[August-4-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Alleged sale of access to an unidentified Brazilian financial data center
  1. Alleged VPS Payment Bypass Exploit
  • Category: Vulnerability
  • Content: The threat actor claims to be selling a 0day payment exploit affecting a well-known VPS provider. The exploit allegedly allows users to activate and use VPS/VDS services without making any actual payment, as the system falsely marks orders as “Paid.” The seller claims the servers are instantly activated with no verification or delays.
  • Date: 2025-08-04T14:22:12Z
  • Network: openweb
  • Published URL: (https://breachforums.hn/Thread-Paid-VPS-Exploit-0day)
  • Screenshots:
  • Threat Actors: Z10N
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data leak of Myanmar’s Internal Revenue Department (IRD)
  1. Alleged sale of admin access to an unauthorized organization in France
  1. Alleged sale of U.S. Network Access
  • Category: Initial Access
  • Content: The threat actor claims to be selling access to U.S.-based network environment, boasting around 100 compromised hosts and domain-level access. The listing includes a domain user account protected by SonicWall and AV Defender. The compromised environment contains approximately 17 million records.
  • Date: 2025-08-04T13:48:25Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/263663/)
  • Screenshots:
  • Threat Actors: Big-Bro
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of U.S. Network Access
  • Category: Initial Access
  • Content: The threat actor claims to be selling access to U.S.-based network environment, boasting around 150 compromised hosts and domain-level access. The listing includes a domain user account protected by SonicWall and AV Defender. The compromised environment contains approximately 10 million records.
  • Date: 2025-08-04T13:42:25Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/263662/)
  • Screenshots:
  • Threat Actors: Big-Bro
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data sale of ShafaDoc
  1. Alleged sale of FluxPanel
  1. Alleged data leak of Metrologu.ru LLC
  1. Alleged data sale of Government of the Islamic Republic of Iran
  • Category: Data Breach
  • Content: The threat actor claims to be selling a database of Government of the Islamic Republic of Iran, allegedly containing personal details of Iranian citizens and high-ranking officials. The exposed data reportedly includes full names, father’s names, national IDs, dates of birth, phone numbers, email addresses, and home addresses.
  • Date: 2025-08-04T13:15:42Z
  • Network: openweb
  • Published URL: (https://breachforums.hn/Thread-SELLING-IRAN-iran-gov-ir-BREACHED)
  • Screenshots:
  • Threat Actors: xploitleaks
  • Victim Country: Iran
  • Victim Industry: Government Administration
  • Victim Organization: government of the islamic republic of iran
  • Victim Site: iran.gov.ir
  1. Alleged data leak of Satro-Paladine
  1. Russian Partisan targets the website of FIZZY VAPES LTD
  1. Alleged data leak of Yandex maps
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a database allegedly from Yandex Maps on 2022, reportedly containing 995,000 location records, of which approximately 902,000 include email addresses. The leaked data appears to list businesses and points of interest across Russia, featuring organization names, categories, full physical addresses, coordinates, and multiple contact emails.
  • Date: 2025-08-04T11:38:44Z
  • Network: openweb
  • Published URL: (https://breachforums.hn/Thread-DATABASE-Database-Leaked-Yandex-maps-2022)
  • Screenshots:
  • Threat Actors: johnwick1122
  • Victim Country: Russia
  • Victim Industry: Information Technology (IT) Services
  • Victim Organization: yandex maps
  • Victim Site: yandex.com
  1. Alleged unauthorized access to Vilniaus vandenys
  1. Alleged SCADA Access of the Carlsbad Desalination Project
  1. Allege data leak of Spirit.Fitness
  1. Alleged data leak of students in Russia’s Kemerovo Region.
  1. Alleged sale of Solana Crypto Trading Bot
  • Category: Malware
  • Content: The threat actor claims to be selling a Solana trading bot built in Rust, optimized for high-frequency trading. It functions as a Nonjito bundler and features built-in Anti-snipe and MEV protection to defend against front-running. With an execution speed of under 1 millisecond, the tool is designed for stability and performance, making it suitable for novice users seeking an edge on the Solana blockchain.
  • Date: 2025-08-04T09:47:03Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-Crypto-Trading-Bot)
  • Screenshots:
  • Threat Actors: 456
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of Crypto MEV Bot
  1. Alleged data leak of BK-STROY
  1. Alleged sale of Rdweb access to Geo Agric
  1. Alleged data leak of OVHcloud
  1. Alleged sale of unauthorized access to mixed email accounts
  1. Alleged data leak of Ho Chi Minh City College of Transport (HCMCT)
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a student database from the Ho Chi Minh City College of Transport in Vietnam. The exposed data includes highly sensitive information such as student IDs, passwords, full names, birth details, addresses, ID card numbers, academic scores, contact details (phone, email), parent and family information, political affiliations, course details, and graduation records.
  • Date: 2025-08-04T07:43:21Z
  • Network: openweb
  • Published URL: (https://breachforums.hn/Thread-Website-hcmct-edu-vn)
  • Screenshots:
  • Threat Actors: Ls1jWohGKtwY0iZ2yU
  • Victim Country: Vietnam
  • Victim Industry: Education
  • Victim Organization: ho chi minh city college of transport (hcmct)
  • Victim Site: hcmct.edu.vn
  1. Alleged data leak of Selective Service System
  1. Alleged Data Breach of Personnel Management Information System indonesia
  1. TEAM BD CYBER NINJA targeted the website of Playback Clube
  1. TEAM BD CYBER NINJA targeted the website of Playback Clube
  1. Alleged sale of 500K+ Canada corporate contact records
  1. Alleged data leak of South Korea Gaming Platform User Database
  1. Alleged data leak of Student Portal UK
  1. Alleged data breach of Social Golf Australia
  1. Alleged data leak of an unidentified Argentina government website
  1. Alleged Data leak of Chinese E-Commerce Platform
  1. Alleged Data Breach of Germany E-Commerce Customers
  1. Alleged leak of Japanese comprehensive service providers database
  1. Alleged Data Breach of Chinese E-Commerce Platform
  1. Alleged data leak of Brazil Customer Database with Partial Vehicle Details
  1. Alleged leak of Employee Directory data from an unidentified Telecom firm in Bangladesh
  • Category: Data Leak
  • Content: The threat actor claims to be selling a leaked employee directory containing data on approximately 1.3 million individuals affiliated with the Bangladesh telecom sector. The exposed information reportedly includes names (first, middle, last), email addresses, dates of birth, gender, employment rank, status, affiliations, and multiple contact numbers (mobile, office, residential), along with physical addresses.
  • Date: 2025-08-04T03:48:46Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-1-3M-Bangladesh-Telecom-Employee-Directory-Leak)
  • Screenshots:
  • Threat Actors: dumpster
  • Victim Country: Bangladesh
  • Victim Industry: Network & Telecommunications
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of Argentina Healthcare Beneficiary Database
  1. Alleged Unauthorized Access to smart parking system
  • Category: Initial Access
  • Content: The threat actor claims to have breached a smart parking system operated by a Taiwanese government agency, gaining full control over its central infrastructure, including surveillance cameras, payment terminals, license plate databases, and financial records. According to the actor, data on over 3,000 vehicles—such as license plate numbers and entry/exit logs—was exfiltrated, along with detailed financial records including parking bills and payment methods. The system’s operations were allegedly disrupted, temporarily disabling entry and exit gates.
  • Date: 2025-08-04T02:16:21Z
  • Network: telegram
  • Published URL: (https://t.me/n2LP_wVf79c2YzM0/775)
  • Screenshots:
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Taiwan
  • Victim Industry: Government Administration
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged Data Leak of French Citizens Records
  • Category: Data Leak
  • Content: The threat actor claims to have leaked a database containing detailed records of over 60,000 French citizens. The data includes names, emails, birthdates, addresses, phone numbers, and purchase history from a retail loyalty program.
  • Date: 2025-08-04T01:32:08Z
  • Network: openweb
  • Published URL: (https://kittyforums.to/thread/783)
  • Screenshots:
  • Threat Actors: cacaboudin
  • Victim Country: France
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged Sale of California Driver’s License Records from Online Marijuana Store
  1. Alleged data leak of Turkish credit card records
  1. Alleged Sale of California Driver’s License Records from Online Marijuana Store
  1. Alleged data breach of Dentalastec S.r.l.
  • Category: Data Breach
  • Content: The threat actor claims to have leaked the dentalastec.it database, exposing sensitive data including names, emails, phone numbers, locations, and professional roles of medical and dental professionals. The leak contains detailed personal information of hundreds of individuals.
  • Date: 2025-08-04T00:27:22Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-dentalastec-it-DataBase-Leak)
  • Screenshots:
  • Threat Actors: RL000
  • Victim Country: Italy
  • Victim Industry: Medical Equipment Manufacturing
  • Victim Organization: dentalastec s.r.l.
  • Victim Site: dentalastec.it
  1. Alleged data leak of National Police Spain
  1. Alleged data breach of ixigo

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education and gaming to healthcare and automotive, and impacting countries including Bangladesh, Mexico, Malaysia, India, Indonesia, France, Brazil, and Israel. The compromised data ranges from personal user information and credit card details to sensitive patient records, classified military components, and large customer databases. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to banking systems, corporate networks (including RDWeb access to Canadian and UK firms), and even government and military infrastructure like the Royal Thai Air Force and Madrid’s irrigation system. The sale of malware, including penetration testing tools and DDoS tools, further underscores the availability of offensive capabilities in the cyber underground. The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts