[August-20-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Alleged data sale of Bouygues Telecom
  1. Alleged data leak of multiple French company databases
  1. Alleged data breach of MTsS. DARUL ULUM KOTABARU
  1. Alleged data breach of Kerala Local Self Government Department
  1. Alleged sale of Greenwich University data
  1. Alleged data sale of Kimo.com.tw
  1. Alleged sale of Rock Records data
  1. Alleged data sale of Sunny Tennis
  1. Alleged leak of an unidentified U.S. bank database
  • Category: Data Leak
  • Content: The threat actor claims to have leaked full user data from an unidentified U.S. database, totaling 110,000 user records. The dataset reportedly contains first names, last names, addresses, cities, phone numbers, ZIP codes, and other banking-related details.
  • Date: 2025-08-20T11:47:31Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/264624/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/6706f367-6082-4283-9e81-69aa67df07f3.png
  • Threat Actors: cobenotow
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of Onchain data
  1. Alleged data breach of Techno Bondhu
  1. Alleged data breach of Ukrainian Armed Forces
  1. Alleged sale of X3 Express VPN premium accounts
  1. Alleged sale of 15K Gmail accounts
  1. Alleged sale of Israel Defence Force and Sovcom bank
  1. Alleged sale of 10K U.S. credit card records
  • Category: Data Leak
  • Content: The threat actor claims to be selling 10,500 U.S. credit card records, with a claimed 60%+ authorization success rate and 25%+ AVS (Address Verification System) approval. The dataset includes standard credit card fields such as CC number, expiration date, CVV, cardholder name, address, city, state, ZIP, and for 3,000 entries, also email and phone numbers.
  • Date: 2025-08-20T08:56:28Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/264610/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/e1eb6bca-509c-4d85-91d9-c15b8c852e6c.png
  • Threat Actors: cashmoneycard
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged leak of Brazilian citizens database
  1. Alleged sale of Instagram database
  1. Alleged Leak of Botswana Mobile Number
  1. Alleged sale of wordpress plugins
  1. NoName targets the website of Antwerp Fried Chicken
  1. Alleged sale of UK shopping database
  1. NoName targets the website of Callneat
  1. Fatimion cyber team claims to target the website of Zionist entity
  1. Alleged leak of contact details from the United Arab Emirates
  1. Alleged data breach of Ant Village, Wonokerto District
  • Category: Data Breach
  • Content: The threat actor claims to have leaked the entire database of Ant Village (Desa Semut) in Wonokerto District. The leaked information reportedly includes details such as mother’s and father’s names, full residential addresses, province names, district names, subdistrict names, village names, neighborhood units (RW/RT), and other personal identifiers.
  • Date: 2025-08-20T06:23:51Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-LEAKED-ANT-VILLAGE-SITE-GO-ID)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/1cb4bf21-c44a-4422-bce8-b6243576b82e.png
  • Threat Actors: darknessX404
  • Victim Country: Indonesia
  • Victim Industry: Government Administration
  • Victim Organization: ant village, wonokerto district
  • Victim Site: desasemut.wordpress.com
  1. Alleged leak of unauthorized access to an unidentified organization’s industrial control system (ICS)
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to an unidentified organization’s industrial control system (ICS), allegedly taking full control over silos, production line equipment, and process parameters.
  • Date: 2025-08-20T06:17:47Z
  • Network: telegram
  • Published URL: (https://t.me/Z_alliance_ru/973)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/09c733bd-b956-4b41-80e4-5a0e165ab10b.png
  • Threat Actors: Z-ALLIANCE
  • Victim Country: Unknown
  • Victim Industry: Manufacturing & Industrial Products
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged unauthorized access to an unidentified government organization in Jordan
  1. Ruskinet claims to target Serbia
  1. Alleged data breach of GOBIERNO BOLIVARIANO DE VENEZUELA
  1. Alleged data breach of BET10
  1. H3C4KEDZ targets the website of ACD Vending Machines
  1. H3C4KEDZ targets the website of Acar Air and Heat
  1. H3C4KEDZ targets the website of ACD Vending Machines
  1. H3C4KEDZ targets the website of 7 Landscaping Inc
  1. Alleged data leak of Singapore Job Hunting Leads
  • Category: Data Leak
  • Content: A threat actor claims to have leaked over 150,000 job hunting records from Singapore in XLSX format, dated between 2024 and 2025. The data, dumped on August 20, 2025, includes personal details such as email, name, mobile number, job history, and qualifications. Some entries also contain sensitive IDs like NRIC, Work Permit, or PR numbers.
  • Date: 2025-08-20T03:47:05Z
  • Network: openweb
  • Published URL: (https://leakbase.la/threads/singapore-job-hunting-leads.41677/)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/a858c11d-d2fc-4803-8b79-d7eb60a7df0d.png
  • Threat Actors: anubisdex
  • Victim Country: Singapore
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of WP admin access to an unidentified shop in Australia
  1. Alleged data breach of Universidad César Vallejo
  • Category: Data Breach
  • Content: The threat actor claims to have breached student records from Cesar Vallejo University (UCV) in Peru. The exposed information includes names, surnames, national ID numbers (DNI), phone numbers, email addresses, and academic programs. The breach compromises sensitive personal and academic details of enrolled students
  • Date: 2025-08-20T01:36:22Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-DATABASE-UCV-STUDENT)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/674d75c0-dbe4-433e-bd0e-5b0d5c813aa0.png
  • Threat Actors: Deadman
  • Victim Country: Peru
  • Victim Industry: Education
  • Victim Organization: universidad césar vallejo
  • Victim Site: ucv.edu.pe

Conclusion The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education and gaming to healthcare and automotive, and impacting countries including Bangladesh, Mexico, Malaysia, India, Indonesia, France, Brazil, and Israel. The compromised data ranges from personal user information and credit card details to sensitive patient records, classified military components, and large customer databases. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to banking systems, corporate networks (including RDWeb access to Canadian and UK firms), and even government and military infrastructure like the Royal Thai Air Force and Madrid’s irrigation system. The sale of malware, including penetration testing tools and DDoS tools, further underscores the availability of offensive capabilities in the cyber underground. The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts