This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
1. Alleged Data Breach of UBL Bank in Pakistan
- Category: Data Breach
- Content: Threat Actor claims to have breached the database of UBL Bank in Pakistan, exposing 9,000 records containing branch names, provinces, branch codes, and depositor names and addresses.
- Date: 2025-12-06T22:01:32Z
- Network: tor
- Published URL: http://763olyp74dxnq4wrzukk3dde6ffahxxjzealf3bzvdoyd7tptksxiiad.onion/Thread-SELLING-9-thousand-UBL-bank-databases-breached
- Screenshots:
- Threat Actors: RETAABI
- Victim Country: Pakistan
- Victim Industry: Banking & Mortgage
- Victim Organization: ubl bank
- Victim Site: ubldigital.com
2. Alleged Sale of Denmark Citizen Database
- Category: Data Breach
- Content: A threat actor claims to be selling a database of 900,000 Danish citizens which includes includes first names, last names, emails, dates of birth, phone numbers, city information, and occupations.
- Date: 2025-12-06T21:50:31Z
- Network: tor
- Published URL: http://763olyp74dxnq4wrzukk3dde6ffahxxjzealf3bzvdoyd7tptksxiiad.onion/Thread-CSV-DENMARK-DATABASE-2025
- Screenshots:
- Threat Actors: xzokerx
- Victim Country: Denmark
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
3. Alleged Data Breach of AT&T
- Category: Data Breach
- Content: Threat Actor claims to have breached the AT&T carrier database, exposing 5 million U.S customer records containing names, phone numbers, SSNs, dates of birth, email addresses, and physical addresses, indicating the leak of highly sensitive personal data.
- Date: 2025-12-06T21:13:30Z
- Network: openweb
- Published URL: https://leakbase.la/threads/at-t-carrier-database-2025.46897/
- Screenshots:
- Threat Actors: zoozkooz
- Victim Country: USA
- Victim Industry: Network & Telecommunications
- Victim Organization: at&t
- Victim Site: att.com
4. Alleged Sale of Unauthorized Admin Access to a WordPress Shop in Italy
- Category: Initial Access
- Content: Threat Actor claims to be selling unauthorized admin access to a WordPress shop in Italy which includes details such as Stripe, PayPal, cash-on-delivery, and bank transactions.
- Date: 2025-12-06T20:46:27Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271517/
- Screenshots:
- Threat Actors: Reve
- Victim Country: Italy
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
5. 0x6ick targets the website of Upskill Talent
- Category: Defacement
- Content: The Group claims to have defaced the website of Upskill Talent.
- Date: 2025-12-06T20:36:24Z
- Network: openweb
- Published URL: https://defacer.id/mirror/id/214698
- Screenshots:
- Threat Actors: 0x6ick
- Victim Country: Pakistan
- Victim Industry: Software Development
- Victim Organization: upskill talent
- Victim Site: upskillstalent.com
6. 0x6ick targets the website of AgriLivestock
- Category: Defacement
- Content: The Group claims to have defaced the website of AgriLivestock.
- Date: 2025-12-06T20:31:52Z
- Network: openweb
- Published URL: https://defacer.id/mirror/id/214684
- Screenshots:
- Threat Actors: 0x6ick
- Victim Country: Pakistan
- Victim Industry: Agriculture & Farming
- Victim Organization: agrilivestock
- Victim Site: agrilivestock.org
7. 0x6ick targets the website of Capital Hills Investments
- Category: Defacement
- Content: The Group claims to have defaced the website of Capital Hills Investments.
- Date: 2025-12-06T20:27:07Z
- Network: openweb
- Published URL: https://defacer.id/mirror/id/214686
- Screenshots:
- Threat Actors: 0x6ick
- Victim Country: Pakistan
- Victim Industry: Financial Services
- Victim Organization: capital hills investments
- Victim Site: capitalhillsinvest.com
8. 404 CREW CYBER TEAM targets the website of PetPal
- Category: Defacement
- Content: The Group claims to have defaced the website of PetPal.
- Date: 2025-12-06T20:20:22Z
- Network: openweb
- Published URL: https://defacer.id/mirror/id/214737
- Screenshots:
- Threat Actors: 404 CREW CYBER TEAM
- Victim Country: Brazil
- Victim Industry: Retail Industry
- Victim Organization: petpal
- Victim Site: petpal.com.br
9. Alleged Data Breach of UNDER ARMOUR
- Category: Data Breach
- Content: Threat Actor claims to have breached the database of Under Armour, exposing millions of personal data records from multiple countries along with 343GB of internal company data.
- Date: 2025-12-06T20:05:52Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271516/
- Screenshots:
- Threat Actors: Shenron
- Victim Country: USA
- Victim Industry: Sporting Goods
- Victim Organization: under armour
- Victim Site: underarmour.com
10. Alleged Data Breach of LOGITECH
- Category: Data Breach
- Content: Threat Actor claims to have breached the database of Logitech, exposing millions of personal data records from multiple countries along with 1.75TB of internal company data.
- Date: 2025-12-06T19:56:40Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271515/
- Screenshots:
- Threat Actors: Shenron
- Victim Country: Switzerland
- Victim Industry: Consumer Electronics
- Victim Organization: logitech
- Victim Site: logitech.com
11. Benchmark falls victim to Everest Ransomware
- Category: Ransomware
- Content: The group claims to have obtained the organization’s data.
- Date: 2025-12-06T19:44:29Z
- Network: tor
- Published URL: http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/news/Benchmark_Electronics/
- Screenshots:
- Threat Actors: Everest
- Victim Country: USA
- Victim Industry: Electrical & Electronic Manufacturing
- Victim Organization: benchmark
- Victim Site: bench.com
12. Alleged Data Breach of Area 52
- Category: Data Breach
- Content: Threat Actor claims to have breached the database of Area 52 which includes the organization’s promotional details.
- Date: 2025-12-06T19:43:19Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271512/
- Screenshots:
- Threat Actors: letchik
- Victim Country: USA
- Victim Industry: Food & Beverages
- Victim Organization: area 52
- Victim Site: area52.com
13. Alleged Data Breach of CRRC MA America Exposing Los Angeles Metro and Union Station Data
- Category: Data Breach
- Content: Threat Actor claims to have breached the database of CRRC MA America, leaking 238 GB of data that includes Los Angeles Union Station signaling files, LA Metro HR4000 project documents, Boston Metro files, and complete train design and safety documentation.
- Date: 2025-12-06T19:27:15Z
- Network: openweb
- Published URL: https://forum.exploit.biz/topic/271509/
- Screenshots:
- Threat Actors: zestix
- Victim Country: USA
- Victim Industry: Railroad Manufacture
- Victim Organization: crrc ma america
- Victim Site: crrcma.com
14. Alleged Data Leak of 41 Million Germany Mobile Database
- Category: Data Breach
- Content: Threat Actor claims to have leaked a Germany mobile database containing 41 million records, including mobile numbers and dates of birth.
- Date: 2025-12-06T18:48:31Z
- Network: openweb
- Published URL: https://leakbase.la/threads/germany-41m-mobile-with-dob-2025.46894/
- Screenshots:
- Threat Actors: show_more
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
15. Alleged Data Leak of 14 Million Crypto Email Database
- Category: Data Breach
- Content: Threat Actor claims to have leaked the crypto email database containing 14 million records.
- Date: 2025-12-06T18:41:30Z
- Network: openweb
- Published URL: https://leakbase.la/threads/14-million-crypto-email-database.46893/
- Screenshots:
- Threat Actors: Pijush507
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats occurring on December 6, 2025. Data breaches and leaks are prominent, affecting various sectors from banking and telecommunications to sporting goods and consumer electronics, and impacting countries including Pakistan, Denmark, the USA, Italy, Brazil, and Switzerland. The compromised data ranges from personal user information and social security numbers to sensitive internal company data and large customer databases.
Beyond data compromise, the report also reveals significant activity in website defacements and ransomware attacks. Threat actors such as RETAABI, Shenron, and 0x6ick have been particularly active, targeting organizations like UBL Bank, Under Armour, Logitech, and various regional entities. The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration and reputational damage.