This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
1. TEAM BD CYBER NINJA targets the website of Apotheke am St. Martin
- Category: Defacement
- Content: The group claims to have defaced the website of Apotheke am St. Martin. Mirror Link: https://haxor.id/archive/mirror/232529
- Date: 2025-08-27T13:39:10Z
- Network: telegram
- Published URL: https://t.me/c/2594876836/145
- Screenshots:
- Threat Actors: TEAM BD CYBER NINJA
- Victim Country: Austria
- Victim Industry: Healthcare & Pharmaceuticals
- Victim Organization: apotheke am st. martin
- Victim Site: apo-st-martin.at
2. Alleged data leak from Bagru, Rajasthan, India
- Category: Data Leak
- Content: The threat actor claims to have leaked database of 1,000 beneficiaries from Bagru, Rajasthan. The data includes names, mobile numbers, date of birth, education, training status, ward details, village, and working city/state.
- Date: 2025-08-27T13:26:42Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-1k-Indian-Database-State-Rajasthan-City-Bagru
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
3. Alleged data breach of e-Stat
- Category: Data Breach
- Content: The threat actor claims to be selling data of 78 million Japanese residents, allegedly stolen from e-Stat. The compromised data includes cellphone numbers, email addresses, names, gender, addresses, occupations, and country.
- Date: 2025-08-27T13:24:32Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-78-million-data-of-Japanese-residents-leaked-from-the-official-website-of-the-popula
- Screenshots:
- Threat Actors: DigitalGhostt
- Victim Country: Japan
- Victim Industry: Government Administration
- Victim Organization: e-stat
- Victim Site: e-stat.go.jp
4. Alleged Sale of Corporate RDP Accesses
- Category: Initial Access
- Content: The threat actor claims to be selling 44 corporate RDP accesses obtained via brute force. The accesses reportedly span organizations in the USA, Italy, Canada, Spain, Belgium, Germany, and Norway, with company revenues between $5M-$80M.
- Date: 2025-08-27T13:19:45Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265063/
- Screenshots:
- Threat Actors: A.C.A.B
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
5. Alleged Sale of U.S. Credit Card details
- Category: Data Leak
- Content: The threat actor claims to be selling a dataset containing 130 U.S. credit card , with an alleged 70% validity rate. The information reportedly includes card number, expiration date, CVV, card type (debit/credit), subtype, cardholder name, country code, state, city, ZIP code, address, phone number, email, and IP address.
- Date: 2025-08-27T13:13:41Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265059/
- Screenshots:
- Threat Actors: magically
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: Unknown
- Victim Site: Unknown
6. Alleged data sale of Chitkara University
- Category: Data Breach
- Content: The threat actor claims to be selling data from Chitkara University, allegedly containing user ID, comment ID, comment post ID, comment date, comment type, comment agent, comment karma, comment author, and more.
- Date: 2025-08-27T12:26:11Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-CHITKARA-UNIVERSITY-2GB-DATA
- Screenshots:
- Threat Actors: LelouchNull
- Victim Country: India
- Victim Industry: Education
- Victim Organization: chitkara university
- Victim Site: chitkara.edu.in
7. Alleged sale of Indonesia’s Dukcapil
- Category: Initial Access
- Content: The threat actor claims to be selling the Dukcapil Indonesia database, allegedly containing API access, search by name, get NIK info, and facial recognition.
- Date: 2025-08-27T11:58:58Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Indonesia-Dukcapil-API-Facial-Recognition
- Screenshots:
- Threat Actors: chaniago
- Victim Country: Indonesia
- Victim Industry: Government Administration
- Victim Organization: disdukcapil
- Victim Site: dukcapil.kemendagri.go.id
8. Alleged Sale of Access to Compromised Italian E-Commerce Shop
- Category: Initial Access
- Content: The threat actor claims to be selling access to a Prestashop-based online store in Italy. The listing advertises Shell and Adminer access, along with details of monthly transactions ranging from 2,000 to 4,700 orders.
- Date: 2025-08-27T11:01:44Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265046/
- Screenshots:
- Threat Actors: kqu
- Victim Country: Italy
- Victim Industry: E-commerce & Online Stores
- Victim Organization: Unknown
- Victim Site: Unknown
9. Alleged data leak from Kolhapur, Maharashtra, India
- Category: Data Leak
- Content: The threat actor claims to have leaked database from Kolhapur, Maharashtra, India. The leaked database includes mobile numbers, names, father’s names, dates of birth, ages, education details, village locations, workplace information, and more.
- Date: 2025-08-27T10:55:42Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Database-Indian-State-Maharastra-City-Kolhapur
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
10. Alleged sale of U.S. high-income individual’s data
- Category: Data Leak
- Content: The threat actor claims to be selling a U.S. high-income individual’s database, allegedly obtained between 2024 and 2025. The compromised data contains entries from morningstar.com, bloomberg.com, merrilledge.com, americancentury.com, zackstrade.com, upstox.com, vanguard.com, and more.
- Date: 2025-08-27T10:37:17Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-US-High-Income-Individuals-Databases-Stocks-Investments-Luxury-Real-Estate-etc–26412
- Screenshots:
- Threat Actors: chuhai888
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
11. Alleged sale of Exodus Wallet Leads
- Category: Data Breach
- Content: The threat actor claims to be selling Exodus wallet leads with balance, allegedly containing email, name, address, phone number and wallet.
- Date: 2025-08-27T10:27:39Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-US-Exodus-Wallet-Leads-with-Balance-Wallet-Address–26411
- Screenshots:
- Threat Actors: chuhai888
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: exodus
- Victim Site: exodus.com
12. Alleged Sale of Access to U.S. Building and Construction Firm
- Category: Initial Access
- Content: The threat actor claims to be selling unauthorized access to a U.S.-based building and construction company. The access includes RDP, VPN, and CPanel with local admin rights. The actor further claims the victim organization reports an annual financial revenue of approximately $6.5 million
- Date: 2025-08-27T10:20:49Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265029/
- Screenshots:
- Threat Actors: DocAgent101
- Victim Country: USA
- Victim Industry: Building and construction
- Victim Organization: Unknown
- Victim Site: Unknown
13. Alleged data breach of Willrich Precision Instrument Company, Inc
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Willrich Precision Instrument Company, Inc., allegedly containing user login, user email, source user ID, user password, user URL, user registered, display name, role, name, description, and more.
- Date: 2025-08-27T09:55:40Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Willrich-Precision-Instrument-Company-Inc-US-%E2%80%93-Database-Exposure
- Screenshots:
- Threat Actors: MrAxSiKucingHitam
- Victim Country: USA
- Victim Industry: Machinery Manufacturing
- Victim Organization: willrich precision instrument company, inc
- Victim Site: willrich.com
14. Alleged access to unidentified corporate surveillance system at industrial site in Romania
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to the video surveillance and security management system of a construction or industrial facility in Dragalina, Romania. The access allegedly enables full administrative control, including management of cameras and sensors, adjustment of system settings, disabling of alerts, and retrieval of archived and real-time footage with facial recognition and analytics capabilities.
- Date: 2025-08-27T08:24:51Z
- Network: telegram
- Published URL: https://t.me/Z_ALLIANCE/614
- Screenshots:
- Threat Actors: Z-ALLIANCE
- Victim Country: Romania
- Victim Industry: Building and construction
- Victim Organization: Unknown
- Victim Site: Unknown
15. Alleged data breach of New Zealand Secret
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of New Zealand Secret, allegedly containing user login, user email, source user ID, user password, user URL, display name, role, name, description, and more.
- Date: 2025-08-27T08:07:26Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-NZ-NEW-ZEALEND-SECRET-COMPANY
- Screenshots:
- Threat Actors: MrAxSiKucingHitam
- Victim Country: New Zealand
- Victim Industry: Cosmetics
- Victim Organization: new zealand secret
- Victim Site: newzealandsecret.com
16. Alleged data breach of Daihen Electric Co., Ltd.
- Category: Data Breach
- Content: The group claims to have breached 125GB data of Daihen Electric Co., Ltd.
- Date: 2025-08-27T08:03:05Z
- Network: telegram
- Published URL: https://t.me/anon_ndtsec/7
- Screenshots:
- Threat Actors: NDT SEC
- Victim Country: Thailand
- Victim Industry: Electrical & Electronic Manufacturing
- Victim Organization: daihen electric co., ltd.
- Victim Site: daihen.co.th
17. Alleged sale of Dendroid Android RAT tool
- Category: Malware
- Content: The threat actor claims to be selling the Dendroid Android RAT tool, allegedly containing delete SMS, send SMS to all contacts, call numbers, delete call log, open page, open dialog, open app, HTTP flood, update app, transfer bot, and more.
- Date: 2025-08-27T07:55:25Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Source-Code-Dendroid-Android-Rat-2025
- Screenshots:
- Threat Actors: dimexor4381
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
18. Trojan 1337 targets the website of Nuralapur High School
- Category: Defacement
- Content: The group claims to have defaced the website of Nuralapur High School
- Date: 2025-08-27T07:54:27Z
- Network: telegram
- Published URL: https://t.me/c/2805167925/47
- Screenshots:
- Threat Actors: Trojan 1337
- Victim Country: Bangladesh
- Victim Industry: Education
- Victim Organization: nuralapur high school
- Victim Site: nuralapurhighschool.edu.b
19. Alleged data leak of State Records from Devas, Madhya Pradesh, India
- Category: Data Leak
- Content: The threat actor claims to have leaked a state database from Devas, Madhya Pradesh, India. The leaked database includes mobile numbers, names, dates of birth, ages, education details, village locations, ward numbers, working cities, working states, and more.
- Date: 2025-08-27T07:49:41Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Database-India-State-Madhya-Pradesh-City-Devas
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
20. Alleged sale of RDWeb access to an unidentified Retail company in Belgium
- Category: Initial Access
- Content: Threat actor claims to be selling RDWeb access to an unidentified Retail company in Belgium.
- Date: 2025-08-27T06:30:25Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265042/
- Screenshots:
- Threat Actors: Big-Bro
- Victim Country: Belgium
- Victim Industry: Retail Industry
- Victim Organization: Unknown
- Victim Site: Unknown
21. Alleged Data Leak of State Records from Sagar, Madhya Pradesh, India
- Category: Data Leak
- Content: The threat actor claims to have leaked a state database from Sagar, Madhya Pradesh, India. The leaked database includes a wide range of personally identifiable information (PII) such as full names, mobile phone numbers, dates of birth, ages, and parents’ names. It also contains details about individuals’ educational qualifications such as 5th pass, 10th pass, or 12th pass.
- Date: 2025-08-27T06:23:24Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-State-Database-Madhya-PradeshCity-Sagar-India
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
22. Alleged Data Breach of Golden Hospital
- Category: Data Breach
- Content: Threat actor claims to be selling the database of Golden Hospital in Nepal.
- Date: 2025-08-27T06:11:07Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-www-goldenhospital-com
- Screenshots:
- Threat Actors: gurkhasec
- Victim Country: Nepal
- Victim Industry: Hospital & Health Care
- Victim Organization: golden hospital
- Victim Site: goldenhospital.com
23. Alleged unauthorized access to Radio Management System of Vietnam Academy of Science and Technology
- Category: Initial Access
- Content: The threat actor claims to have gained unauthorized access to Radio Management System of Vietnam Academy of Science and Technology.
- Date: 2025-08-27T05:58:58Z
- Network: telegram
- Published URL: https://t.me/YourAnonSRVN/1590
- Screenshots:
- Threat Actors: Anonymous SRVN
- Victim Country: Vietnam
- Victim Industry: Higher Education/Acadamia
- Victim Organization: radio management of vietnam academy of science and technology.
- Victim Site: truyenthanh.datviettv.vn
24. Alleged data leak of Vietnamese school data
- Category: Data Leak
- Content: The threat actor claims to have leaked a database of Vietnamese primary and secondary school records.
- Date: 2025-08-27T05:58:54Z
- Network: openweb
- Published URL: https://leakbase.la/threads/vietnamese-primary-and-secondary-schools.42000/
- Screenshots:
- Threat Actors: show_more
- Victim Country: Vietnam
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
25. Alleged Leak of Australian Database
- Category: Data Leak
- Content: Threat actor claims to have leaked a database containing a massive volume of Australian personal records.
- Date: 2025-08-27T04:56:34Z
- Network: openweb
- Published URL: https://leakbase.la/threads/australian-database-leak.41999/
- Screenshots:
- Threat Actors: Heavens
- Victim Country: Australia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
26. Z-ALLIANCE targets the website of Bagrynivska School
- Category: Defacement
- Content: The group claims to have defaced the website of Bagrynivska School.
- Date: 2025-08-27T04:00:29Z
- Network: telegram
- Published URL: https://t.me/Z_ALLIANCE/605
- Screenshots:
- Threat Actors: Z-ALLIANCE
- Victim Country: Ukraine
- Victim Industry: Education
- Victim Organization: bagrynivska school
- Victim Site: bagr.ltedu.vn.ua
27. Alleged Data Leak of It’s Boba Time
- Category: Data Breach
- Content: Threat actor claims to have obtained the data of Boba Time .
- Date: 2025-08-27T03:59:34Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-BOBBA-TIME-DATA-FRANCHISE-DATA-LEAK
- Screenshots:
- Threat Actors: nostra
- Victim Country: USA
- Victim Industry: Food & Beverages
- Victim Organization: it’s boba time
- Victim Site: itsbobatime.com
28. TengkorakCyberCrew targets multiple websites in India
- Category: Defacement
- Content: The group claims to have defaced multiple Indian Websites. Mirror Link: http://zone-h.org/archive/notifier=Jaring
- Date: 2025-08-27T03:51:43Z
- Network: telegram
- Published URL: https://t.me/TengkorakCyberCrewzz/4839
- Screenshots:
- Threat Actors: TengkorakCyberCrew
- Victim Country: India
- Victim Industry: Mining/Metals
- Victim Organization: 4msi
- Victim Site: 4msi.org
29. Alleged Data Leak of USA Personal Records
- Category: Data Leak
- Content: The threat actor claims to have a bulk database leak containing sensitive personal information from the USA, including driver’s license data (front and back), Social Security Numbers (SSNs), selfies, and other personal details.
- Date: 2025-08-27T03:10:33Z
- Network: openweb
- Published URL: https://leakbase.la/threads/bulk-dl-ssn-selfie-dl-front-back-usa-pm-me-your-tg.41997/
- Screenshots:
- Threat Actors: hackerzone
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
30. Alleged data leak of Colombia Personal Data
- Category: Data Leak
- Content: Threat actor claims to be selling access to personal data APIs in Colombia. The exposed modules allegedly include Traffic Fines, People v1, People v2, Licenses & Procedures, and Contact Information. The compromised data includes national ID number, full name, traffic violations, license details, and phone/email contact information.
- Date: 2025-08-27T03:00:53Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Colombia-Personal-Data-APIs-Rest
- Screenshots:
- Threat Actors: SPOA
- Victim Country: Colombia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
31. Alleged data leak of phone numbers of multiple countries
- Category: Data Leak
- Content: Threat actor claims to have leaked data of phone numbers from multiple countries, including Albania, Germany, Afghanistan, Algeria, Saudi Arabia, Argentina, Australia, Austria, Bangladesh, Belgium, Bolivia, Brazil, Bulgaria, Canada, Chile, China, Colombia, Costa Rica, Croatia, Cuba, Denmark, Ecuador, Egypt, El Salvador, United Arab Emirates, etc.
- Date: 2025-08-27T02:55:06Z
- Network: tor
- Published URL: https://xssforum7mmh3n56inuf2h73hvhnzobi7h2ytb3gvklrfqm7ut3xdnyd.onion/threads/142860/
- Screenshots:
- https://d34iuop8pidsy8.cloudfront.net/0d39b0ee-c021-41d8-a0aa-9f9c06c01f21.png
- https://d34iuop8pidsy8.cloudfront.net/730d2a04-7ce8-4739-89f5-7f02e48f6fff.png
- https://d34iuop8pidsy8.cloudfront.net/70012d18-d8e2-4901-a2ca-83a1280b5bc3.png
- https://d34iuop8pidsy8.cloudfront.net/0ce666e9-f95c-483e-a6d7-0b184231002c.png
- https://d34iuop8pidsy8.cloudfront.net/43fbecd1-5255-401f-8962-bfa1f776bed8.png
- Threat Actors: aisdata
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
32. Alleged data leak of Spain Assurance database
- Category: Data Leak
- Content: The threat actor claims to have leaked a database of Spain Assurance database, allegedly containing over 769,336 records of sensitive personal information. This includes full names, email addresses, phone numbers, IBANs, ZIP codes, and several internal identifiers.
- Date: 2025-08-27T02:46:08Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-769-336-lines-Spain-Assurance-database-Full-name-phone-Iban-zip-Email
- Screenshots:
- Threat Actors: moscow077
- Victim Country: Spain
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
33. Alleged sale of unauthorized access to an unidentified Telecom company based in Taiwan
- Category: Initial Access
- Content: Threat actor claims to be selling shell/root access to a Telecom company based in Taiwan .
- Date: 2025-08-27T02:37:16Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Taiwan-Telecom-Initial-Access
- Screenshots:
- Threat Actors: xxtix
- Victim Country: Taiwan
- Victim Industry: Network & Telecommunications
- Victim Organization: Unknown
- Victim Site: Unknown
34. Alleged Data Breach of Canada Computers & Electronics
- Category: Data Breach
- Content: Threat actor claims to have leaked data from Canada Computers. The compromised database allegedly contains customer ID, name, address, postal code, city, phone numbers, VAT number, and delivery instructions.
- Date: 2025-08-27T02:22:25Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-Canada-database-canadacomputers-ca-Address-File-CVS-SQL-Format
- Screenshots:
- Threat Actors: RainbowDF
- Victim Country: Canada
- Victim Industry: Retail Industry
- Victim Organization: canada computers & electronics
- Victim Site: canadacomputers.ca
35. Alleged Data Breach of Technical College of Applied Studies
- Category: Data Breach
- Content: Threat actor claims to have obtained the data of College of Applied Technical Studies in Subotica.
- Date: 2025-08-27T00:16:20Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Leaked-of-the-College-of-Applied-Technical-Studies-in-Subotica
- Screenshots:
- Threat Actors: YK3
- Victim Country: Serbia
- Victim Industry: Education
- Victim Organization: technical college of applied studies
- Victim Site: vts.su.ac.rs
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats occurring on August 27, 2025. Data breaches and data leaks are the most prominent categories, affecting a wide range of countries including the USA, India, Japan, Vietnam, and Colombia. These incidents involve the exposure of extensive personal and financial data, from 78 million Japanese residents’ records to numerous state-level databases in India. The compromised data frequently includes highly sensitive PII such as names, contact information, government IDs, and financial details.
Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized entry into corporate networks across various sectors like telecommunications, e-commerce, and construction in countries such as the USA, Italy, Romania, and Taiwan. These listings often include valuable access methods like RDP, VPN, and shell access.
Website defacements and the sale of malware, specifically an Android RAT, further underscore the multifaceted nature of the threat landscape. The targeted industries are varied, ranging from government administration and financial services to education and healthcare, indicating that no sector is immune. The incidents collectively demonstrate that organizations globally face persistent threats of data exfiltration, network intrusion, and the availability of malicious tools on both the open and dark web.