[December-10-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged leak of login access to Central Bankruptcy Court, Office of the Judiciary

  • Category: Initial Access
  • Content: Threat actor claims to have leaked login credentials belonging to Central Bankruptcy Court, Office of the Judiciary.
  • Date: 2025-12-10T23:46:15Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/577

Screenshots: https://d34iuop8pidsy8.cloudfront.net/c94decf0-521f-46c4-a301-53453d269c28.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Judiciary
  • Victim Organization: central bankruptcy court, office of the judiciary
  • Victim Site: esv-cbc.coj.go.th

2. Alleged leak of login access to National Health Security Office (NHSO)

  • Category: Initial Access
  • Content: Threat actor claims to have leaked login credentials belonging to National Health Security Office (NHSO).
  • Date: 2025-12-10T23:46:12Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/576

Screenshots: https://d34iuop8pidsy8.cloudfront.net/c789963c-6ce4-4241-ba57-125bb07adc31.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Government & Public Sector
  • Victim Organization: national health security office (nhso)
  • Victim Site: nhso.go.th

3. Alleged Data Breach of the Sukhoi S-70 Okhotnik-B Fighter Jet.

Screenshots: https://d34iuop8pidsy8.cloudfront.net/288b7a3f-d0fb-4a07-b0d6-eeb25f2f042b.png

  • Threat Actors: jrintel
  • Victim Country: Russia
  • Victim Industry: Defense & Space
  • Victim Organization: sukhoi company
  • Victim Site: uacrussia.ru

4. Alleged leak of login credentials to the afvc eservice

  • Category: Initial Access
  • Content: The group claims to have leaked login credential of afvc eservice
  • Date: 2025-12-10T23:35:51Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/571

Screenshots: https://d34iuop8pidsy8.cloudfront.net/7f3bd6d2-5ed6-413d-801d-2be28786b587.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Veterinary
  • Victim Organization: afvc eservice
  • Victim Site: eservice.afvc.dld.go.th

5. Sunshine Group Joint Stock Company falls victim to Qilin Ransomware

Screenshots: https://d34iuop8pidsy8.cloudfront.net/693dcbc4-0293-4161-ba31-607502871550.png https://d34iuop8pidsy8.cloudfront.net/473c2b19-0259-4249-abf7-9523f8bb76bc.png https://d34iuop8pidsy8.cloudfront.net/28419977-0801-4ec9-b2cb-19e6faeaf98e.png

  • Threat Actors: Qilin
  • Victim Country: Vietnam
  • Victim Industry: Real Estate
  • Victim Organization: sunshine group joint stock company
  • Victim Site: sunshinegroup.vn

6. Alleged leak of login credentials to Community Book House

  • Category: Initial Access
  • Content: The group claims to have leaked login credential of Community Book House
  • Date: 2025-12-10T23:28:18Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/570

Screenshots: https://d34iuop8pidsy8.cloudfront.net/7d2df2a8-8552-4374-9d44-51c746be4731.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Library
  • Victim Organization: community book house
  • Victim Site: cbh.nfe.go.th

7. Alleged Unauthorized Access to a Ukrainian System

  • Category: Initial Access
  • Content: The group claims to have alleged unauthorized access incident has been reported involving a system belonging to a Ukrainian individual. The attack reportedly involved the deployment of advanced malware within the network, with claims of attempts to intercept encrypted communications.
  • Date: 2025-12-10T23:18:30Z
  • Network: telegram
  • Published URL: https://t.me/n2LP_wVf79c2YzM0/2821

Screenshots: https://d34iuop8pidsy8.cloudfront.net/77b10839-0b5e-44c9-95fc-6b80f6f8b621.png

  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Ukraine
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

8. Alleged leak of login credentials to the Department of Skill Development, Thailand, under Ministry of Labour

  • Category: Initial Access
  • Content: The group claims to have leaked login credential Department of Skill Development, Thailand, under Ministry of Labour
  • Date: 2025-12-10T23:13:20Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/575

Screenshots: https://d34iuop8pidsy8.cloudfront.net/b491dfe3-bff9-4884-9e6d-587c250a2dde.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Government Administration
  • Victim Organization: department of skill development, thailand, under ministry of labour
  • Victim Site: dsd.go.th

9. Alleged leak of login credentials to the Songkhla Provincial Local Administration Office

  • Category: Initial Access
  • Content: The group claims to have leaked login credentials of Songkhla Provincial Local Administration Office
  • Date: 2025-12-10T23:08:28Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/574

Screenshots: https://d34iuop8pidsy8.cloudfront.net/9abf0ed0-87c7-4e8e-909c-4a8d2f88933f.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Government Administration
  • Victim Organization: songkhla provincial local administration office
  • Victim Site: sk-local.go.th

10. Alleged Sale of CRYPTO MIXER – OVERMIXER

  • Category: Malware
  • Content: The threat actor claims to be promoting Overmixer, a multi-layer cryptocurrency mixing service designed to increase transactional privacy. The service advertises features such as multi-chain support, no-log operations, multiple output wallets, custom delay curves, and advanced UTXO separation.
  • Date: 2025-12-10T22:30:53Z
  • Network: openweb
  • Published URL: https://darkforums.st/Thread-Selling-CRYPTO-MIXER-OVERMIXER

Screenshots: https://d34iuop8pidsy8.cloudfront.net/563403e4-6bd1-4270-a2e6-ac5ad8c6cf33.png

  • Threat Actors: fuckoverflow
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

11. Alleged Data Leak of UK Passports

  • Category: Data Breach
  • Content: Threat Actor claims to have leaked 83 scanned and photographed UK passports, along with a small number belonging to travelers from other countries. All files are in PDF format and reportedly obtained from a phishing operation the previous day.
  • Date: 2025-12-10T22:30:02Z
  • Network: openweb
  • Published URL: https://forum.exploit.biz/topic/271805/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/88a94dce-38e5-4ce9-ba1a-ac410bdb865d.png https://d34iuop8pidsy8.cloudfront.net/7c827d0a-18af-4033-b349-dceeaf79c839.png https://d34iuop8pidsy8.cloudfront.net/f6f694b3-597c-4b12-997c-e6c8a125d0db.png

  • Threat Actors: J_Thief
  • Victim Country: UK
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

12. Alleged leak of login credentials to the Technological Innovation Research and Development Group of the Royal Thai Police

  • Category: Initial Access
  • Content: The group claims to have leaked login credentials associated with the Technological Innovation Research and Development Group, under the Royal Thai Police.
  • Date: 2025-12-10T22:10:40Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/569

Screenshots: https://d34iuop8pidsy8.cloudfront.net/819e9b87-c434-45ee-a400-fa6e70e97646.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Law Enforcement
  • Victim Organization: royal thai police
  • Victim Site: innovation.police.go.th

13. Groupe ETMB falls victim to Qilin Ransomware

Screenshots: https://d34iuop8pidsy8.cloudfront.net/3f550059-e11e-4c27-b976-726131e17a9d.png https://d34iuop8pidsy8.cloudfront.net/a54eebd3-6914-4c0d-92b9-b13a781b7216.png https://d34iuop8pidsy8.cloudfront.net/55f4f193-22f6-4f06-a7a9-a44362641d86.png

  • Threat Actors: Qilin
  • Victim Country: France
  • Victim Industry: Building and construction
  • Victim Organization: groupe etmb
  • Victim Site: etmb.fr

14. Alleged leak of login credentials to Electronic Service Central Bankruptcy Court

  • Category: Initial Access
  • Content: The group claims to have leaked login credentials to the Electronic Service system of the Central Bankruptcy Court, which operates under the Court of Justice, Thailand.
  • Date: 2025-12-10T22:02:09Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/567

Screenshots: https://d34iuop8pidsy8.cloudfront.net/19bc6dc2-6974-4dc0-864a-25ffdf43e08b.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Judiciary
  • Victim Organization: court of justice, thailand
  • Victim Site: esv-cbc.coj.go.th

