[August-28-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged Sale of Cracked Prynt Stealer 2024

2. Alleged sale of admin access to an OpenCart-Based Store in Australia

3. Alleged Database Leak of Credicorp

  • Category: Data Breach
  • Content: The threat actor claims to be selling a database allegedly belonging to Credicorp, a financial services holding company headquartered in Peru with operations across Latin America and the United States. The database reportedly contains over 568,000 records in SQL format, including approximately 16,900 unique email addresses and personal details such as names and email addresses of individuals.
  • Date: 2025-08-28T13:35:43Z
  • Network: openweb
  • Published URL: https://leakbase.la/threads/credicorp-d-leak.42046/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/7500e01d-e9ba-4a81-b3c3-4f211cfbb04e.png
  • Threat Actors: frog
  • Victim Country: Peru
  • Victim Industry: Financial Services
  • Victim Organization: credicorp ltd.
  • Victim Site: credicorpnet.com

4. Alleged sale of root access to an Magento store in France

5. Alleged unauthorized access to Solar Power Facility in Spain

  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to the energy management system of a solar power facility in Spain. The access allegedly enables full administrative control, including management of solar panels, adjustment of panel angles, monitoring and controlling battery charge levels, modifying operating schedules, and tracking real-time energy production and consumption.
  • Date: 2025-08-28T13:07:09Z
  • Network: telegram
  • Published URL: https://t.me/n2LP_wVf79c2YzM0/1264
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/634999e1-d523-4ceb-b2b3-c663c9b30cff.png
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Spain
  • Victim Industry: Renewables & Environment
  • Victim Organization: Unknown
  • Victim Site: Unknown

6. Alleged data leak of South American smart tech contributors

  • Category: Data Leak
  • Content: The threat actor claims to have leaked a list of smart technology administrators and contributors operating across South America. The exposed data includes full names, email addresses, phone numbers, and office addresses of representatives from companies such as SIDCO (Chile), Terranet Kolombia SAS (Colombia), Isde-Ecuador (Ecuador), Confortechnologies (Peru), Smart-Tech (Uruguay), LAUT C.A. (Venezuela) and many more.
  • Date: 2025-08-28T12:59:04Z
  • Network: openweb
  • Published URL: https://darkforums.st/Thread-Document-kontributor-admin-south-america
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/d0ade482-cbaf-4cd3-80e6-ca355e0dbb3d.png
  • Threat Actors: G4ll
  • Victim Country: Chile
  • Victim Industry: Information Technology (IT) Services
  • Victim Organization: Unknown
  • Victim Site: Unknown

7. Alleged access to unidentified transPV solar power plant, Romania

8. Alleged data breach of Bike for Good

9. Alleged data sale of Goa Industrial Development Corporation (GIDC)

10. Alleged data leak of PT. Mount Himun Peratama

11. Alleged sale of access to Trilateral Cooperation Secretariat (TCS)

12. Alleged data sale of Ministry of Public Security of Vietnam

13. Alleged Sale of UAE Citizens’ Contact Data

14. Alleged sale of unidentiifed Jewelry Store and Hospital Databases

15. Alleged data leak of Newmeet

  • Category: Data Breach
  • Content: The threat actor claims to have leaked a database from Newmeet, a dating site, containing 5,404,326 unique email addresses and sensitive user information such as gender, date of birth, passwords, geographic locations, IP addresses, social links, and bio-data. It reportedly occurred in 2017
  • Date: 2025-08-28T09:19:36Z
  • Network: openweb
  • Published URL: https://darkforums.st/Thread-DATABASE-Newmeet-com
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/31dbdb8f-3482-4482-b3ad-91ea199bd60a.png
  • Threat Actors: Tanaka
  • Victim Country: France
  • Victim Industry: Social Media & Online Social Networking
  • Victim Organization: newmeet
  • Victim Site: newmeet.com

16. Alleged unauthorized access to Ecoenerg Srl

  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to Ecoenerg Srl in Italy. The access allegedly enables control over cogeneration unit control block, managing electrical and thermal loads, full customization of parameters, heating control, alarm signal tracking, manage load and operating time, manage electrical and thermal loads directly through the system.
  • Date: 2025-08-28T09:12:28Z
  • Network: telegram
  • Published URL: https://t.me/n2LP_wVf79c2YzM0/1261
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/c1ac011c-9f16-4f50-9d4a-a2c355f1ddf3.JPG
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Italy
  • Victim Industry: Industrial Automation
  • Victim Organization: ecoenerg srl
  • Victim Site: ecoenerg.it

17. Alleged data sale of Awal Bros Hospital

18. Alleged data leak of University of Information Technology and Communications (UOITC)

19. Alleged data breach of Regional Institute of Education, Bhopal

  • Category: Data Breach
  • Content: The group claims to have compromised the official portal of India’s Integrated Teacher Education Programme (ITEP), managed by the Regional Institute of Education (RIE), Bhopal. The breach allegedly exposed sensitive NID information of 5,545 teachers, and the threat actor claims to hold administrator-level access to the portal.
  • Date: 2025-08-28T08:28:13Z
  • Network: telegram
  • Published URL: https://t.me/c/2594876836/148
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/ffcd2747-6974-4183-87d2-9770acfb62be.png
  • Threat Actors: TEAM BD CYBER NINJA
  • Victim Country: India
  • Victim Industry: Education
  • Victim Organization: regional institute of education, bhopal
  • Victim Site: itepriebhopalcounselling.in

20. Alleged Sale of Access to RDWeb Network

  • Category: Initial Access
  • Content: The threat actor claims to be selling access to a network associated with RDWeb in the USA. The alleged target operates in the Commercial & Residential Construction industry with an estimated revenue of $6 million. The compromised network reportedly includes 76 domain computers and 1 domain controller.
  • Date: 2025-08-28T08:26:39Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/265110/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/e9b5e68a-f8a8-439e-a2eb-82ab76279ebc.png
  • Threat Actors: samy01
  • Victim Country: USA
  • Victim Industry: Building and construction
  • Victim Organization: Unknown
  • Victim Site: Unknown

21. Alleged data breach of Colorado Health Network

22. Alleged data breach of General Presidency for the Affairs of the Grand Mosque and the Prophet’s Mosque

23. Alleged data sale of AIRWALLEX

24. Alleged leak of German casino user data

25. Allegede leak of Serbian data

26. Alleged data breach of MiFibra

27. Alleged unauthorized access to Colombian Aerospace Force

28. Alleged data breach of SAFESA (Salud Federal Salta)

29. Alleged sale of botnet log database

30. Alleged data breach of Vietnam Posts and Telecommunications Group

31. Alleged data leak of Canadian CyrptoForex Data

32. Alleged data breach of Ontario OUT of DOORS Magazine

33. Alleged data breach of Airports of Thailand Public Co.,Ltd

34. Alleged data leak of US Air Force & Navy Placement in Asia Pacific

35. Alleged data breach of OSIPTEL

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from finance and e-commerce to government, healthcare, and education. These events impact a wide range of countries, including Peru, Australia, Vietnam, India, Indonesia, the USA, and multiple European nations. The compromised data ranges from personal user information and financial details to sensitive health records and government employee data.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to e-commerce stores, corporate networks, and critical infrastructure, such as energy facilities in Spain and Romania and aerospace systems in Colombia. The sale of malware, including a cracked information stealer, further underscores the availability of offensive capabilities in the cyber underground.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts