7a2-4178-a7ac-43ec25dc9558.png
• Threat Actors: jrintel
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

4. Alleged sale of international credit card records

• Category: Data Leak
• Content: The threat actor claims to be selling 1,827 stolen credit card records, allegedly collected via sniffer malware from Chile, UK, Germany, Switzerland, Austria, Spain, France, and other countries, with over 70% reportedly valid.
• Date: 2025-08-18T13:35:25Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264516/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5f6a71ad-6304-47f9-ac8a-35f329c139d9.png
• Threat Actors: pmc_vagner
• Victim Country: UK
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

5. Alleged data breach Riskav

• Category: Data Breach
• Content: The threat actor claims to be selling 4.29 million wallet transactions from Riskav. The compromised data includes customer ID, name, payment ID, country, user ID, email ID, and more.
• Date: 2025-08-18T13:34:32Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Riskow-Database-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/dac6db0d-ba4c-46ee-97bb-75599888d428.png
  • https://d34iuop8pidsy8.cloudfront.net/320582f7-fb33-48d2-be9d-35b512b8350c.png
• Threat Actors: N1KA
• Victim Country: Iran
• Victim Industry: Financial Services
• Victim Organization: riskav
• Victim Site: riskav.com

---

6. Alleged data breach of Ministry of transport in Thailand

• Category: Data Breach
• Content: Group claims to have leaked 1.2GB data from Ministry of transport in Thailand. The compromised data includes road and railway project blueprints, transport policy and internal planning documents, procurement and contractor agreements, staff lists, ID scans, internal memos, server configurations and login credentials.
• Date: 2025-08-18T13:30:47Z
• Network: telegram
• Published URL: https://t.me/Cyber_KingdomKH_Official/32
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/967b0a8d-4ad9-4290-b779-1d5547edbed2.JPG
  • https://d34iuop8pidsy8.cloudfront.net/7f958665-b3c2-45d6-8bc4-4e19be93dc26.JPG
• Threat Actors: Cyber-KingdomKH
• Victim Country: Thailand
• Victim Industry: Government Administration
• Victim Organization: ministry of transport
• Victim Site: mot.go.th

---

7. Team Azrael Angel Of Death targets the website of Mahatma Gandhi College of Law

• Category: Defacement
• Content: Group claims to have defaced the website of Mahatma Gandhi College of Law
• Date: 2025-08-18T13:02:55Z
• Network: telegram
• Published URL: https://t.me/anonymous_Cr02x/1218
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/8cbfbd8f-484f-419c-9df4-2616a566e740.png
• Threat Actors: Team Azrael Angel Of Death
• Victim Country: India
• Victim Industry: Education
• Victim Organization: mahatma gandhi college of law
• Victim Site: mgcl.edu.in

---

8. Alleged data leak of Marriott International

• Category: Data Breach
• Content: The group claims to have leaked database of Marriott International
• Date: 2025-08-18T12:52:35Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/459
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/57cab93c-c7ab-4f17-bebe-0accfa6074ec.png
  • https://d34iuop8pidsy8.cloudfront.net/2b7e605a-9eae-46d2-b1f0-6f8f4efc6152.png
  • https://d34iuop8pidsy8.cloudfront.net/aaf17f8c-14a5-4ce7-8140-d1ae142cb23c.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: USA
• Victim Industry: Hospitality & Tourism
• Victim Organization: marriott international
• Victim Site: marriott.com

---

9. Alleged data breach of PrestaShop

• Category: Data Breach
• Content: The threat actor claims to have leaked over 21 million customer records allegedly stolen from PrestaShop.
• Date: 2025-08-18T12:35:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Prestashop-Data-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f05aaeb2-5c0f-4fcd-8b75-4ed150463d06.png
  • https://d34iuop8pidsy8.cloudfront.net/d90ab5d6-8f50-42c5-8156-6e6659932169.png
• Threat Actors: N1KA
• Victim Country: France
• Victim Industry: E-commerce & Online Stores
• Victim Organization: prestashop
• Victim Site: prestashop-project.org

---

10. Alleged sale of an unknown USA database

• Category: Data Leak
• Content: The threat actor claims to be selling a large U.S. database containing 46,000+ records, allegedly tied to multiple companies
• Date: 2025-08-18T12:20:27Z
• Network: openweb
• Published URL: https://ramp4u.io/threads/%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%D1%8F-%D0%B1%D0%B0%D0%B7%D0%B0-%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85-%D1%8E%D1%81%D0%B0.3359/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/9ff7b7bd-836f-4d82-a0a0-29ba4324516a.png
• Threat Actors: hits
• Victim Country: USA
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

11. Alleged data leak of National Bank of Canada

• Category: Data Leak
• Content: The group claims to have leaked database of National Bank of Canada.
• Date: 2025-08-18T12:11:35Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/449
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7d0499b3-0392-4aae-9152-5b5966f31394.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: Canada
• Victim Industry: Banking & Mortgage
• Victim Organization: national bank of canada
• Victim Site: nbc.ca

---

12. Alleged sale of a Twitter automation tool

• Category: Data Leak
• Content: The threat actor claims to be selling a Twitter automation tool, claiming it can consistently push posts to the top by automatically posting text and photos, generating comments, and liking with multiple accounts.
• Date: 2025-08-18T12:09:21Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264511/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a6e3db19-a3d8-47e7-9d0f-79a8efb3b721.png
• Threat Actors: Eberiha
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

13. Alleged leak of L’Oréal and CeraVe API keys

• Category: Data Leak
• Content: The group claims to have leaked multiple API keys of L’Oréal and CeraVe.
• Date: 2025-08-18T12:04:08Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/403
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ae083429-75b6-48a7-ba43-aa8d912aedfb.png
  • https://d34iuop8pidsy8.cloudfront.net/e4a5160d-f319-4efa-ac19-1baa70c27c18.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: France
• Victim Industry: Cosmetics
• Victim Organization: l’oréal
• Victim Site: loreal.com

---

14. Alleged sale of Grafit data

• Category: Data Breach
• Content: The threat actor claims to be selling a 1.4MB CSV database allegedly stolen from GRAFIT, reportedly leaked on June 11, 2025. The dataset contains over 13,000 records, including company information, contact data, and lead information.
• Date: 2025-08-18T11:59:04Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Grafit-Franch-Data-Breach-Belarus-%E2%80%94-1-4MB-of-Fitness-Business-Lead-Data-Exposed
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/4a3eba66-a999-4ff5-b622-c2c1f271ebda.png
• Threat Actors: Chucky_BF
• Victim Country: Belarus
• Victim Industry: Health & Fitness
• Victim Organization: grafit
• Victim Site: franchise.grafitgym.by

---

15. Alleged sale of Naga College Foundation data

• Category: Data Breach
• Content: The threat actor claims to be selling a 17.2MB CSV database allegedly stolen from Naga College Foundation, reportedly leaked on August 13, 2025. The dataset contains over 228,500 records, including parent/guardian identifiers, contact details, family information, and location data.
• Date: 2025-08-18T11:58:58Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Selling-CRITICAL-Data-Leak-Naga-College-Foundation-NCF-Philippines-%E2%80%94-17-2MB-Exposed
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/74352f6e-4733-4396-9547-a9820f9ce936.png
• Threat Actors: Chucky_BF
• Victim Country: Philippines
• Victim Industry: Education
• Victim Organization: naga college foundation, inc
• Victim Site: ncf.edu.ph

---

16. Alleged leak of Nissan CBI data of automotives design

• Category: Data Breach
• Content: The threat actor claims to be selling a database from Nissan Creative Box” or CBI containing over 4TB of data, including exterior and interior designs of Nissan products such as 3D design files, pictures, product videos, and confidential documents.
• Date: 2025-08-18T11:30:01Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Selling-Nissan-CBI-data-of-automotives-design
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ced25c47-aa81-4c53-a196-cdb78d8fb2ef.png
• Threat Actors: hexdark
• Victim Country: Japan
• Victim Industry: Automotive
• Victim Organization: nissan motor co., ltd
• Victim Site: nissan-global.com

---

17. Alleged access sale to an unidentified U.S agriculture company

• Category: Initial Access
• Content: The threat actor claims to be selling RDWEB (Remote Desktop Web Access) access to an unidentified U.S.-based agriculture company.
• Date: 2025-08-18T10:44:09Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264502/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c2f9974b-1a3e-4a31-8f94-3322e62f7c8b.png
• Threat Actors: gadji
• Victim Country: USA
• Victim Industry: Agriculture & Farming
• Victim Organization: Unknown
• Victim Site: Unknown

---

18. Alleged data breach of SMA Muhammadiyah 1 Prambanan

• Category: Data Breach
• Content: The threat actor claims to have leaked the database of SMA Muhammadiyah 1 Prambanan.
• Date: 2025-08-18T09:50:03Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATA-PPDB-ONLINE-SMA-MUHAMMADIYAH-PRAMBANAN
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5b1ea3b1-3499-44a1-992e-bae1c98935c6.png
• Threat Actors: MrrKyy404
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: sma muhammadiyah 1 prambanan
• Victim Site: smamuh1pramb.sch.id

---

19. Alleged sale of UK loan records

• Category: Data Leak
• Content: The threat actor claims to be selling a database of 11 million UK loan records from 2025, allegedly sourced from direct lender platforms like LoanPig. The dataset reportedly includes sensitive financial and personal information
• Date: 2025-08-18T09:39:10Z
• Network: openweb
• Published URL: https://leakbase.la/threads/uk-loans-2025.41610/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/94537d9f-a085-4d8e-b182-c9f52cf0d650.png
• Threat Actors: show_more
• Victim Country: UK
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

20. Alleged data leak of Emcan Group

• Category: Data Breach
• Content: The threat actor claims to have leaked the Emcan Group, containing 5,281 and 3,304 client records respectively. The compromised data includes client names, emails, plaintext passwords, phone numbers, verification status, reward points, and account registration dates
• Date: 2025-08-18T09:29:19Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Emcan-Information-Technology-Data-Breach-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c8d2856f-ef16-46aa-90a5-35264c4e8630.png
  • https://d34iuop8pidsy8.cloudfront.net/2ec32c09-b6e7-4727-928f-348281203dd6.png
• Threat Actors: N1KA
• Victim Country: Bahrain
• Victim Industry: Information Technology (IT) Services
• Victim Organization: emcan group
• Victim Site: emcan-group.com

---

21. Alleged data leak of Ministry of Interior (MoI), Saudi Arabia

• Category: Data Breach
• Content: The group claims to have leaked database from Ministry of Interior (MoI), Saudi Arabia, containing 20,000 records, including user login credentials.
• Date: 2025-08-18T08:29:49Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/715
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/039a8cff-a562-414b-a58a-13e1da9e27cc.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Government Administration
• Victim Organization: ministry of interior (moi), saudi arabia
• Victim Site: moi.gov.sa

---

22. Alleged data leak of Ministry of Interior (MoI), Saudi Arabia

• Category: Data Breach
• Content: The group claims to have leaked 20000 results from the Ministry of Interior (MoI), Saudi Arabia.
• Date: 2025-08-18T08:19:34Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/715
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/039a8cff-a562-414b-a58a-13e1da9e27cc.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Government Administration
• Victim Organization: ministry of interior (moi), saudi arabia
• Victim Site: moi.gov.sa

---

23. Alleged data leak of Mobily

• Category: Data Breach
• Content: The group claims to have leaked data from Mobily, including 8,781 records containing user login credentials.
• Date: 2025-08-18T08:16:32Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/713
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/0f360f2f-5e5b-4164-91fa-7652b8b2f430.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Network & Telecommunications
• Victim Organization: mobily
• Victim Site: mobily.com.sa

---

24. Alleged data leak of Kirkpatrick Partners, LLC

• Category: Data Breach
• Content: The threat actor claims to have leaked 36,556 user records from Kirkpatrick Partners, LLC, including data fields such as usernames, emails, hashed passwords, registration details, user roles, names, nicknames, profile settings, and WordPress-specific metadata.
• Date: 2025-08-18T06:48:06Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Kirkpatrick-Partners-LLC-Data-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/aa360b7e-5f68-4d85-8c4c-95f7593fdae1.png
• Threat Actors: N1KA
• Victim Country: USA
• Victim Industry: Professional Training
• Victim Organization: kirkpatrick partners, llc
• Victim Site: kirkpatrickpartners.com

---

25. Alleged data breach of NATO

• Category: Data Breach
• Content: The threat actor claims to be sharing a massive leaked database of 9GB containing 15 million NATO records related to armored vehicles, East Asian military strategies, economic data, and technological integration. The dataset (CSV/text) allegedly includes technical specifications (ID, name, type, weight, armor, gun, engine, mobility), unit types, deployment regions, defense spending, and strategic/geopolitical points.
• Date: 2025-08-18T06:14:02Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-15-Millions-NATO-Startegic-Economy-Diplomatic-and-Military-in-East-Asia-with-7-Milli
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/e376446e-ce6f-4f3f-be54-bc74c3307fd8.png
• Threat Actors: FreedomSecurity1337
• Victim Country: Belgium
• Victim Industry: International Affairs
• Victim Organization: nato
• Victim Site: nato.int

---

26. Alleged data leak of Belgium IBAN Database

• Category: Data Leak
• Content: The threat actor claims to have leaked a Belgium IBAN database, likely containing sensitive financial information.
• Date: 2025-08-18T04:51:44Z
• Network: openweb
• Published URL: https://leakbase.la/threads/belgium-iban-database.41602/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/13f1c920-a527-4f8e-9ea7-162bb25ff988.png
• Threat Actors: solip76526
• Victim Country: Belgium
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

27. Alleged leak of unauthorized access to Summit Computer Co., Ltd.

• Category: Initial Access
• Content: The group claims to have leaked unauthorized access to Summit Computer Co., Ltd.’s internal document archive and database system in Thailand.
• Date: 2025-08-18T04:46:48Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2408
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b3fd9f35-fc19-488a-bf96-9929b8e0ad79.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Information Technology (IT) Services
• Victim Organization: summit computer co., ltd.
• Victim Site: summitcomputer.co.th

---

28. Alleged leak of Cambodian government personnel database

• Category: Data Leak
• Content: The group claims to have leaked Cambodian government personnel database. The compromised data includes ID or user number, name in both Khmer and English, organization or position, affiliation or employer, possibly contact details or records.
• Date: 2025-08-18T04:15:28Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2407
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/acfb2110-5b78-41bc-b6a6-9249b1b8aa1f.png
• Threat Actors: NXBB.SEC
• Victim Country: Cambodia
• Victim Industry: Government & Public Sector
• Victim Organization: Unknown
• Victim Site: Unknown

---

29. Alleged leak of unauthorized admin access to Hugcode Company

• Category: Initial Access
• Content: The group claims to have gained unauthorized admin access to Hugcode Company.
• Date: 2025-08-18T03:57:17Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2406
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/325b5dc9-59b1-4023-adad-2012631b0707.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Software Development
• Victim Organization: hugcode company
• Victim Site: hugcode.co.th

---

30. Alleged data breach of Bureau of Indian Standards

• Category: Data Breach
• Content: The threat actor claims to have leaked a database from the Bureau of Indian Standards (BIS) government services portal. The leak includes records of around 470 laboratory entries across India, containing lab names, addresses, cities, states, contact numbers, and official email IDs of BIS branch and regional laboratories.
• Date: 2025-08-18T03:44:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-LEAKED-DATABASE-SERVICE-BIS-INDIA-GOV
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7cda3dc3-fd9b-4599-99c7-f8bd7aa5582f.png
• Threat Actors: petrush4x0r
• Victim Country: India
• Victim Industry: Government Administration
• Victim Organization: bureau of indian standards
• Victim Site: bis.gov.in

---

31. Alleged data leak of unidentified Healthcare organization in Thailand

• Category: Data Leak
• Content: The group claims to have leaked data from unidentified Healthcare organization in Thailand. The compromised data includes full names in both Thai and English, Thai national ID numbers, phone numbers, vaccination details such as vaccine type (Moderna, Sinovac, Sinopharm), hospital or vaccination site names, and appointment dates and times.
• Date: 2025-08-18T03:35:53Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2405
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/22743d02-73a9-47bf-bfd1-38e5180681a7.png
  • https://d34iuop8pidsy8.cloudfront.net/1d24c5bb-0c48-492e-a113-2e4820035245.png
  • https://d34iuop8pidsy8.cloudfront.net/6075a05f-7ab6-432e-b854-a42dd693f090.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Hospital & Health Care
• Victim Organization: Unknown
• Victim Site: Unknown

---

32. Alleged data breach of Bank of Latvia

• Category: Data Breach
• Content: The threat actor claims to be selling data from a breach of Bank of Latvia (Latvijas Banka), affecting 856,000 users. The compromised information allegedly includes usernames, passwords, IDs, emails, IBANs, addresses, and sensitive financial records such as customer bank statements and transfer lists.
• Date: 2025-08-18T03:26:09Z
• Network: openweb
• Published URL: https://x.com/xan_hacks/status/1957268864989044845
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7d095b84-65e1-45ef-8b69-031f2d5b0fc6.png
  • https://d34iuop8pidsy8.cloudfront.net/f45c5ccf-0076-479d-98d9-7735ced9f1ee.png
• Threat Actors: xan_hacks
• Victim Country: Latvia
• Victim Industry: Banking & Mortgage
• Victim Organization: latvijas banka
• Victim Site: bank.lv

---

33. Alleged data breach of SMK Negeri 1 Kaligondang

• Category: Data Breach
• Content: The threat actor claims to be selling a database from SMKN 1 Kaligondang, a vocational high school in Indonesia, allegedly containing student records with personal information such as full names and dates of birth.
• Date: 2025-08-18T03:17:21Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-LEAK-INDONESIA-SMKN-1-KALIGONDANG-Student-Names-Dates-of-Birth
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b42a04e2-28fc-4e5b-be64-0c73de7864cb.png
  • https://d34iuop8pidsy8.cloudfront.net/d30cd859-df21-4811-b0fc-b00f5c3f799b.png
  • https://d34iuop8pidsy8.cloudfront.net/fe417914-f104-4eda-aaad-83a3a6b2dab0.png
  • https://d34iuop8pidsy8.cloudfront.net/4a544f6e-a811-499c-ad1d-80360ef5ba10.png
• Threat Actors: Dhxlcfr
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: smk negeri 1 kaligondang
• Victim Site: smkn1kaligondang.sch.id

---

34. Alleged data breach of SMK Negeri 1 Wonosobo

• Category: Data Breach
• Content: The threat actor claims to have leaked a student data list from SMKN 1 Wonosobo, a vocational high school in Indonesia. The leaked information includes full names and dates of birth, with locations such as Wonosobo, Surakarta, and Jakarta also listed.
• Date: 2025-08-18T03:04:33Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-LEAK-INDONESIA-SMKN-1-WONOSOBO-Student-Names-Dates-of-Birth
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a647fbee-3cb0-4033-b755-578172a2d8f3.png
• Threat Actors: Dhxlcfr
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: smk negeri 1 wonosobo
• Victim Site: smkn1-wnb.sch.id

---

35. Alleged leak of unauthorized access to Royal Irrigation Department (Thailand)

• Category: Initial Access
• Content: The group claims to have gained unauthorized access to Royal Irrigation Department in Thailand.
• Date: 2025-08-18T02:59:20Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2401
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/94b2ba36-83c2-4f8a-b45f-14834ae55049.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Government Administration
• Victim Organization: royal irrigation department
• Victim Site: rid.go.th

---

36. Alleged sale of a multilingual keylogger

• Category: Malware
• Content: The threat actor claims to be selling customizable source code for a multilingual keylogger (records keystrokes, windows, and other activity) and a clipboard hijacker (redirects copied wallet addresses).
• Date: 2025-08-18T02:48:21Z
• Network: tor
• Published URL: https://xssforum7mmh3n56inuf2h73hvhnzobi7h2ytb3gvklrfqm7ut3xdnyd.onion/threads/142720/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/57518f2d-e658-491a-bc6f-4de456f217f8.png
• Threat Actors: r3xq1
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

37. WOLF CYBER ARMY V2 targets the website of Desa Pattedong Selatan

• Category: Defacement
• Content: The group claims to have defaced the website of Desa Pattedong Selatan
• Date: 2025-08-18T02:42:27Z
• Network: telegram
• Published URL: https://t.me/WOLFV27/145
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/85a10bcf-1902-4c52-bf3f-d171cad10931.png
• Threat Actors: WOLF CYBER ARMY V2
• Victim Country: Indonesia
• Victim Industry: Government Administration
• Victim Organization: desa pattedong selatan
• Victim Site: pattedongselatan.desa.id

---

38. Alleged leak of emails and passwords from MINISTRY OF PRIMARY AND SECONDARY EDUCATION

• Category: Data Breach
• Content: The threat actor claims to have leaked a database of 100 compromised accounts from Indonesia’s Ministry of Education and Culture (kemdikbud.go.id). The dataset contains emails and plaintext passwords linked to the domain, exposing access to user accounts on the official government website.
• Date: 2025-08-18T02:24:36Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-100x-DATABASE-KEMDIKBUD-IDN
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/529b36b1-ebb8-4c69-9848-9ca7a9a6c5cd.png
  • https://d34iuop8pidsy8.cloudfront.net/e477e6a9-0f52-4d52-8f08-41339fa1002b.png
  • https://d34iuop8pidsy8.cloudfront.net/d784e4be-25a5-4f32-8af8-8e57aec607ad.png
  • https://d34iuop8pidsy8.cloudfront.net/01602280-7d78-4925-8681-511a978f47da.png
• Threat Actors: dafid
• Victim Country: Indonesia
• Victim Industry: Government Administration
• Victim Organization: ministry of primary and secondary education
• Victim Site: kemendikdasmen.go.id

---

39. Alleged sale of Cutlet Maker 1.0 F

• Category: Malware
• Content: The threat actor claims to be selling Cutlet Maker 1.0 F, an ATM jackpotting malware designed to exploit vulnerabilities in ATM controllers via USB access. The malware enables attackers to empty cash cassettes and includes a DIY kit with instructions, targeted ATM models, and operational guidance.
• Date: 2025-08-18T01:14:35Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-ATM-Jackpotting-Malware
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/2a3ebe6c-934d-4201-bf98-56f54f0ce837.png
• Threat Actors: majormotion
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

40. Alleged data breach of Argentine Army

• Category: Data Breach
• Content: The threat actor claims to be selling a database from the Argentine Army, allegedly containing around 84,000 records. The leaked data includes personal details, military IDs, ranks, units, divisions, birth dates, addresses, emails, phone numbers, emergency contacts, training history, and decorations of Argentine military personnel.
• Date: 2025-08-18T01:06:39Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-%F0%9F%94%A5%E2%AD%90%F0%9F%91%BDArgentine-Army-Database%F0%9F%91%BD%E2%AD%90%F0%9F%94%A5
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/d9430fd8-63af-48ed-9fd5-6d2946ae6233.png
  • https://d34iuop8pidsy8.cloudfront.net/1e0993db-91e4-4da9-a3db-cda95d92df52.png
• Threat Actors: HvcKMvsoneria33
• Victim Country: Argentina
• Victim Industry: Military Industry
• Victim Organization: argentine army
• Victim Site: ejercito.mil.ar

---

41. Alleged data leak of Personal database

• Category: Data Leak
• Content: A threat actor claims to have leaked a personal database containing names, national ID numbers (NIK), districts, and professions of individuals.
• Date: 2025-08-18T00:25:04Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-LEAKED-DATABASE
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f6b4a0b7-3586-4c8b-b3b1-746913439b71.png
• Threat Actors: Dimzxzzx
• Victim Country: Indonesia
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

i need also conclusion

Incident Report: Analysis of Recent Cyber Events This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

---

1. Alleged leak of Saudi Arabia military and Government internal documents

• Category: Data Leak
• Content: The threat actor claims to have leaked a database containing Saudi Arabian military and government internal document details.
• Date: 2025-08-18T14:16:17Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Document-%F0%9F%98%BFSaudi-Arabia-Military-and-government-internal-documents-leak%F0%9F%98%BD
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3bd70287-8543-46c4-aa34-d6c4d1d053b2.png
• Threat Actors: jrintel
• Victim Country: Saudi Arabia
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

2. Alleged data sale of Non-VBV credit cards

• Category: Data Leak
• Content: The threat actor claims to be selling Non-VBV credit cards (cards without Verified by Visa) allegedly available from multiple countries. These cards reportedly do not have 2FA enabled, making them easier to exploit for fraudulent transactions.
• Date: 2025-08-18T13:52:29Z
• Network: openweb
• Published URL: https://leakbase.la/threads/nonvbv-c4rds-with-high-balance-1k-12k-available-on-telegram-sxv1337.41619/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/2be84cd4-2b1a-4ae3-be87-a9ea1169a8b4.png
• Threat Actors: Ness1337
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

3. Alleged sale of classified documents

• Category: Data Leak
• Content: The threat actor claims to have leaked classified documents allegedly sourced from insiders within the USA, Russia, UK, NATO, and China.
• Date: 2025-08-18T13:47:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Document-%E2%AD%90%EF%B8%8F-SELLING-CLASSIFIED-2025-DOCS-USA-RUS-UK-NATO-CN-%E2%AD%90%EF%B8%8F
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5df557ac-024b-4f04-bc9f-755f1ad18298.png
  • https://d34iuop8pidsy8.cloudfront.net/69229756-21c7-4d93-9db4-43ed6f572e99.png
  • https://d34iuop8pidsy8.cloudfront.net/9fe4760d-c40d-404e-b84e-b38b95ea22b7.png
  • https://d34iuop8pidsy8.cloudfront.net/6de493a5-c0a4-402a-84a0-6828c4576a31.png
  • https://d34iuop8pidsy8.cloudfront.net/d2da93e5-1c13-4c3a-99ac-816f0e7b016a.png
  • https://d34iuop8pidsy8.cloudfront.net/9ea9b488-8dd2-4c7a-8d79-1b0446101a89.png
  • https://d34iuop8pidsy8.cloudfront.net/0308bb63-96c3-4eac-94b5-3815dd138777.png
  • https://d34iuop8pidsy8.cloudfront.net/982934e7-a635-4ead-b464-7d28fa3acf16.png
  • https://d34iuop8pidsy8.cloudfront.net/c9dcdd09-186c-436f-a902-c851aac846c7.png
  • https://d34iuop8pidsy8.cloudfront.net/604da66b-d7a2-4178-a7ac-43ec25dc9558.png
• Threat Actors: jrintel
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

4. Alleged sale of international credit card records

• Category: Data Leak
• Content: The threat actor claims to be selling 1,827 stolen credit card records, allegedly collected via sniffer malware from Chile, UK, Germany, Switzerland, Austria, Spain, France, and other countries, with over 70% reportedly valid.
• Date: 2025-08-18T13:35:25Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264516/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5f6a71ad-6304-47f9-ac8a-35f329c139d9.png
• Threat Actors: pmc_vagner
• Victim Country: UK
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

5. Alleged data breach Riskav

• Category: Data Breach
• Content: The threat actor claims to be selling 4.29 million wallet transactions from Riskav. The compromised data includes customer ID, name, payment ID, country, user ID, email ID, and more.
• Date: 2025-08-18T13:34:32Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Riskow-Database-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/dac6db0d-ba4c-46ee-97bb-75599888d428.png
  • https://d34iuop8pidsy8.cloudfront.net/320582f7-fb33-48d2-be9d-35b512b8350c.png
• Threat Actors: N1KA
• Victim Country: Iran
• Victim Industry: Financial Services
• Victim Organization: riskav
• Victim Site: riskav.com

---

6. Alleged data breach of Ministry of transport in Thailand

• Category: Data Breach
• Content: Group claims to have leaked 1.2GB data from Ministry of transport in Thailand. The compromised data includes road and railway project blueprints, transport policy and internal planning documents, procurement and contractor agreements, staff lists, ID scans, internal memos, server configurations and login credentials.
• Date: 2025-08-18T13:30:47Z
• Network: telegram
• Published URL: https://t.me/Cyber_KingdomKH_Official/32
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/967b0a8d-4ad9-4290-b779-1d5547edbed2.JPG
  • https://d34iuop8pidsy8.cloudfront.net/7f958665-b3c2-45d6-8bc4-4e19be93dc26.JPG
• Threat Actors: Cyber-KingdomKH
• Victim Country: Thailand
• Victim Industry: Government Administration
• Victim Organization: ministry of transport
• Victim Site: mot.go.th

---

7. Team Azrael Angel Of Death targets the website of Mahatma Gandhi College of Law

• Category: Defacement
• Content: Group claims to have defaced the website of Mahatma Gandhi College of Law
• Date: 2025-08-18T13:02:55Z
• Network: telegram
• Published URL: https://t.me/anonymous_Cr02x/1218
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/8cbfbd8f-484f-419c-9df4-2616a566e740.png
• Threat Actors: Team Azrael Angel Of Death
• Victim Country: India
• Victim Industry: Education
• Victim Organization: mahatma gandhi college of law
• Victim Site: mgcl.edu.in

---

8. Alleged data leak of Marriott International

• Category: Data Breach
• Content: The group claims to have leaked database of Marriott International
• Date: 2025-08-18T12:52:35Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/459
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/57cab93c-c7ab-4f17-bebe-0accfa6074ec.png
  • https://d34iuop8pidsy8.cloudfront.net/2b7e605a-9eae-46d2-b1f0-6f8f4efc6152.png
  • https://d34iuop8pidsy8.cloudfront.net/aaf17f8c-14a5-4ce7-8140-d1ae142cb23c.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: USA
• Victim Industry: Hospitality & Tourism
• Victim Organization: marriott international
• Victim Site: marriott.com

---

9. Alleged data breach of PrestaShop

• Category: Data Breach
• Content: The threat actor claims to have leaked over 21 million customer records allegedly stolen from PrestaShop.
• Date: 2025-08-18T12:35:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Prestashop-Data-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f05aaeb2-5c0f-4fcd-8b75-4ed150463d06.png
  • https://d34iuop8pidsy8.cloudfront.net/d90ab5d6-8f50-42c5-8156-6e6659932169.png
• Threat Actors: N1KA
• Victim Country: France
• Victim Industry: E-commerce & Online Stores
• Victim Organization: prestashop
• Victim Site: prestashop-project.org

---

10. Alleged sale of an unknown USA database

• Category: Data Leak
• Content: The threat actor claims to be selling a large U.S. database containing 46,000+ records, allegedly tied to multiple companies
• Date: 2025-08-18T12:20:27Z
• Network: openweb
• Published URL: https://ramp4u.io/threads/%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%D1%8F-%D0%B1%D0%B0%D0%B7%D0%B0-%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85-%D1%8E%D1%81%D0%B0.3359/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/9ff7b7bd-836f-4d82-a0a0-29ba4324516a.png
• Threat Actors: hits
• Victim Country: USA
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

11. Alleged data leak of National Bank of Canada

• Category: Data Leak
• Content: The group claims to have leaked database of National Bank of Canada.
• Date: 2025-08-18T12:11:35Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/449
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7d0499b3-0392-4aae-9152-5b5966f31394.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: Canada
• Victim Industry: Banking & Mortgage
• Victim Organization: national bank of canada
• Victim Site: nbc.ca

---

12. Alleged sale of a Twitter automation tool

• Category: Data Leak
• Content: The threat actor claims to be selling a Twitter automation tool, claiming it can consistently push posts to the top by automatically posting text and photos, generating comments, and liking with multiple accounts.
• Date: 2025-08-18T12:09:21Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264511/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a6e3db19-a3d8-47e7-9d0f-79a8efb3b721.png
• Threat Actors: Eberiha
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

13. Alleged leak of L’Oréal and CeraVe API keys

• Category: Data Leak
• Content: The group claims to have leaked multiple API keys of L’Oréal and CeraVe.
• Date: 2025-08-18T12:04:08Z
• Network: telegram
• Published URL: https://t.me/leavemealonefbi/403
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ae083429-75b6-48a7-ba43-aa8d912aedfb.png
  • https://d34iuop8pidsy8.cloudfront.net/e4a5160d-f319-4efa-ac19-1baa70c27c18.png
• Threat Actors: scattered lapsu$ hunters
• Victim Country: France
• Victim Industry: Cosmetics
• Victim Organization: l’oréal
• Victim Site: loreal.com

---

14. Alleged sale of Grafit data

• Category: Data Breach
• Content: The threat actor claims to be selling a 1.4MB CSV database allegedly stolen from GRAFIT, reportedly leaked on June 11, 2025. The dataset contains over 13,000 records, including company information, contact data, and lead information.
• Date: 2025-08-18T11:59:04Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Grafit-Franch-Data-Breach-Belarus-%E2%80%94-1-4MB-of-Fitness-Business-Lead-Data-Exposed
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/4a3eba66-a999-4ff5-b622-c2c1f271ebda.png
• Threat Actors: Chucky_BF
• Victim Country: Belarus
• Victim Industry: Health & Fitness
• Victim Organization: grafit
• Victim Site: franchise.grafitgym.by

---

15. Alleged sale of Naga College Foundation data

• Category: Data Breach
• Content: The threat actor claims to be selling a 17.2MB CSV database allegedly stolen from Naga College Foundation, reportedly leaked on August 13, 2025. The dataset contains over 228,500 records, including parent/guardian identifiers, contact details, family information, and location data.
• Date: 2025-08-18T11:58:58Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Selling-CRITICAL-Data-Leak-Naga-College-Foundation-NCF-Philippines-%E2%80%94-17-2MB-Exposed
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/74352f6e-4733-4396-9547-a9820f9ce936.png
• Threat Actors: Chucky_BF
• Victim Country: Philippines
• Victim Industry: Education
• Victim Organization: naga college foundation, inc
• Victim Site: ncf.edu.ph

---

16. Alleged leak of Nissan CBI data of automotives design

• Category: Data Breach
• Content: The threat actor claims to be selling a database from Nissan Creative Box” or CBI containing over 4TB of data, including exterior and interior designs of Nissan products such as 3D design files, pictures, product videos, and confidential documents.
• Date: 2025-08-18T11:30:01Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-Selling-Nissan-CBI-data-of-automotives-design
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ced25c47-aa81-4c53-a196-cdb78d8fb2ef.png
• Threat Actors: hexdark
• Victim Country: Japan
• Victim Industry: Automotive
• Victim Organization: nissan motor co., ltd
• Victim Site: nissan-global.com

---

17. Alleged access sale to an unidentified U.S agriculture company

• Category: Initial Access
• Content: The threat actor claims to be selling RDWEB (Remote Desktop Web Access) access to an unidentified U.S.-based agriculture company.
• Date: 2025-08-18T10:44:09Z
• Network: openweb
• Published URL: https://forum.exploit.in/topic/264502/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c2f9974b-1a3e-4a31-8f94-3322e62f7c8b.png
• Threat Actors: gadji
• Victim Country: USA
• Victim Industry: Agriculture & Farming
• Victim Organization: Unknown
• Victim Site: Unknown

---

18. Alleged data breach of SMA Muhammadiyah 1 Prambanan

• Category: Data Breach
• Content: The threat actor claims to have leaked the database of SMA Muhammadiyah 1 Prambanan.
• Date: 2025-08-18T09:50:03Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATA-PPDB-ONLINE-SMA-MUHAMMADIYAH-PRAMBANAN
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5b1ea3b1-3499-44a1-992e-bae1c98935c6.png
• Threat Actors: MrrKyy404
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: sma muhammadiyah 1 prambanan
• Victim Site: smamuh1pramb.sch.id

---

19. Alleged sale of UK loan records

• Category: Data Leak
• Content: The threat actor claims to be selling a database of 11 million UK loan records from 2025, allegedly sourced from direct lender platforms like LoanPig. The dataset reportedly includes sensitive financial and personal information
• Date: 2025-08-18T09:39:10Z
• Network: openweb
• Published URL: https://leakbase.la/threads/uk-loans-2025.41610/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/94537d9f-a085-4d8e-b182-c9f52cf0d650.png
• Threat Actors: show_more
• Victim Country: UK
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

20. Alleged data leak of Emcan Group

• Category: Data Breach
• Content: The threat actor claims to have leaked the Emcan Group, containing 5,281 and 3,304 client records respectively. The compromised data includes client names, emails, plaintext passwords, phone numbers, verification status, reward points, and account registration dates
• Date: 2025-08-18T09:29:19Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Emcan-Information-Technology-Data-Breach-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c8d2856f-ef16-46aa-90a5-35264c4e8630.png
  • https://d34iuop8pidsy8.cloudfront.net/2ec32c09-b6e7-4727-928f-348281203dd6.png
• Threat Actors: N1KA
• Victim Country: Bahrain
• Victim Industry: Information Technology (IT) Services
• Victim Organization: emcan group
• Victim Site: emcan-group.com

---

21. Alleged data leak of Ministry of Interior (MoI), Saudi Arabia

• Category: Data Breach
• Content: The group claims to have leaked database from Ministry of Interior (MoI), Saudi Arabia, containing 20,000 records, including user login credentials.
• Date: 2025-08-18T08:29:49Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/715
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/039a8cff-a562-414b-a58a-13e1da9e27cc.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Government Administration
• Victim Organization: ministry of interior (moi), saudi arabia
• Victim Site: moi.gov.sa

---

22. Alleged data leak of Ministry of Interior (MoI), Saudi Arabia

• Category: Data Breach
• Content: The group claims to have leaked 20000 results from the Ministry of Interior (MoI), Saudi Arabia.
• Date: 2025-08-18T08:19:34Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/715
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/039a8cff-a562-414b-a58a-13e1da9e27cc.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Government Administration
• Victim Organization: ministry of interior (moi), saudi arabia
• Victim Site: moi.gov.sa

---

23. Alleged data leak of Mobily

• Category: Data Breach
• Content: The group claims to have leaked data from Mobily, including 8,781 records containing user login credentials.
• Date: 2025-08-18T08:16:32Z
• Network: telegram
• Published URL: https://t.me/liwaamohammad/713
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/0f360f2f-5e5b-4164-91fa-7652b8b2f430.png
• Threat Actors: Liwaa Muhammad
• Victim Country: Saudi Arabia
• Victim Industry: Network & Telecommunications
• Victim Organization: mobily
• Victim Site: mobily.com.sa

---

24. Alleged data leak of Kirkpatrick Partners, LLC

• Category: Data Breach
• Content: The threat actor claims to have leaked 36,556 user records from Kirkpatrick Partners, LLC, including data fields such as usernames, emails, hashed passwords, registration details, user roles, names, nicknames, profile settings, and WordPress-specific metadata.
• Date: 2025-08-18T06:48:06Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-Kirkpatrick-Partners-LLC-Data-Breached-Leaked-Download
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/aa360b7e-5f68-4d85-8c4c-95f7593fdae1.png
• Threat Actors: N1KA
• Victim Country: USA
• Victim Industry: Professional Training
• Victim Organization: kirkpatrick partners, llc
• Victim Site: kirkpatrickpartners.com

---

25. Alleged data breach of NATO

• Category: Data Breach
• Content: The threat actor claims to be sharing a massive leaked database of 9GB containing 15 million NATO records related to armored vehicles, East Asian military strategies, economic data, and technological integration. The dataset (CSV/text) allegedly includes technical specifications (ID, name, type, weight, armor, gun, engine, mobility), unit types, deployment regions, defense spending, and strategic/geopolitical points.
• Date: 2025-08-18T06:14:02Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-15-Millions-NATO-Startegic-Economy-Diplomatic-and-Military-in-East-Asia-with-7-Milli
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/e376446e-ce6f-4f3f-be54-bc74c3307fd8.png
• Threat Actors: FreedomSecurity1337
• Victim Country: Belgium
• Victim Industry: International Affairs
• Victim Organization: nato
• Victim Site: nato.int

---

26. Alleged data leak of Belgium IBAN Database

• Category: Data Leak
• Content: The threat actor claims to have leaked a Belgium IBAN database, likely containing sensitive financial information.
• Date: 2025-08-18T04:51:44Z
• Network: openweb
• Published URL: https://leakbase.la/threads/belgium-iban-database.41602/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/13f1c920-a527-4f8e-9ea7-162bb25ff988.png
• Threat Actors: solip76526
• Victim Country: Belgium
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

27. Alleged leak of unauthorized access to Summit Computer Co., Ltd.

• Category: Initial Access
• Content: The group claims to have leaked unauthorized access to Summit Computer Co., Ltd.’s internal document archive and database system in Thailand.
• Date: 2025-08-18T04:46:48Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2408
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b3fd9f35-fc19-488a-bf96-9929b8e0ad79.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Information Technology (IT) Services
• Victim Organization: summit computer co., ltd.
• Victim Site: summitcomputer.co.th

---

28. Alleged leak of Cambodian government personnel database

• Category: Data Leak
• Content: The group claims to have leaked Cambodian government personnel database. The compromised data includes ID or user number, name in both Khmer and English, organization or position, affiliation or employer, possibly contact details or records.
• Date: 2025-08-18T04:15:28Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2407
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/acfb2110-5b78-41bc-b6a6-9249b1b8aa1f.png
• Threat Actors: NXBB.SEC
• Victim Country: Cambodia
• Victim Industry: Government & Public Sector
• Victim Organization: Unknown
• Victim Site: Unknown

---

29. Alleged leak of unauthorized admin access to Hugcode Company

• Category: Initial Access
• Content: The group claims to have gained unauthorized admin access to Hugcode Company.
• Date: 2025-08-18T03:57:17Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2406
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/325b5dc9-59b1-4023-adad-2012631b0707.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Software Development
• Victim Organization: hugcode company
• Victim Site: hugcode.co.th

---

30. Alleged data breach of Bureau of Indian Standards

• Category: Data Breach
• Content: The threat actor claims to have leaked a database from the Bureau of Indian Standards (BIS) government services portal. The leak includes records of around 470 laboratory entries across India, containing lab names, addresses, cities, states, contact numbers, and official email IDs of BIS branch and regional laboratories.
• Date: 2025-08-18T03:44:38Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-LEAKED-DATABASE-SERVICE-BIS-INDIA-GOV
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7cda3dc3-fd9b-4599-99c7-f8bd7aa5582f.png
• Threat Actors: petrush4x0r
• Victim Country: India
• Victim Industry: Government Administration
• Victim Organization: bureau of indian standards
• Victim Site: bis.gov.in

---

31. Alleged data leak of unidentified Healthcare organization in Thailand

• Category: Data Leak
• Content: The group claims to have leaked data from unidentified Healthcare organization in Thailand. The compromised data includes full names in both Thai and English, Thai national ID numbers, phone numbers, vaccination details such as vaccine type (Moderna, Sinovac, Sinopharm), hospital or vaccination site names, and appointment dates and times.
• Date: 2025-08-18T03:35:53Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2405
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/22743d02-73a9-47bf-bfd1-38e5180681a7.png
  • https://d34iuop8pidsy8.cloudfront.net/1d24c5bb-0c48-492e-a113-2e4820035245.png
  • https://d34iuop8pidsy8.cloudfront.net/6075a05f-7ab6-432e-b854-a42dd693f090.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Hospital & Health Care
• Victim Organization: Unknown
• Victim Site: Unknown

---

32. Alleged data breach of Bank of Latvia

• Category: Data Breach
• Content: The threat actor claims to be selling data from a breach of Bank of Latvia (Latvijas Banka), affecting 856,000 users. The compromised information allegedly includes usernames, passwords, IDs, emails, IBANs, addresses, and sensitive financial records such as customer bank statements and transfer lists.
• Date: 2025-08-18T03:26:09Z
• Network: openweb
• Published URL: https://x.com/xan_hacks/status/1957268864989044845
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7d095b84-65e1-45ef-8b69-031f2d5b0fc6.png
  • https://d34iuop8pidsy8.cloudfront.net/f45c5ccf-0076-479d-98d9-7735ced9f1ee.png
• Threat Actors: xan_hacks
• Victim Country: Latvia
• Victim Industry: Banking & Mortgage
• Victim Organization: latvijas banka
• Victim Site: bank.lv

---

33. Alleged data breach of SMK Negeri 1 Kaligondang

• Category: Data Breach
• Content: The threat actor claims to be selling a database from SMKN 1 Kaligondang, a vocational high school in Indonesia, allegedly containing student records with personal information such as full names and dates of birth.
• Date: 2025-08-18T03:17:21Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-LEAK-INDONESIA-SMKN-1-KALIGONDANG-Student-Names-Dates-of-Birth
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b42a04e2-28fc-4e5b-be64-0c73de7864cb.png
  • https://d34iuop8pidsy8.cloudfront.net/d30cd859-df21-4811-b0fc-b00f5c3f799b.png
  • https://d34iuop8pidsy8.cloudfront.net/fe417914-f104-4eda-aaad-83a3a6b2dab0.png
  • https://d34iuop8pidsy8.cloudfront.net/4a544f6e-a811-499c-ad1d-80360ef5ba10.png
• Threat Actors: Dhxlcfr
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: smk negeri 1 kaligondang
• Victim Site: smkn1kaligondang.sch.id

---

34. Alleged data breach of SMK Negeri 1 Wonosobo

• Category: Data Breach
• Content: The threat actor claims to have leaked a student data list from SMKN 1 Wonosobo, a vocational high school in Indonesia. The leaked information includes full names and dates of birth, with locations such as Wonosobo, Surakarta, and Jakarta also listed.
• Date: 2025-08-18T03:04:33Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-LEAK-INDONESIA-SMKN-1-WONOSOBO-Student-Names-Dates-of-Birth
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a647fbee-3cb0-4033-b755-578172a2d8f3.png
• Threat Actors: Dhxlcfr
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: smk negeri 1 wonosobo
• Victim Site: smkn1-wnb.sch.id

---

35. Alleged leak of unauthorized access to Royal Irrigation Department (Thailand)

• Category: Initial Access
• Content: The group claims to have gained unauthorized access to Royal Irrigation Department in Thailand.
• Date: 2025-08-18T02:59:20Z
• Network: telegram
• Published URL: https://t.me/nxbbsec/2401
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/94b2ba36-83c2-4f8a-b45f-14834ae55049.png
• Threat Actors: NXBB.SEC
• Victim Country: Thailand
• Victim Industry: Government Administration
• Victim Organization: royal irrigation department
• Victim Site: rid.go.th

---

36. Alleged sale of a multilingual keylogger

• Category: Malware
• Content: The threat actor claims to be selling customizable source code for a multilingual keylogger (records keystrokes, windows, and other activity) and a clipboard hijacker (redirects copied wallet addresses).
• Date: 2025-08-18T02:48:21Z
• Network: tor
• Published URL: https://xssforum7mmh3n56inuf2h73hvhnzobi7h2ytb3gvklrfqm7ut3xdnyd.onion/threads/142720/
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/57518f2d-e658-491a-bc6f-4de456f217f8.png
• Threat Actors: r3xq1
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

37. WOLF CYBER ARMY V2 targets the website of Desa Pattedong Selatan

• Category: Defacement
• Content: The group claims to have defaced the website of Desa Pattedong Selatan
• Date: 2025-08-18T02:42:27Z
• Network: telegram
• Published URL: https://t.me/WOLFV27/145
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/85a10bcf-1902-4c52-bf3f-d171cad10931.png
• Threat Actors: WOLF CYBER ARMY V2
• Victim Country: Indonesia
• Victim Industry: Government Administration
• Victim Organization: desa pattedong selatan
• Victim Site: pattedongselatan.desa.id

---

38. Alleged leak of emails and passwords from MINISTRY OF PRIMARY AND SECONDARY EDUCATION

• Category: Data Breach
• Content: The threat actor claims to have leaked a database of 100 compromised accounts from Indonesia’s Ministry of Education and Culture (kemdikbud.go.id). The dataset contains emails and plaintext passwords linked to the domain, exposing access to user accounts on the official government website.
• Date: 2025-08-18T02:24:36Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-100x-DATABASE-KEMDIKBUD-IDN
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/529b36b1-ebb8-4c69-9848-9ca7a9a6c5cd.png
  • https://d34iuop8pidsy8.cloudfront.net/e477e6a9-0f52-4d52-8f08-41339fa1002b.png
  • https://d34iuop8pidsy8.cloudfront.net/d784e4be-25a5-4f32-8af8-8e57aec607ad.png
  • https://d34iuop8pidsy8.cloudfront.net/01602280-7d78-4925-8681-511a978f47da.png
• Threat Actors: dafid
• Victim Country: Indonesia
• Victim Industry: Government Administration
• Victim Organization: ministry of primary and secondary education
• Victim Site: kemendikdasmen.go.id

---

39. Alleged sale of Cutlet Maker 1.0 F

• Category: Malware
• Content: The threat actor claims to be selling Cutlet Maker 1.0 F, an ATM jackpotting malware designed to exploit vulnerabilities in ATM controllers via USB access. The malware enables attackers to empty cash cassettes and includes a DIY kit with instructions, targeted ATM models, and operational guidance.
• Date: 2025-08-18T01:14:35Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-ATM-Jackpotting-Malware
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/2a3ebe6c-934d-4201-bf98-56f54f0ce837.png
• Threat Actors: majormotion
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

40. Alleged data breach of Argentine Army

• Category: Data Breach
• Content: The threat actor claims to be selling a database from the Argentine Army, allegedly containing around 84,000 records. The leaked data includes personal details, military IDs, ranks, units, divisions, birth dates, addresses, emails, phone numbers, emergency contacts, training history, and decorations of Argentine military personnel.
• Date: 2025-08-18T01:06:39Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-%F0%9F%94%A5%E2%AD%90%F0%9F%91%BDArgentine-Army-Database%F0%9F%91%BD%E2%AD%90%F0%9F%94%A5
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/d9430fd8-63af-48ed-9fd5-6d2946ae6233.png
  • https://d34iuop8pidsy8.cloudfront.net/1e0993db-91e4-4da9-a3db-cda95d92df52.png
• Threat Actors: HvcKMvsoneria33
• Victim Country: Argentina
• Victim Industry: Military Industry
• Victim Organization: argentine army
• Victim Site: ejercito.mil.ar

---

41. Alleged data leak of Personal database

• Category: Data Leak
• Content: A threat actor claims to have leaked a personal database containing names, national ID numbers (NIK), districts, and professions of individuals.
• Date: 2025-08-18T00:25:04Z
• Network: openweb
• Published URL: https://darkforums.st/Thread-DATABASE-LEAKED-DATABASE
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f6b4a0b7-3586-4c8b-b3b1-746913439b71.png
• Threat Actors: Dimzxzzx
• Victim Country: Indonesia
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

Conclusion The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from government administration and education to financial services and automotive, and impacting countries including Saudi Arabia, UK, Iran, Thailand, India, USA, France, Canada, Belarus, Philippines, Japan, Belgium, Cambodia, Latvia, Indonesia, and Argentina. The compromised data ranges from personal user information and credit card details to sensitive military documents, confidential company designs, and large customer databases. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to internal document archives, databases, and company networks. The sale of malware, including a multilingual keylogger and an ATM jackpotting tool, further underscores the availability of offensive capabilities in the cyber underground. The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.