15. Alleged leak of login credentials to National Archives of Thailand

  • Category: Initial Access
  • Content: The group claims to have leaked login credentials to National Archives of Thailand
  • Date: 2025-12-10T21:52:22Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/566

Screenshots: https://d34iuop8pidsy8.cloudfront.net/c98f8cb5-fc6f-41ca-b62e-1b977cc8f165.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Government Administration
  • Victim Organization: national archives of thailand
  • Victim Site: archives.nat.go.th

16. DedSec_Philippines targets the website of Department of Trade and Industry

Screenshots: https://d34iuop8pidsy8.cloudfront.net/5f73b50a-18b4-4fbc-b081-a32d24ec1078.png

  • Threat Actors: DedSec_Philippines
  • Victim Country: Philippines
  • Victim Industry: International Trade & Development
  • Victim Organization: department of trade and industry
  • Victim Site: dti.gov.ph

17. Alleged leak of login credentials to Office of the Basic Education Commission (OBEC)

  • Category: Initial Access
  • Content: The group claims to have leaked login credentials to Office of the Basic Education Commission (OBEC)
  • Date: 2025-12-10T21:48:30Z
  • Network: telegram
  • Published URL: https://t.me/kxichixxsec/563

Screenshots: https://d34iuop8pidsy8.cloudfront.net/eebb93ee-9458-4390-93fc-0a820bc31cec.png

  • Threat Actors: Kxichixxsec
  • Victim Country: Thailand
  • Victim Industry: Education
  • Victim Organization: office of the basic education commission (obec)
  • Victim Site: cse-elearning.obec.go.th

18. Alleged Leak of SFR-French Radiotelephone Company

Screenshots: https://d34iuop8pidsy8.cloudfront.net/d96e3d11-f748-40d7-a506-7e0ec11a3bf0.png

  • Threat Actors: Frenshyny
  • Victim Country: France
  • Victim Industry: Network & Telecommunications
  • Victim Organization: sfr-french radiotelephone company
  • Victim Site: sfr.fr

19. Alleged data breach of Rolladen Group

  • Category: Data Breach
  • Content: The threat actor claims to be selling a 496,000-record personal data leak from the German company rolladenplanet.de, a business specializing in roller shutters and related home products. According to the post, the dataset allegedly includes email addresses, phone numbers, full names, complete home addresses, gender details, and other customer information from users in Germany and Austria.
  • Date: 2025-12-10T21:36:50Z
  • Network: openweb
  • Published URL: https://darkforums.st/Thread-Selling-DE-rolladenplanet-de-personal-data-496-000

Screenshots: https://d34iuop8pidsy8.cloudfront.net/372182b7-73bd-4f8c-b8b4-35b087771255.png https://d34iuop8pidsy8.cloudfront.net/c9f452b3-9135-4a4b-b2b4-a7401ab94b4a.png

  • Threat Actors: Sorb
  • Victim Country: Germany
  • Victim Industry: Manufacturing
  • Victim Organization: rolladen group
  • Victim Site: rolladenplanet.de

20. Alleged data breach of SeaRates

Screenshots: https://d34iuop8pidsy8.cloudfront.net/426a8681-96e8-453e-9bff-d47e400079fa.png

  • Threat Actors: GhostSec
  • Victim Country: UAE
  • Victim Industry: Transportation & Logistics
  • Victim Organization: searates
  • Victim Site: searates.com

21. Alleged Data Breach of Chevron Group

Screenshots: https://d34iuop8pidsy8.cloudfront.net/1086d2d8-a138-4ef6-99a0-48e5e0bc149c.png

  • Threat Actors: Spirigatito
  • Victim Country: Malta
  • Victim Industry: Management Consulting
  • Victim Organization: chevron group
  • Victim Site: chevron.group

22. Alleged data leak of Hermosillo Municipal Police

  • Category: Data Breach
  • Content: The group claims to have leaked a dataset containing sensitive information related to police officers from the municipality of Hermosillo, Mexico. The dataset reportedly include weapons records, personal details, officer photographs, and allegations of abuse of authority.
  • Date: 2025-12-10T20:58:25Z
  • Network: telegram
  • Published URL: https://t.me/c/3211040888/253

Screenshots: https://d34iuop8pidsy8.cloudfront.net/6362be34-e7cf-4893-ad4c-5130f12e8f8c.png

  • Threat Actors: Chronus leaks
  • Victim Country: Mexico
  • Victim Industry: Law Enforcement
  • Victim Organization: hermosillo municipal police
  • Victim Site: hermosillo.gob.mx

23. Alleged data breach of freenet.de

Screenshots: https://d34iuop8pidsy8.cloudfront.net/598edd4b-80a5-4e16-b717-6e1b9652165e.png

  • Threat Actors: socializer
  • Victim Country: Germany
  • Victim Industry: Network & Telecommunications
  • Victim Organization: freenet.de
  • Victim Site: freenet.de

24. Chronus leaks targets the website of San Rafael Business Directory

  • Category: Defacement
  • Content: The group claims to have defaced the website of San Rafael Business Directory.
  • Date: 2025-12-10T20:34:16Z
  • Network: telegram
  • Published URL: https://t.me/c/3211040888/250

Screenshots: https://d34iuop8pidsy8.cloudfront.net/19ccf821-5a91-416b-a10b-13bdc655d362.png

  • Threat Actors: Chronus leaks
  • Victim Country: Argentina
  • Victim Industry: Marketing, Advertising & Sales
  • Victim Organization: chronus leaks
  • Victim Site: guiarsanrafael.com.ar

25. Dark Storm Team claims to target the website of X

  • Category: Alert
  • Content: A recent post by the group claims that they are targeting X
  • Date: 2025-12-10T20:15:34Z
  • Network: telegram
  • Published URL: https://t.me/Darkstormbackup3/39

Screenshots: https://d34iuop8pidsy8.cloudfront.net/f8de90a2-fcfb-4eff-ac76-f3683e60e906.png

  • Threat Actors: Dark Storm Team
  • Victim Country: USA
  • Victim Industry: Social Media & Online Social Networking
  • Victim Organization: x corp.
  • Victim Site: x.com

26. NOTRASEC TEAM targets the subdomain of Universitas Gadjah Mada (UGM)

  • Category: Defacement
  • Content: The group claims to have defaced the subdomain of Universitas Gadjah Mada (UGM)
  • Date: 2025-12-10T19:31:13Z
  • Network: telegram
  • Published URL: https://t.me/c/2622575053/1041

Screenshots: https://d34iuop8pidsy8.cloudfront.net/1b8bfe85-efb8-4b73-9f6e-5f03f1dd0ed8.png

  • Threat Actors: NOTRASEC TEAM
  • Victim Country: Indonesia
  • Victim Industry: Education
  • Victim Organization: universitas gadjah mada (ugm)
  • Victim Site: ilhamahmadadani0404.web.ugm.ac.id

27. Alleged sale of unauthorized access to an unidentified Business Services in China

  • Category: Initial Access
  • Content: The threat actor claims to be selling unauthorized access to a China-based business services company with an estimated $580,000 annual revenue. The access type includes dAna-na (remote access), with user-level privileges inside the domain.
  • Date: 2025-12-10T19:06:04Z
  • Network: openweb
  • Published URL: https://xss.pro/ads-manager/packages/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/a7b37666-0a08-4b9a-91a0-acdc3266c6da.png

  • Threat Actors: C3FaRiR
  • Victim Country: China
  • Victim Industry: Business Supplies & Equipment
  • Victim Organization: Unknown
  • Victim Site: Unknown

28. Alleged sale of unauthorized access to an unidentified Consumer Electronics in Philippine

  • Category: Initial Access
  • Content: The threat actor claims to be selling unauthorized access to a Philippines-based consumer electronics company with an estimated $55,000 annual revenue. The access type includes Citrix, with user-level privileges inside the domain.
  • Date: 2025-12-10T18:57:55Z
  • Network: openweb
  • Published URL: https://xss.pro/threads/144745/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/5297811f-0610-438b-bb85-5196898b76da.png

  • Threat Actors: C3FaRiR
  • Victim Country: Philippines
  • Victim Industry: Consumer Electronics
  • Victim Organization: Unknown
  • Victim Site: Unknown

29. Alleged initial access to a Coastal Gas Well Control System of LyondellBasell

  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to a Coastal Gas Well Control System operated by LyondellBasell. The actor states they can view real‑time well data, shut down wells via emergency valves, adjust choke positions, modify gas flow rates, override safety controls, and trigger emergency shutdowns.
  • Date: 2025-12-10T18:57:08Z
  • Network: telegram
  • Published URL: https://t.me/nullsechackers/686

Screenshots: https://d34iuop8pidsy8.cloudfront.net/524bfcba-f914-4006-b1ed-d32cd31bda7d.png

  • Threat Actors: Nullsec Philippines
  • Victim Country: USA
  • Victim Industry: Chemical Manufacturing
  • Victim Organization: lyondellbasell industries n.v.
  • Victim Site: lyondellbasell.com

30. Alleged Sale of Unauthorized PMA and Admin Access to an E-Commerce Store in Germany

  • Category: Initial Access
  • Content: Threat Actor claims to be selling unauthorized PMA and full admin access to a an E-commerce store in Germany, where payments are processed 95% through PayPal and 5% via bank transfer.
  • Date: 2025-12-10T18:55:08Z
  • Network: openweb
  • Published URL: https://forum.exploit.biz/topic/271785/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/0a4ac650-9d09-4f0b-a6a4-2559daed1556.png

  • Threat Actors: bobby_killa
  • Victim Country: Germany
  • Victim Industry: E-commerce & Online Stores
  • Victim Organization: Unknown
  • Victim Site: Unknown

31. Alleged Sale of Unauthorized admin Access to Paymentwall

Screenshots: https://d34iuop8pidsy8.cloudfront.net/95d1ad89-9197-4579-9753-f045af962942.png

  • Threat Actors: crazyboy68
  • Victim Country: USA
  • Victim Industry: Financial Services
  • Victim Organization: paymentwall
  • Victim Site: paymentwall.com

32. Alleged Sale of Unauthorized 10 VPN Account Accesses in USA

  • Category: Initial Access
  • Content: Threat Actor claims to be selling 10 unauthorized VPN account accesses in USA, taken from fake accounts where victims unknowingly enter their own credentials.
  • Date: 2025-12-10T18:28:59Z
  • Network: openweb
  • Published URL: https://forum.exploit.biz/topic/271786/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/542aeadf-e6c0-4c8b-be70-df30fe56ac94.png

  • Threat Actors: Password
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

33. INDRAMAYU CHAOS SYSTEM targets the website of Indonesia Integrated Consulting Network (ICON)

  • Category: Defacement
  • Content: The group claims to have defaced the website of Indonesia Integrated Consulting Network (ICON)
  • Date: 2025-12-10T18:06:51Z
  • Network: telegram
  • Published URL: https://t.me/c/3427600175/62

Screenshots: https://d34iuop8pidsy8.cloudfront.net/0dbd1fe9-137e-47d7-b1d2-81e9eb696302.png https://d34iuop8pidsy8.cloudfront.net/97530ac5-635b-4a79-9456-43f9dcef6daa.png

  • Threat Actors: INDRAMAYU CHAOS SYSTEM
  • Victim Country: Indonesia
  • Victim Industry: Professional Services
  • Victim Organization: indonesia integrated consulting network (icon)
  • Victim Site: icon-inkindo.com

34. Alleged Sale of Unauthorized Corpus Access to an Unidentified U.S. Company

  • Category: Initial Access
  • Content: Threat Actor claims to be selling unauthorized Corpus Access to an Unidentified U.S. Company.
  • Date: 2025-12-10T17:54:14Z
  • Network: openweb
  • Published URL: https://forum.exploit.biz/topic/271783/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/7b7a1293-f04d-43bb-b133-1ac44823593a.png

  • Threat Actors: Rincewind
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

35. Sweetener Supply Corporation falls victim to akira Ransomware

Screenshots: https://d34iuop8pidsy8.cloudfront.net/8755105a-038a-4183-9299-2a718ffb6288.png

  • Threat Actors: akira
  • Victim Country: USA
  • Victim Industry: Food & Beverages
  • Victim Organization: sweetener supply corporation
  • Victim Site: sweetenersupply.com

36. Alleged Sale of Unauthorized NetSupport Access to a Belgium Building Finishing Services Company

  • Category: Initial Access
  • Content: Threat Actor claims to be selling unauthorized NetSupport access to a Belgium Building Finishing Services company, stating that the target uses Windows Defender and that access can be transferred via NetSupport using CMD/PowerShell.
  • Date: 2025-12-10T17:30:17Z
  • Network: openweb
  • Published URL: https://forum.exploit.biz/topic/271784/

Screenshots: https://d34iuop8pidsy8.cloudfront.net/15e4904b-48c3-4ae9-ba79-1869e26d311d.png

  • Threat Actors: Doodlejumptraff
  • Victim Country: Belgium
  • Victim Industry: Building and construction
  • Victim Organization: Unknown
  • Victim Site: Unknown

37. INDRAMAYU CHAOS SYSTEM targets the website of Klan Klin Hygiene

  • Category: Defacement
  • Content: The group claims to have defaced the website of Klan Klin Hygiene.
  • Date: 2025-12-10T17:16:31Z
  • Network: telegram
  • Published URL: https://t.me/c/3427600175/62

Screenshots: https://d34iuop8pidsy8.cloudfront.net/9bfc8d92-a2fc-483f-b781-67d34cfcba18.png https://d34iuop8pidsy8.cloudfront.net/f82ceaf6-5e72-4da6-b6ec-55da7429e987.png

  • Threat Actors: INDRAMAYU CHAOS SYSTEM
  • Victim Country: India
  • Victim Industry: Consumer Goods
  • Victim Organization: klan klin hygiene
  • Victim Site: klanklinhygiene.com

38. Lonich Patton Ehrlich Policastri falls victim to Qilin Ransomware

Screenshots: https://d34iuop8pidsy8.cloudfront.net/c17b51b2-8e9e-44bb-a336-db5edfe64954.png

  • Threat Actors: Qilin
  • Victim Country: USA
  • Victim Industry: Law Practice & Law Firms
  • Victim Organization: lonich patton ehrlich policastri
  • Victim Site: lpeplaw.com

39. INDRAMAYU CHAOS SYSTEM targets the website of Bicara Data Foundation

  • Category: Defacement
  • Content: The group claims to have defaced the website of Bicara Data Foundation.
  • Date: 2025-12-10T17:07:05Z
  • Network: telegram
  • Published URL: https://t.me/c/3427600175/62

Screenshots: https://d34iuop8pidsy8.cloudfront.net/b1fec192-2fcf-4dec-8485-cce09847f470.png https://d34iuop8pidsy8.cloudfront.net/5bb4f379-da22-4b44-a0e2-5e0d6dcc6238.png

  • Threat Actors: INDRAMAYU CHAOS SYSTEM
  • Victim Country: Indonesia
  • Victim Industry: Research Industry
  • Victim Organization: bicara data foundation
  • Victim Site: bicaradata.id

40. Roman & Sunstone falls victim to akira Ransonware

Screenshots: https://d34iuop8pidsy8.cloudfront.net/47fbdf89-4bf2-4f80-89d6-30f3c36fafe8.png

  • Threat Actors: akira
  • Victim Country: USA
  • Victim Industry: Wholesale
  • Victim Organization: roman & sunstone
  • Victim Site: romansunstone.com

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Initial access sales and data breaches are particularly prominent, affecting various sectors from government and education to healthcare and finance, and impacting countries including Thailand, the USA, Indonesia, France, and Vietnam. The compromised data ranges from personal user information and sensitive government credentials to confidential corporate documents. Beyond data compromise, the report also reveals significant activity in ransomware attacks by groups like Qilin and Akira, as well as website defacements by actors such as INDRAMAYU CHAOS SYSTEM. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts