[August-19-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged access sale to an unidentified U.S.-based law firm

2. Alleged leak of Canada Data

3. Holy league claims to target Saudi Arabia

4. Alleged sale of Xleak Bot

  • Category: Malware.
  • Content: The threat actor claims to be selling Xleak Bot (“THE ULP LINE BOT”), a Telegram-based tool for quickly searching and retrieving leaked credentials from both private and public sources. The bot allows users to search URLs, reveal usernames and emails, and access exposed passwords.
  • Date: 2025-08-19T12:17:45Z.
  • Network: openweb.
  • Published URL: (https://forum.exploit.in/topic/264563/).
  • Screenshots:
  • Threat Actors: Akagi.
  • Victim Country: Unknown.
  • Victim Industry: Unknown.
  • Victim Organization: Unknown.
  • Victim Site: Unknown.

5. Night Owll targets multiple websites

6. Alleged sale of mail access to Kleinanzeigen

7. Alleged Data Breach of FBI Internal Mail and Messenger Systems

  • Category: Data Breach.
  • Content: A threat actor claims to have breached the FBI’s internal mail and messenger systems, allegedly exposing confidential data of over 3,000 employees and licensed stores. The compromised information reportedly includes employee details (name, position, phone number, email, and Social Security Numbers), as well as store licensing records containing license names, store IDs, federal license numbers (FFL), contact details, and addresses.
  • Date: 2025-08-19T11:20:20Z.
  • Network: telegram.
  • Published URL: (https://t.me/n2LP_wVf79c2YzM0/810).
  • Screenshots:
  • Threat Actors: Infrastructure Destruction Squad.
  • Victim Country: USA.
  • Victim Industry: Law Enforcement.
  • Victim Organization: federal bureau of investigation.
  • Victim Site: fbi.gov.

8. Alleged leak of Israel government data

9. Alleged leak of Israeli mall’s customer data

10. Alleged sale of personal identifiable documents

11. Alleged leak of Uzbekistan medical data

12. Nullsec Philippines targets the website of Tire-Lire

13. Nullsec Philippines targets the website of Public Libraries Network of the Province of Namur (Belgium)

14. Alleged data breach of Regional Institute of Education, Bhopal

15. Alleged Sale of WordPress Exploit

16. Alleged data breach of Synergy Group of Institutions

17. Alleged sale of Russian Government mail addresses data

18. BABAYO EROR SYSTEM targets the website of Akademi Tata Boga Bandung

19. Alleged data breach of WaitWhatWeb

20. Alleged sale of RDWeb access to an unidentified Business Services in USA

21. Alleged leak of login access to DGA Digital ID

  • Category: Initial Access.
  • Content: A group claims to have leaked the login credentials from a portal operated by Thailand’s Digital Government Development Agency (DGA) that provides digital ID and e-government services.
  • Date: 2025-08-19T04:55:15Z.
  • Network: telegram.
  • Published URL: (https://t.me/nxbbsec/2424).
  • Screenshots:
  • Threat Actors: NXBB.SEC.
  • Victim Country: Thailand.
  • Victim Industry: Government & Public Sector.
  • Victim Organization: dga digital id.
  • Victim Site: connect.egov.go.th.

22. Alleged data breach of Digo

23. Alleged unauthorized access to True Internet Co., Ltd.

24. Alleged unauthorized access to Ubon Ratchathani Rajabhat University

25. Alleged leak of login access to Kids Plus

26. Alleged leak of admin access to unidentified financial company in china

27. Alleged leak of login access to Dhurakij Pundit University

  • Category: Initial Access.
  • Content: The group claims to have leaked the login credentials belonging to Student Life Cycle Management, a system used by Dhurakij Pundit University (DPU) in Thailand.
  • Date: 2025-08-19T03:04:47Z.
  • Network: telegram.
  • Published URL: (https://t.me/nxbbsec/2419).
  • Screenshots:
  • Threat Actors: NXBB.SEC.
  • Victim Country: Thailand.
  • Victim Industry: Higher Education/Acadamia.
  • Victim Organization: dhurakij pundit university.
  • Victim Site: slcm.dpu.ac.th.

28. Alleged leak of Instagram Critical Glitch

29. Alleged leak of unauthorized access to Taiwan Saneast Enterprise, Inc.

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from law enforcement and education to IT services and financial services, and impacting countries including the USA, Canada, Saudi Arabia, Germany, India, Uzbekistan, Belgium, Indonesia, and Thailand. The compromised data ranges from personal identifiable documents and email accounts to government records, internal system credentials, and customer databases.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to corporate networks (including RDWeb access to a US firm), and government and educational infrastructure. The sale of malware and exploits, including a WordPress exploit and a Telegram bot for searching leaked credentials, further underscores the availability of offensive capabilities in the cyber underground.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts