[July-15-2025] Daily Cybersecurity Threat Report

1. Introduction

This report provides a factual summary of incidents, derived exclusively from the provided JSON data. The objective is to present a direct, structured overview of each event, strictly adhering to the source material. This approach ensures that the report remains a precise transcription and presentation of incident details, including associated published_url and screenshots as recorded within the original data. No external analysis, interpretations, or hypothetical scenarios are included, aligning precisely with the requirements for unadulterated factual reporting.

2. Detailed Incident Records

This section provides a comprehensive record for each individual incident, presenting all available data points directly from the source material. Each incident is clearly delineated for ease of reference and detailed review.

Incident: Alleged leak of 18,496 emails of Israeli

Category: Data Leak
Content: The threat actor claims to have leaked the 18,496 emails of israel.
Date: 2025-07-15T13:51:37Z
Network: openweb
Published URL:(https://darkforums.st/Thread-18-496-Israeli-emails-by-RuskiNet-Group)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7d69ab29-1683-4660-89a3-4da4d97cdcb2.png

Threat Actors: YK3
Victim Country: Israel
Victim Industry:
Victim Organization:
Victim Site:

Incident: Team insane Pakistan targets the website of Gauhati University

Category: Defacement
Content: The group claims to have defaced the website of Gauhati University. Mirror link: https://www.zone-h.org/mirror/id/41413191
Date: 2025-07-15T13:17:04Z
Network: telegram
Published URL: https://t.me/xxl33t1337xx/92
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/46e3f427-2140-4d0f-adee-86fbd5a3c68c.png

Threat Actors: Team insane Pakistan
Victim Country: India
Victim Industry: Education
Victim Organization: gauhati university
Victim Site: gauhati.ac.in

Incident: H3C4KEDZ targets the website of Community Development Department Ministry of Interior

Category: Defacement
Content: The group claims to have defaced the website of Community Development Department Ministry of Interior
Date: 2025-07-15T13:10:43Z
Network: telegram
Published URL:(https://t.me/We_H3c4kedz1/203)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6fb0b3bd-69bf-40eb-bebd-8e3f8e90f4a3.JPG

Threat Actors: H3C4KEDZ
Victim Country: Thailand
Victim Industry: Government & Public Sector
Victim Organization: community development department ministry of interior
Victim Site: district.cdd.go.th

Incident: Alleged data leak of Unidentified databses from Multiple countries

Category: Data Leak
Content: The threat actor claims to have leaked unidentified databases from countries including Algeria, Morocco, Iran, Israel, and others. The compromised data includes credentials, sensitive documents, and custom-built Remote Access Trojans (RATs).
Date: 2025-07-15T13:02:24Z
Network: openweb
Published URL:(https://darkforums.st/Thread-0xBang-CyberPhantom-Real-North-African-Leaks)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0f0d3a07-7dcc-4532-b736-7efa53b4f8fa.png

Threat Actors: M_BgBang
Victim Country: Algeria
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data breach of multiple onion websites

Category: Data Breach
Content: The group claims to have breached and erased over 50 illegal and drug-selling onion websites.
Date: 2025-07-15T12:50:53Z
Network: telegram
Published URL: https://t.me/PelicanHackers/22
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c4502e1a-f8db-4f59-9db7-5a8f15866307.png

Threat Actors: PELICAN HACKERS
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data sale of Regional Council of Physical Education of the 4th Region – State of Sao Paulo

Category: Data Breach
Content: The threat actor claims to be selling 4,3M lines of data from Regional Council of Physical Education of the 4th Region – State of Sao Paulo which includes the users name, dob, mobile numbers, etc.
Date: 2025-07-15T12:47:07Z
Network: openweb
Published URL: https://xss.is/threads/141960/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/24302383-8d81-480c-96a2-2b9240b5ea57.png

Threat Actors: DataVortexDB
Victim Country: Brazil
Victim Industry: Government Relations
Victim Organization: regional council of physical education of the 4th region – state of sao paulo
Victim Site: grsinformatica.com.br

Incident: Alleged data sale of Bolivarian National Police

Category: Data Breach
Content: The threat actor claims to have leaked the database of Cuerpo de Policía Nacional Bolivariana
Date: 2025-07-15T12:40:54Z
Network: openweb
Published URL:(https://darkforums.st/Thread-CPNB-VENEZUELA-DATABASE-txt)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f49abc83-48b6-4135-aa19-25aaca4e42e9.png

Threat Actors: izeeenn27
Victim Country: Venezuela
Victim Industry: Law Enforcement
Victim Organization: bolivarian national police
Victim Site: cpnb.com.ve

Incident: Alleged data sale of AhoraySiempre

Category: Data Breach
Content: The threat actor claims to have leaked 350,157 records of data from AhoraySiempre, a Cuban platform which includes personal information such as names, phone numbers, email address and hashed password
Date: 2025-07-15T11:58:30Z
Network: openweb
Published URL: https://xss.is/threads/141955/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/da4dd570-ff2a-42b8-abcf-9a95a908e752.png

Threat Actors: SebastianDAlex
Victim Country: Cuba
Victim Industry: Music
Victim Organization: ahoraysiempre
Victim Site:

Incident: Alleged Sale of Downloader Dropper with SmartScreen and Defender Bypass

Category: Malware
Content: The threat actor claims to be selling a downloader dropper capable of bypassing Microsoft SmartScreen and Windows Defender protections.
Date: 2025-07-15T11:11:25Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262482/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5fcd2295-ca7b-413f-a048-b639377e58a5.PNG

Threat Actors: eDragon_x
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Sale of OSINT API Keys & Government Emails

Category: Data Leak
Content: The threat actor is allegedly selling OSINT API keys and government emails from Greece, India, the UK (police), and Thailand
Date: 2025-07-15T10:58:16Z
Network: openweb
Published URL:(https://darkforums.st/Thread-selling-gov-mails-and-portals-and-osint-api-keys)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/068ac022-23ea-4181-b988-5c526495facd.png

Threat Actors: combolists
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data leak of iGyno

Category: Data Breach
Content: The threat actor claims to have leaked data from the iGyno app (igyno.it), which includes 20,000 users’ emails along with sensitive health details like menstrual cycles, fertility windows, pregnancy status, and ages.
Date: 2025-07-15T10:20:17Z
Network: openweb
Published URL:(http://darkforums.st/Thread-iGyno-Data-Breach-20-000-Users-Secrets-Unveiled)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0a77e3c3-a7be-469e-858a-f36b31f421f8.png

Threat Actors: Bello123
Victim Country: Italy
Victim Industry: Health & Fitness
Victim Organization: igyno
Victim Site: igyno.it

Incident: Alleged sale of PHANTOM Windows 0-day RCE exploit and NIGHTFALL exploit suite

Category: Vulnerability
Content: The threat actor claims to be selling “PHANTOM” Windows 0Day RCE Exploit and “NIGHTFALL” Windows Zero-Day Exploit Suite, which they describe as “the most advanced Windows penetration tool ever developed outside nation-state programs.” This exploit suite reportedly offers kernel-level access, bypassing TPM 2.0, Pluton, and HVCI with novel attack vectors. It boasts perfect operational security, including GPU-powered persistence invisible to memory scanners. Furthermore, it features network dominance capabilities, self-propagating through RDP, SMB, and WSUS, and includes an SMBv3 worm module for improved propagation. Note : The authenticity of the claim is yet to be verified.
Date: 2025-07-15T10:07:34Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262467/
Screenshots:

Threat Actors: user35
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Sale of RDP Access to Chartered Institute of Bankers of Nigeria

Category: Initial Access
Content: The threat actor claims to offer full administrator RDP access to systems belonging to the Chartered Institute of Bankers of Nigeria (CIBN), including the domain portal.cibn.org. The server is reportedly running Windows Server 2019 and is located in France.
Date: 2025-07-15T09:51:27Z
Network: openweb
Published URL: https://ramp4u.io/threads/fresh-rdp-access-for-sale-chartered-institute-of-bankers-of-nigeria.3280/
Screenshots:

Threat Actors: голиа
Victim Country: Nigeria
Victim Industry: Financial Services
Victim Organization: chartered institute of bankers of nigeria
Victim Site: cibn.org

Incident: Alleged leak of an Unknown Indian database

Category: Data Leak
Content: The threat actor claims to have leaked 20GB of data from an Unknown Indian database which includes student names, emails, course name, enrollment numbers, etc.
Date: 2025-07-15T09:42:52Z
Network: openweb
Published URL:(https://darkforums.st/Thread-20GB-INDIADB-HAS-BEEN-LEAKED-BY-V-FOR-VENDETTA-CYBER-TEAM)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/330f8eaa-f7bf-4945-930c-4f2b813f9ad8.png

Threat Actors: Dzvy
Victim Country: India
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Leak of Shopify Customer Database from Homestretch

Category: Data Breach
Content: The threat actor claims to be distributing Shopify customer databases. The post mentions that the leak includes data from Shopify-based site, specifically homestretch.com.
Date: 2025-07-15T09:31:35Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262478/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7b181b41-bdd4-4499-8cb8-fcd23d50f1dd.PNG

Threat Actors: Shopify
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: homestretch
Victim Site: homestretch.com

Incident: Liwaa Muhammad targets the website of UpCloud Global Solutions

Category: Defacement
Content: The threat actor claims to have defaced and gained root access to a cloud server hosting 44 domains and accessed 12 GB of sensitive data, including site files, database dumps, configuration files, SSL keys, and emails.
Date: 2025-07-15T09:31:03Z
Network: telegram
Published URL: https://t.me/liwaamohammad/510
Screenshots:

Threat Actors: Liwaa Muhammad
Victim Country: India
Victim Industry: Software Development
Victim Organization: upcloud global solutions
Victim Site: upcloudglobal.com

Incident: Alleged Sale of a Fileless Stealer Log

Category: Malware
Content: The threat actor claims to be selling a Stealer log that allegedly bypasses all antivirus detection, runs with zero processes, and targets credentials from sensitive global entities. Offered via subscription with over 1 million infections updated weekly.
Date: 2025-07-15T09:29:15Z
Network: openweb
Published URL:(https://darkforums.st/Thread-z-cloud-stealer-log)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/572eba49-f62c-4c53-a45b-2913b63e6550.png

Threat Actors: zcloudx
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged sale of The chartered institute of bankers of nigeria

Category: Initial Access
Content: The threat actor claims to be selling RDP access to The Chartered Institute of Bankers of Nigeria. The server allegedly contains sensitive data of Nigerian bankers, including personal and financial details.
Date: 2025-07-15T09:23:49Z
Network: openweb
Published URL: https://xss.is/threads/141946/
Screenshots:

Threat Actors: Golia
Victim Country: Nigeria
Victim Industry: Banking & Mortgage
Victim Organization: cibn
Victim Site: cibng.org

Incident: Alleged Leak of 100K Corporate Email Credentials

Category: Data Leak
Content: The threat actor claims to have leaked a database titled “MailPass Corps Mix 100K”, containing 100,000 corporate email and password combinations
Date: 2025-07-15T09:19:36Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262476/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9097dcb9-8d4f-4fa9-b7f2-de9b6d9ecc0e.PNG

Threat Actors: Domainstore
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Leak of VanEck Individual Investor Emails

Category: Data Breach
Content: The threat actor claims to have leaked a list of email addresses belonging to individual retail investors allegedly associated with VanEck. The post contains dozens of personal emails, phone numbers, and names, shared freely for any potential misuse.
Date: 2025-07-15T08:59:36Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262473/
Screenshots:

Threat Actors: btcokiz
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: vaneck
Victim Site: vaneck.com

Incident: Alleged sale of USA B-2 Spirit Classified Blueprints

Category: Data Leak
Content: The threat actor claims to be selling a full technical package of USA B-2 Spirit Stealth Bomber blueprints, described as the most comprehensive non-governmental technical dossier ever assembled. The leaked data reportedly includes core documentation for the advanced strategic bomber, with details on radar-absorbent material, a Flight Control System Master Key, and structural engineering secrets. Note : The authenticity of this claim has not yet been verified.
Date: 2025-07-15T08:53:28Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262467/
Screenshots:

Threat Actors: user35
Victim Country: USA
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Sale of USA B-2 Spirit Bomber Blueprints and Windows 0-Day Exploit

Category: Malware
Content: The threat actor claims to be selling classified documents related to the B-2 “SPECTER” stealth bomber. These include radar-absorbent material formulas, flight control system code, structural engineering data, and a 2023 avionics upgrade package. They also claim to offer a powerful Windows zero-day exploit suite called “PHANTOM.” This tool allegedly bypasses TPM 2.0, Pluton, and HVCI protections to gain full SYSTEM access within seconds.
Date: 2025-07-15T08:50:08Z
Network: openweb
Published URL: https://forum.exploit.in/topic/262467/
Screenshots:

Threat Actors: user35
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Anonymous Moroccan targets the website of Decor Furniture

Category: Defacement
Content: The group claims to have defaced the website of Decor Furniture.
Date: 2025-07-15T08:07:29Z
Network: telegram
Published URL: https://t.me/Anonymous_Moroccan/29
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7528b46c-20b7-4dbd-8c20-8272829b487f.png

Threat Actors: Anonymous Moroccan
Victim Country: India
Victim Industry: Furniture
Victim Organization: decor furniture
Victim Site: decorfurnitures.in

Incident: Alleged Sale of databases from MMM, Cashberry, and Finico

Category: Data Leak
Content: The threat actor claims to be selling databases from pyramid schemes – MMM, Cashberry, and Finico.
Date: 2025-07-15T08:02:18Z
Network: openweb
Published URL: https://xss.is/threads/141941/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ea7f0a4d-9b86-40bd-9074-c84577ab2405.png

Threat Actors: smwin24
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data breach of Network of International Cooperation for Education

Category: Data Breach
Content: The group claims to have obtained 600 GB of organization’s data.
Date: 2025-07-15T07:46:24Z
Network: telegram
Published URL: https://t.me/nxbbsec/829
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/902f8ce0-f618-4180-83f4-24f011d3a992.png

Threat Actors: NXBB.SEC
Victim Country: Thailand
Victim Industry: Education
Victim Organization: nice (network of international cooperation for education)
Victim Site: office.nice.ac.th

Incident: Alleged sale of 11.2TB Brazil Telecom and Personal data

Category: Data Leak
Content: The threat actor claims to be selling a 11.2TB database containing personal and corporate data from Brazil. It includes over 300 million phone records from carriers like Claro, Vivo, TIM, and Oi, along with names, addresses, and CPF (Tax ID) numbers, segmented by states such as SP, RJ, MG, PR, and RS. The data is reportedly available in CSV, TXT, SQL, and DB formats.
Date: 2025-07-15T07:33:15Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Selling-%F0%9F%94%A5-EXCLUSIVE-BRAZIL-DATABASE-11-2-TB-PREMIUM-LEADS-FOR-EXPLOSIVE-SALES-%F0%9F%94%A5)
Screenshots:

Threat Actors: injectioninferno2
Victim Country: Brazil
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged Data breach of AXA

Category: Data Breach
Content: The threat actor claims to be selling the data’s from AXA. The compromised data includes names, emails, number, etc.
Date: 2025-07-15T06:02:30Z
Network: telegram
Published URL: https://t.me/aqj986/6230
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/955007e8-41cd-40fc-9c77-2ed8055b241d.png

Threat Actors: Aiqianjin
Victim Country: France
Victim Industry: Insurance
Victim Organization: axa
Victim Site: axa.com

Incident: Alleged sale of access to webmail credentials of an unidentified.gov domain

Category: Initial Access
Content: The threat actor claims to be selling access to webmail credentials for a.gov domain. The compromised webmail reportedly contains thousands of contacts across various government departments, including police, finance, and education
Date: 2025-07-15T05:17:21Z
Network: openweb
Published URL:(https://darkforums.st/Thread-WEBMAIL-CREDS-SALE)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/68ebe74a-a3ba-4e49-a5ea-f1d88cd6b755.png

Threat Actors: Rui_Deidad
Victim Country:
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data leak of multiple Mexican fintech and voucher companies

Category: Data Leak
Content: The threat actor claims to have leaked massive data involving multiple Mexican fintech and voucher companies, exposing the personal information of approximately 45 million users. The leaked data reportedly includes full names, mobile numbers, addresses, dates of birth, emails, customer account IDs, and card-related data, all provided in TXT/CSV format. Affected companies include Edenred, Up Sí Vale, Pluxee, Efectivale, Valemex, Minu, OneCard, Broxel, Kiwi, Ya Ganaste, Billpocket, Zettle by PayPal, Sr. Pago, and Tienda Pago.
Date: 2025-07-15T05:04:32Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Source-Code-Data-leak-of-several-Mexican-companies-and-fitech-45-million-cards-and-linked-custom)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a1c4df5c-01db-4e6d-be2b-148983c95a73.png

Threat Actors: DarkNikon
Victim Country: Mexico
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data breach of Department of Government Printing

Category: Data Breach
Content: Threat actor claims to be selling leaked student data from the Sri Lankan government website Documents.gov.lk. The breach reportedly exposes sensitive information, including student names, identification numbers, academic records, and contact details.
Date: 2025-07-15T04:40:47Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Data-Breach-of-Sri-Lankan-Government-Website-Documents-gov-lk)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fc3f6431-0dc8-4fa2-8ab6-38a70198bc44.png

Threat Actors: econzero
Victim Country: Sri Lanka
Victim Industry: Government Administration
Victim Organization: department of government printing
Victim Site: documents.gov.lk

Incident: Alleged data leak of Ministry of Agriculture Indonesia

Category: Data Leak
Content: The threat actor claims to have leaked the data from the Ministry of Agriculture Indonesia.
Date: 2025-07-15T03:49:19Z
Network: openweb
Published URL:(https://darkforums.st/Thread-LEAKED-pertanian-go-id-DATA-INDONESIAN-3-MILLION)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5c30c93c-e00b-44d2-b61c-8e50fb956331.jpg

Threat Actors: yourdre4m7
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: ministry of agriculture indonesia
Victim Site: pertanian.go.id

Incident: Alleged data leak of Directorate of Education of the government of New Caledonia

Category: Data Breach
Content: The threat actor claiming they exploited a vulnerability in a government education tool of French New Caledonia, managed by the Directorate of Education. By abusing an IDOR (Insecure Direct Object Reference) flaw, they escalated access from 15 student records to over 130,000 records, allegedly covering about 48% of New Caledonia’s population. They also exploited a misconfigured “class-admin” endpoint to extract emails and phone numbers.
Date: 2025-07-15T03:19:52Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Selling-FR-NC-ENSEIGNEMENT-GOUV-NOUVELLE-CALEDONIE)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b596b624-c316-44c4-b256-ab51728f5df1.png

Threat Actors: rampant
Victim Country: France
Victim Industry: Government Administration
Victim Organization: directorate of education of new caledonia
Victim Site: ac-noumea.nc

Incident: Alleged data breach of the PGI Seguros

Category: Data Breach
Content: Threat actor claims to be selling leaked customer data from PGI Seguros, a Spain-based insurance provider. The breach reportedly exposes 600,000 records containing names, NIFs, contact details, addresses, IBANs, and insurance policy data.
Date: 2025-07-15T02:58:08Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Selling-pgi-seguros-spain-600k-info-iban)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b74fbaff-2302-4360-ae09-61aeb6a34ec0.png

Threat Actors: alcachivato
Victim Country: Spain
Victim Industry: Insurance
Victim Organization: pgi seguros
Victim Site:

Incident: Alleged data breach of NOZAX AD

Category: Data Breach
Content: The threat actor claims to have breached the database of NOZAX AD, exposing the personal and trading information of 53,585 clients. The leaked data includes full names, contact details, IP addresses, account balances, identity document references, and login history.
Date: 2025-07-15T02:50:00Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Selling-53-585-MT5-Clients-of-NOZAX-AD-Regulated-Multi-Asset-Neo-Broker)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c62a59f-269c-4223-b1a0-e140ce04a7da.png

Threat Actors: erezd
Victim Country: Montenegro
Victim Industry: Financial Services
Victim Organization: nozax ad
Victim Site: nozax.com

Incident: Alleged sale of SQLMap Pro v2.0 tool

Category: Malware
Content: The threat actor claims to be selling SQLMap Pro v2.0, a Windows-based toolkit designed for ethical hackers, freelancers, and bug bounty hunters. The tool automates SQL injection scanning, performs smart crawling to find hidden admin/login panels, conducts port and service enumeration, and provides detailed professional reports.
Date: 2025-07-15T02:20:36Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Source-Code-Introducing-SQLMap-Pro-v2-0-%F0%9F%92%BB%F0%9F%9B%A1%EF%B8%8F)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f0c9ca1-9e7c-4486-9aff-108ea9db646b.png

Threat Actors: Mr_king
Victim Country:
Victom Industry:
Victim Organization:
Victim Site:

Incident: H3C4KEDZ targets the website of District Portal of Thailand’s Community Development Department (CDD)

Category: Defacement
Content: The group claims to have defaced the website of District Portal of Thailand’s Community Development Department (CDD).
Date: 2025-07-15T01:09:58Z
Network: telegram
Published URL:(https://t.me/We_H3c4kedz1/199)
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/786ecd1b-7ac4-4f4a-a431-5158db22d584.png

Threat Actors: H3C4KEDZ
Victim Country: Thailand
Victim Industry: Government Administration
Victim Organization: district portal of thailand’s community development department
Victim Site: district.cdd.go.th

Incident: Alleged database leak Argentina

Category: Data Leak
Content: The threat actor claims to be selling a massive 432GB Argentina Mega Database, claiming it to be the most comprehensive and up-to-date dataset (from 2024). The data is segmented by region, industry, age, and socioeconomic status. It includes sensitive information from financial institutions (like Banco Galicia, Banco Nacion, and Credi Argentina), telecom companies (such as Claro and Personal), businesses (including HR records and import/export registries), and government bodies (e.g., RENAPER and Ministry of Health). The package contains over 32 million verified phone numbers and 32 million+ emails, with formats compatible with CRM systems.
Date: 2025-07-15T00:35:53Z
Network: openweb
Published URL:(https://darkforums.st/Thread-Selling-%F0%9F%94%A5-ARGENTINA-MEGA-DATABASE-432GB-%F0%9F%87%A6%F0%9F%87%B7)
Screenshots:

Threat Actors: injectioninferno2
Victim Country: Argentina
Victim Industry:
Victim Organization:
Victim Site:

Incident: Alleged data breach of the Pedagogical University

Category: Data Breach
Content: The threat actor claims to be selling stolen data from University Pedagogian of Bolivia.
Date: 2025-07-15T00:10:22Z
Network: openweb
Published URL:(https://darkforums.st/Thread-UNIVERSITY-PEDAGOGIAN-OF-BOLIVIA)
Screenshots:

Threat Actors: honey_salt
Victim Country: Bolivia
Victim Industry: Education
Victim Organization: the pedagogical university
Victim Site: upedagogica.edu.bo

3. Conclusion

This report serves as a factual summary of incidents, adhering strictly to the data provided in the original JSON source. It has been meticulously compiled to present a direct and unadulterated log of events, devoid of any external analysis, interpretations, or hypothetical content, in full accordance with the stated requirements. This disciplined approach ensures that the document functions as a single source of truth for the documented incidents, without the potential for human bias or misinterpretation.