[November-10-2025] Daily Cybersecurity Threat Report

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

---

1. SIAD S.p.A. falls victim to Everest Ransomware

• Category: Ransomware
• Content: The group claims to have obtained 159 GB of the organization’s internal data and intends to publish it within 10 days.
• Date: 2025-11-10T23:39:25Z
• Network: tor
• Published URL: (http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/news/SIAD/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b952829c-e356-4860-9ece-7150f597d852.png
• Threat Actors: Everest
• Victim Country: Italy
• Victim Industry: Chemical Manufacturing
• Victim Organization: siad s.p.a.
• Victim Site: siad.com

---

2. Agfa-Gevaert Group (AGFA) falls victim to Everest Ransomware

• Category: Ransomware
• Content: The group claims to have obtained 354 GB of the organization’s internal data and intends to publish it within 10 days.
• Date: 2025-11-10T23:29:08Z
• Network: tor
• Published URL: (http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/news/AGFA/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/aa10868b-2e81-411b-bd38-37af42539fa1.png
• Threat Actors: Everest
• Victim Country: Belgium
• Victim Industry: Manufacturing & Industrial Products
• Victim Organization: agfa-gevaert group
• Victim Site: agfa.com

---

3. HEZI RASH claims to target surveillance cameras in Turkey

• Category: Alert
• Content: A recent post by the group claims they are targeting surveillance cameras in Turkey
• Date: 2025-11-10T22:57:36Z
• Network: telegram
• Published URL: (https://t.me/c/3058168654/279)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/936114d2-c95a-488f-b1a8-0d63368adf50.png
• Threat Actors: HEZI RASH
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

4. Alleged leak of admin access to IOtech

• Category: Initial Access
• Content: The threat actor claims to have gained unauthorized admin access to IOtech
• Date: 2025-11-10T22:09:30Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Admin-access-to-the-Saudi-iotech-sa-site)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5e68acbd-0f97-41d0-b235-eff8e585d418.png
• Threat Actors: blackhunter1
• Victim Country: Saudi Arabia
• Victim Industry: Computer Hardware
• Victim Organization: iotech
• Victim Site: iotech.sa

---

5. Alleged data breach of Kantenna Technology Limited

• Category: Data Breach
• Content: Group claims to have leaked data from Kantenna Technology Limited.
• Date: 2025-11-10T22:02:52Z
• Network: telegram
• Published URL: (https://t.me/MoroccanCyberSentinelsOfficial/1429)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b2108101-be1f-47c6-8077-c3a88dcaa34e.png
• Threat Actors: Moroccan Cyber Sentinels
• Victim Country: China
• Victim Industry: Network & Telecommunications
• Victim Organization: kantenna technology limited
• Victim Site: kantennatech.com

---

6. Alleged sale of Beckett Collectibles database

• Category: Data Breach
• Content: The threat actor claims to be selling the database of Beckett Collectibles.
• Date: 2025-11-10T21:44:31Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-beckett-com-database-for-sale-on-bstars)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5523063e-0b73-4cb0-9d73-c636812bc14c.png
  • https://d34iuop8pidsy8.cloudfront.net/27d01c49-5541-49c6-a330-95f80824f5e1.png
• Threat Actors: brainee
• Victim Country: USA
• Victim Industry: E-commerce & Online Stores
• Victim Organization: beckett collectibles
• Victim Site: beckett.com

---

7. Community Unit School District 201 falls victim to INC RANSOM Ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization data.
• Date: 2025-11-10T21:22:07Z
• Network: tor
• Published URL: (http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/69124fdae1a4e4b3ffa16be6)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7d0197f3-690c-4136-8612-5ca1e2936aaf.png
• Threat Actors: INC RANSOM
• Victim Country: USA
• Victim Industry: Education
• Victim Organization: community unit school district 201
• Victim Site: cusd201.org

---

8. Easterseals Northeast Indiana falls victim to INC RANSOM Ransomware

• Category: Ransomware
• Content: The group claims to have obtained 405 GB organization data.
• Date: 2025-11-10T21:13:16Z
• Network: tor
• Published URL: (http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/69124d93e1a4e4b3ffa13f22)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/291783bc-6582-49f0-be86-944cf95a6358.png
• Threat Actors: INC RANSOM
• Victim Country: USA
• Victim Industry: Individual & Family Services
• Victim Organization: easterseals northeast indiana
• Victim Site: eastersealsnei.org

---

9. Island Engineering Ltd. falls victim to SAFEPAY Ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization’s data.
• Date: 2025-11-10T21:00:04Z
• Network: tor
• Published URL: (http://safepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onion/blog/post/ielplumbingcom/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ab01df43-04d4-496d-8c90-11767ac90362.png
• Threat Actors: SAFEPAY
• Victim Country: Unknown
• Victim Industry: Building and construction
• Victim Organization: island engineering ltd.
• Victim Site: ielplumbing.com

---

10. Alleged data leak of Allianz

• Category: Data Breach
• Content: Threat actor claims to have leaked data from Allianz. The leak reportedly contains over 3 million records, including Number, Index, Stock Buyback, Name, Gender, Age Range, Term, Increase, Allianz Shares, Currency, etc.
• Date: 2025-11-10T20:40:33Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-%E3%80%90Germany%E3%80%91Allianz-Group-Insurance-Life-Credit-Card-Property-Securities-Investment)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/76bf2561-1c09-4aa7-bff9-a6d1d36404f5.png
• Threat Actors: yeestge33
• Victim Country: Germany
• Victim Industry: Financial Services
• Victim Organization: allianz
• Victim Site: allianz.com

---

11. Yaesu falls victim to Qilin ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization data.
• Date: 2025-11-10T20:26:29Z
• Network: tor
• Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=d2063641-fa1a-34c8-ab26-31c8adaf75af)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ae50cbae-7250-4ba3-b17e-017c7571c916.png
• Threat Actors: Qilin
• Victim Country: Japan
• Victim Industry: Manufacturing
• Victim Organization: yaesu
• Victim Site: yaesu.com

---

12. Alleged data breach of Blavity Inc.

• Category: Data Breach
• Content: The threat actor claims to be selling data from Blavity Inc., with approximately 1.2 million records reportedly compromised.
• Date: 2025-11-10T20:10:38Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-NEW-BREACH-PREVIEW-BLAVITY-INC-1-12-million)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/5ca6929a-f270-414e-a280-49cec8c2abd0.png
• Threat Actors: FulcrumSec
• Victim Country: USA
• Victim Industry: Information Technology (IT) Services
• Victim Organization: blavity inc.
• Victim Site: blavityinc.com

---

13. Ioxo falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 3-4 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T20:03:05Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=3Fi58Zt2VHQ8vR)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/8c53f9d6-5879-4c13-951e-5fcca32fa68d.png
• Threat Actors: PLAY
• Victim Country: USA
• Victim Industry: Information Technology (IT) Services
• Victim Organization: ioxo
• Victim Site: ioxo.cloud

---

14. Garvin Promotion Group falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 4–5 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T19:49:58Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=c495I0HniypHuV)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3b89ca55-cc25-4df6-ab29-a73180af1e29.png
• Threat Actors: PLAY
• Victim Country: USA
• Victim Industry: Consumer Services
• Victim Organization: garvin promotion group
• Victim Site: garvinpromo.com

---

15. Alleged leak of Buisness Leaders Database from Russia

• Category: Data Breach
• Content: The threat actor claims to have leaked Buisness Leaders Database from Russia.
• Date: 2025-11-10T19:44:26Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-DATABASE-Russia-Buisness-Leaders-Database-%F0%9F%87%B7%F0%9F%87%BA)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/1ad741a4-a6ff-4662-9581-9b4719e19dc1.png
• Threat Actors: Databroque
• Victim Country: Russia
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

16. Jean-Georges Management falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 4–5 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T19:40:33Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=4cf8V4luKMLWsu)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/de9c4768-6092-4b7b-b0d9-3104af8d4ecb.png
• Threat Actors: PLAY
• Victim Country: USA
• Victim Industry: Restaurants
• Victim Organization: jean-georges management
• Victim Site: jean-georges.com

---

17. Kwik Mix Materials falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 3-4 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T19:29:18Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=0Gc1LIiBepSjA)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/103d7cdb-210a-41ce-9e03-d086594e9358.png
• Threat Actors: PLAY
• Victim Country: Canada
• Victim Industry: Building and construction
• Victim Organization: kwik mix materials
• Victim Site: kwikmix.com

---

18. Darvin Furniture & Mattress falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 3-4 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T19:22:00Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=HWGrjd61QVH2Ky)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/0ecf9373-a1ab-4421-84c9-1156c58bb150.png
• Threat Actors: PLAY
• Victim Country: USA
• Victim Industry: Furniture
• Victim Organization: darvin furniture & mattress
• Victim Site: darvin.com

---

19. Land Title Guaranty falls victim to PLAY ransomware

• Category: Ransomware
• Content: Group claims to have obtained organizational data and plans to publish it within 3-4 days. The compromised data reportedly includes private and personal confidential data, clients documents, budget, payroll, IDs, taxes, finance information and etc.
• Date: 2025-11-10T19:17:40Z
• Network: tor
• Published URL: (http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/topic.php?id=L4wM1CDX0I6hyS)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b982711f-8801-4fa4-ad2f-58f00c7005db.png
• Threat Actors: PLAY
• Victim Country: USA
• Victim Industry: Real Estate
• Victim Organization: land title guaranty
• Victim Site: landtitleweb.com

---

20. Alleged data breach of Cancard Inc.

• Category: Data Breach
• Content: The threat actor claims to be selling data from Cancard Inc.
• Date: 2025-11-10T18:56:29Z
• Network: openweb
• Published URL: (https://leakbase.la/threads/cancard-db-avilable-on-priva1e-channe1-to-b0y-acces-dm-telgram.45672/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c3809d52-5774-495a-beb9-327cb2dacbbc.png
• Threat Actors: jdudjbdd
• Victim Country: Canada
• Victim Industry: Medical Equipment Manufacturing
• Victim Organization: cancard inc.
• Victim Site: cancard.com

---

21. Alleged leak of sensitive confidential documents from Syria and USA

• Category: Data Breach
• Content: Threat actor claims to have leaked sensitive confidential documents from Syria and USA.
• Date: 2025-11-10T18:43:12Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Document-%F0%9F%AA%90-TOP-SECRET-SYRIA-USA-DOCUMENTS-LEAKED-FULL-SYRIA-IS-ADMIN-LEAK-CRAZY-%F0%9F%AA%90)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/702b5de9-4c4d-4492-9242-409bece4cf63.png
• Threat Actors: jrintel
• Victim Country: Syria
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

22. Alleged leak of SYRIA/USA DOCUMENTS

• Category: Data Breach
• Content: Threat actor claims to have leaked SYRIA/USA DOCUMENTS.
• Date: 2025-11-10T18:36:23Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Document-%F0%9F%AA%90-TOP-SECRET-SYRIA-USA-DOCUMENTS-LEAKED-FULL-SYRIA-IS-ADMIN-LEAK-CRAZY-%F0%9F%AA%90)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/702b5de9-4c4d-4492-9242-409bece4cf63.png
• Threat Actors: jrintel
• Victim Country: Syria
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

23. Alleged leak of sensitive data from India

• Category: Data Breach
• Content: Threat actor claims to have leaked sensitive data from India, including challan details, names, mobile numbers, addresses, and more.
• Date: 2025-11-10T18:19:07Z
• Network: telegram
• Published URL: (https://t.me/FIAgoverment/3029)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/57ae7bfd-c063-456c-8212-4129c7a5edd1.png
  • https://d34iuop8pidsy8.cloudfront.net/56c177ef-0794-4872-8610-545dab9822f3.png
• Threat Actors: Farebi inteliigence agency
• Victim Country: India
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

24. McIver Engineering & Controls falls victim to Qilin Ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization’s data.
• Date: 2025-11-10T17:02:46Z
• Network: tor
• Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=45d3aadf-1dca-3dfb-8010-0bf99532b410)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/40488621-fd70-49c7-b351-71aa84df5972.png
• Threat Actors: Qilin
• Victim Country: USA
• Victim Industry: Electrical & Electronic Manufacturing
• Victim Organization: mciver engineering & controls
• Victim Site: mcivereng.com

---

25. OMS a.s. falls victim to Qilin Ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization’s data.
• Date: 2025-11-10T16:54:19Z
• Network: tor
• Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=3f9c6161-359b-3f97-bf5a-6246f3920523)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/721decb7-d3f3-4f10-a8f2-fc99f0831f3e.png
• Threat Actors: Qilin
• Victim Country: Slovakia
• Victim Industry: Electrical & Electronic Manufacturing
• Victim Organization: oms a.s.
• Victim Site: oms.lighting

---

26. Z-BL4CX-H4T targets the website of Agua Viva Web Radio

• Category: Defacement
• Content: Group claims to have defaced the website of Agua Viva Web Radio.
• Date: 2025-11-10T16:47:51Z
• Network: telegram
• Published URL: (https://t.me/c/3027611821/138)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b522ed50-69fb-4eb6-9552-aff54ce54ca4.png
• Threat Actors: Z-BL4CX-H4T
• Victim Country: Brazil
• Victim Industry: Broadcast Media
• Victim Organization: agua viva web radio
• Victim Site: aguavivacn.com

---

27. BABAYO EROR SYSTEM targets the website of XRET

• Category: Defacement
• Content: Group claims to have defaced the website of XRET.
• Date: 2025-11-10T16:21:55Z
• Network: telegram
• Published URL: (https://t.me/babayoerorsysteam3/644)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b9823720-292a-4a25-87dc-cefea06be7a1.png
• Threat Actors: BABAYO EROR SYSTEM
• Victim Country: Iran
• Victim Industry: Health & Fitness
• Victim Organization: xret
• Victim Site: xret.ir

---

28. AMI Bearings, Inc. falls victim to Akira ransomware

• Category: Ransomware
• Content: The group claims to have obtained 15 GB of the organization’s data. The compromised data includes employee information, clients information, lots of projects information, agreements and contracts, NDAs, etc.
• Date: 2025-11-10T15:39:33Z
• Network: tor
• Published URL: (https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/db631d72-b296-4759-8696-258278e0a2a8.png
• Threat Actors: akira
• Victim Country: USA
• Victim Industry: Machinery Manufacturing
• Victim Organization: ami bearings, inc.
• Victim Site: amibearings.com

---

29. Alleged sale of El Corte Inglés database

• Category: Data Breach
• Content: The threat actor claims to be selling the database of El Corte Inglés.
• Date: 2025-11-10T15:20:29Z
• Network: openweb
• Published URL: (https://leakbase.la/threads/elcorteingles-db-avilable-on-priva1e-channe1-to-b0y-acces-dm-telgram.45652/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f9e75fbb-72ee-4e44-b13f-44e4c6c81315.png
• Threat Actors: jdudjbdd
• Victim Country: Spain
• Victim Industry: E-commerce & Online Stores
• Victim Organization: el corte inglés
• Victim Site: elcorteingles.es

---

30. Marck Industries, Inc falls victim to RansomHouse Ransomware

• Category: Ransomware
• Content: The group claims to have obtained the organization’s data.
• Date: 2025-11-10T15:17:04Z
• Network: tor
• Published URL: (http://zohlm7ahjwegcedoz7lrdrti7bvpofymcayotp744qhx6gjmxbuo2yid.onion/r/0f7ddd9fc8d180ff5fa6be3e3a4c90be530c7e19)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/c75aca2a-c0b1-4cd1-b8b8-495806c67898.png
• Threat Actors: RansomHouse
• Victim Country: USA
• Victim Industry: Facilities Services
• Victim Organization: marck industries, inc
• Victim Site: marck.net

---

31. Alleged data breach of Empleos.clarin.com

• Category: Data Breach
• Content: Threat actor claims to be selling 1.65GB of data from Empleos.clarin.com. The compromised data reportedly includes personal information, contact details, experience, etc.
• Date: 2025-11-10T15:12:13Z
• Network: tor
• Published URL: (http://6czlbd2jfiy6765fbnbnzuwuqocg57ebvp3tbm35kib425k4qnmiiiqd.onion/database.html)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a86b6003-5e84-4bd0-8c56-d6c3f004cdf2.png
• Threat Actors: Kazu
• Victim Country: Argentina
• Victim Industry: Human Resources
• Victim Organization: empleos.clarin.com
• Victim Site: empleos.clarin.com

---

32. Z-BL4CX-H4T targets the website of SMR Electronics

• Category: Defacement
• Content: Group claims to have defaced the website of SMR Electronics.
• Date: 2025-11-10T14:48:40Z
• Network: telegram
• Published URL: (https://t.me/c/3027611821/137)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/d823af7e-17fb-4eaa-b5f3-f75b9945e5f3.png
• Threat Actors: Z-BL4CX-H4T
• Victim Country: India
• Victim Industry: Consumer Electronics
• Victim Organization: smr electronics
• Victim Site: smrelectronics.com

---

33. Alleged data breach of Zolota Skrynia

• Category: Data Breach
• Content: The group claims to have leaked more than 210,000 records of Zolota Skrynia in Ukraine. The compromised data reportedly contain names, contact information), email addresses, phone numbers, passwords, IP addresses and user device data and password hashes of the admin panel.
• Date: 2025-11-10T14:33:23Z
• Network: telegram
• Published URL: (https://t.me/itarmy_ru/221)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/6cb8db1f-c497-4502-a31c-375c899a78bb.JPG
• Threat Actors: IT ARMY OF RUSSIA
• Victim Country: Ukraine
• Victim Industry: Financial Services
• Victim Organization: zolota skrynia
• Victim Site: zslombard.com.ua

---

34. Alleged sale of AV Killer

• Category: Malware
• Content: The threat actor claims to be selling an AV Killer tool, allegedly capable of antivirus software.
• Date: 2025-11-10T14:16:55Z
• Network: openweb
• Published URL: (https://xss.pro/threads/144201/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3529a82c-bd5d-43ce-aa57-018bdb08802b.png
• Threat Actors: Detools
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

35. HEZI RASH targets the website of Sweet Beats

• Category: Defacement
• Content: The group claims to have defaced the website of Sweet Beats.
• Date: 2025-11-10T14:06:35Z
• Network: telegram
• Published URL: (https://t.me/c/3058168654/269)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/dde9bf7b-6e0b-48e8-b4c7-365fbe53c53b.png
• Threat Actors: HEZI RASH
• Victim Country: Australia
• Victim Industry: Hospital & Health Care
• Victim Organization: sweet beats
• Victim Site: sweetbeats.com.au

---

36. BMG Of Kansas, Inc. falls victim to Qilin Ransomware

• Category: Ransomware
• Content: The group claims to have obtained organization’s data.
• Date: 2025-11-10T13:27:41Z
• Network: tor
• Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=3e94a7a7-906d-3ba4-bfa3-69510a7e2df1)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/9b9e2ade-caf2-45db-b920-47adb0904577.jpg
  • https://d34iuop8pidsy8.cloudfront.net/f4816595-268c-4740-8fae-08ee285b5c64.jpg
• Threat Actors: Qilin
• Victim Country: USA
• Victim Industry: Machinery Manufacturing
• Victim Organization: bmg of kansas, inc.
• Victim Site: bmgks.com

---

37. Z-BL4CX-H4T targets the website of Toys Habibi

• Category: Defacement
• Content: The group claims to have defaced the website of Toys Habibi.
• Date: 2025-11-10T13:07:16Z
• Network: telegram
• Published URL: (https://t.me/c/3027611821/136)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7fe4c0c3-4ac5-4a94-a384-a01b8b140d11.png
• Threat Actors: Z-BL4CX-H4T
• Victim Country: UAE
• Victim Industry: E-commerce & Online Stores
• Victim Organization: toys habibi
• Victim Site: toyshabibi.com

---

38. Alleged data breach of University of Toronto

• Category: Initial Access
• Content: The threat actor claims to have gained unauthorized access to the University of Toronto’s internal systems, compromising tools such as VPN admin, IP setup, SSH, and OpenSSL.
• Date: 2025-11-10T12:45:19Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Source-Code-University-of-Toronto-Data-Breach-Leaked-Download)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/9228e8f2-e499-4e6f-a806-6f601f090314.png
  • https://d34iuop8pidsy8.cloudfront.net/b79a9513-737a-4a4f-b389-fe1f2f080346.png
• Threat Actors: KaruHunters
• Victim Country: Canada
• Victim Industry: Education
• Victim Organization: university of toronto
• Victim Site: utoronto.ca

---

39. Weintraub, Traub, Tracy & Virk CPAs falls victim to INC RANSOM Ransomware

• Category: Ransomware
• Content: The group claims to have obtained the organization data.
• Date: 2025-11-10T12:39:29Z
• Network: tor
• Published URL: (http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/690d02aee1a4e4b3ff38e0f8)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/2e72a6a4-60d4-485b-b8bc-16d6465daae3.jpg
  • https://d34iuop8pidsy8.cloudfront.net/251c3600-c0a3-4bb8-8553-2f898994b531.jpg
• Threat Actors: INC RANSOM
• Victim Country: USA
• Victim Industry: Accounting
• Victim Organization: weintraub, traub, tracy & virk cpas
• Victim Site: tax1040.com

---

40. Alleged leak of login access to My SEO Directory

• Category: Initial Access
• Content: The group claims to have leaked login access to My SEO Directory
• Date: 2025-11-10T12:14:37Z
• Network: telegram
• Published URL: (https://t.me/c/2326263047/531)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/675130d3-b49e-48c0-bba0-04b70aec944b.JPG
• Threat Actors: LEAKS DATABASE CYBER TEAM INDONESIA
• Victim Country: Unknown
• Victim Industry: Information Technology (IT) Services
• Victim Organization: my seo directory
• Victim Site: myseodirectory.com

---

41. Alleged access to unidentified street surveillance cameras in Israel

• Category: Initial Access
• Content: The group claims to have gained unauthorized access to several street surveillance cameras in Israel.
• Date: 2025-11-10T11:50:51Z
• Network: telegram
• Published URL: (https://t.me/c/3058168654/263)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f9f0bebe-16ca-4a61-b6ee-722075ed4daf.png
• Threat Actors: HEZI RASH
• Victim Country: Israel
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

42. Alleged access to unidentified surveillance cameras in Turkey

• Category: Initial Access
• Content: The group claims to have gained unauthorized access to several surveillance cameras in Turkey.
• Date: 2025-11-10T11:46:56Z
• Network: telegram
• Published URL: (https://t.me/c/3058168654/264)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/73a7ed8a-2806-4a8a-8785-06410666885a.png
• Threat Actors: HEZI RASH
• Victim Country: Turkey
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

43. Alleged sale of French B2C data

• Category: Data Breach
• Content: The threat actor claims to be selling a database allegedly containing 30 million French B2C records sourced from Zecible.
• Date: 2025-11-10T11:41:46Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-France-French-B2C-Data-30M)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7b60dbdd-f02f-450b-a815-f0f78fa838bf.png
• Threat Actors: kamstudio
• Victim Country: France
• Victim Industry: Marketing, Advertising & Sales
• Victim Organization: zecible
• Victim Site: zecible.fr

---

44. Alleged leak of login access to Addonbiz

• Category: Initial Access
• Content: The group claims to have leaked login access to Addonbiz.
• Date: 2025-11-10T11:41:13Z
• Network: telegram
• Published URL: (https://t.me/c/2326263047/530)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/03971015-1252-4f58-a9b1-fa7d2ad2fd41.png
• Threat Actors: LEAKS DATABASE CYBER TEAM INDONESIA
• Victim Country: India
• Victim Industry: Business and Economic Development
• Victim Organization: addonbiz
• Victim Site: addonbiz.com

---

45. Alleged sale of Chinese surveillance data

• Category: Data Breach
• Content: The threat actor claims to be selling a database allegedly containing Chinese surveillance data, including 3.9 million device client records and 2.7 million device user records.
• Date: 2025-11-10T11:18:33Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-Chinese-Surveillance-Data)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b57856cb-61a5-4522-8903-3c4757e4beaa.png
• Threat Actors: Evisceration
• Victim Country: China
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

46. Alleged data leak of Prexel

• Category: Data Breach
• Content: The threat actor claims to have leaked user data from Prexel, allegedly containing applicant name, primary email, phone, designation, experience, city, state, zip, skills, added by, and raw resume.
• Date: 2025-11-10T11:14:53Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-prexel-win-DB)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7777307d-f286-4e9d-b638-0ce9efde483b.png
• Threat Actors: Evisceration
• Victim Country: USA
• Victim Industry: Information Technology (IT) Services
• Victim Organization: prexel
• Victim Site: prexel.win

---

47. Alleged data leak of multiple websites

• Category: Data Breach
• Content: The threat actor claims to be selling databases allegedly containing user information from SEI Club and bet365, including sensitive data related to Korean users of both platforms.
• Date: 2025-11-10T11:10:00Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-SEI-Club-Dating-Bet365-Korea)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a974abfc-416e-4589-b1b1-5be9b42583b3.png
• Threat Actors: Evisceration
• Victim Country: USA
• Victim Industry: Luxury Goods & Jewelry
• Victim Organization: sei club
• Victim Site: seiclub.com

---

48. Alleged data sale of Dubai investors

• Category: Data Breach
• Content: The threat actor claims to be selling a database allegedly containing 648,000 lines of investor data from Dubai, including 4.6 million email addresses and 680,000 phone numbers.
• Date: 2025-11-10T10:57:14Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-Dubai-Investors-DB)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/b671ac1b-7cb9-4b31-beb8-f2582251f386.png
• Threat Actors: Evisceration
• Victim Country: UAE
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

49. Alleged sale of unauthorized eSIM profiles from NTC

• Category: Data Breach
• Content: The group claims to be selling unauthorized eSIM profiles allegedly extracted from NTC
• Date: 2025-11-10T10:39:28Z
• Network: telegram
• Published URL: (https://t.me/ctrl_nepal/199)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3c4e1847-21d8-4227-8126-253bfe2a3e65.png
• Threat Actors: GenZRisingNepal
• Victim Country: Nepal
• Victim Industry: Network & Telecommunications
• Victim Organization: Unknown
• Victim Site: Unknown

---

50. BABAYO EROR SYSTEM targets multiple Bangladesh websites

• Category: Defacement
• Content: The group claims to have defaced multiple Bangladesh websites.
• Date: 2025-11-10T10:37:21Z
• Network: telegram
• Published URL: (https://t.me/babayoerorsysteam3/629)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/d31b726c-e34d-4af8-98ac-9449ffefe27b.png
• Threat Actors: BABAYO EROR SYSTEM
• Victim Country: Bangladesh
• Victim Industry: Education
• Victim Organization: aftab bidyaniketon
• Victim Site: aftabedu.com

---

51. SERVER KILLERS claims to target Denmark

• Category: Alert
• Content: A recent post by the group indicates that they are targeting Denmark
• Date: 2025-11-10T10:08:38Z
• Network: telegram
• Published URL: (https://t.me/xServerKillers/200)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/31aaa9ff-a488-4365-b1d2-f7eda75cffee.png
• Threat Actors: SERVER KILLERS
• Victim Country: Denmark
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

52. Alleged data sale of Cigarrlagret

• Category: Data Breach
• Content: The threat actor claims to be selling 160,000 lines of data from Cigarrlagret, allegedly containing id, gender, firstname, lastname, personnummer, email address, and more.
• Date: 2025-11-10T09:23:24Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Selling-Database-Sweden-cigarrlagret-nu-160K)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/632762a6-06d1-4d6a-a919-ce4b82c32b29.png
  • https://d34iuop8pidsy8.cloudfront.net/774ebdba-4392-4d54-802b-72db1072b433.png
• Threat Actors: Robert2025
• Victim Country: Sweden
• Victim Industry: Retail Industry
• Victim Organization: cigarrlagret
• Victim Site: cigarrlagret.nu

---

53. Alleged data leak of Ahmadu Bello University Distance Learning Centre

• Category: Data Breach
• Content: The threat actor claims to have leaked four SQL databases from Ahmadu Bello University Distance Learning Centre, allegedly containing id, username, first_name, middle_name, last_name, email, password, and more.
• Date: 2025-11-10T09:11:59Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-DATABASE-abudlc-edu-ng-Download-Free-4SQL-Available)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7f7536fd-dba6-4d93-be91-7c265ebc06d9.png
• Threat Actors: wizard
• Victim Country: Nigeria
• Victim Industry: Education
• Victim Organization: ahmadu bello university distance learning centre
• Victim Site: abudlc-edu.ng

---

54. Alleged data breach of Spoleta Construction

• Category: Data Breach
• Content: The group claims to have leaked 37 GB of compressed files from Spoleta Construction. NB: The authenticity of the claim is yet to be verified.
• Date: 2025-11-10T07:56:34Z
• Network: tor
• Published URL: (http://brohoodyaifh2ptccph5zfljyajjabwjjo4lg6gfp4xb6ynw5w7ml6id.onion/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/ab4f9685-a2e8-488a-97ad-4c62f33afd36.png
• Threat Actors: BROTHERHOOD
• Victim Country: USA
• Victim Industry: Building and construction
• Victim Organization: spoleta construction
• Victim Site: spoleta.com

---

55. NoName targets the website of Odense Municipality

• Category: Ransomware
• Content: Proof of downtime : https://check-host.net/check-report/3206e8d2ke3a
• Date: 2025-11-10T07:38:35Z
• Network: telegram
• Published URL: (https://t.me/c/2787466017/279)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/db1c228d-3fb0-4fa7-a0af-bb93bb9b791c.png
  • https://d34iuop8pidsy8.cloudfront.net/98551651-4d01-454a-b7c9-373086505246.png
• Threat Actors: NoName057(16)
• Victim Country: Denmark
• Victim Industry: Civic & Social Organization
• Victim Organization: odense municipality
• Victim Site: odense.dk

---

56. Alleged leak of admin access to London Academy of Professional Training

• Category: Initial Access
• Content: The threat actor claims to have gained unauthorized admin access to London Academy of Professional Training.
• Date: 2025-11-10T07:36:21Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-Website-access-verification-lapt-uk-United-Kingdom)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/13991a42-9e74-40fe-aae7-e6cb0a3deb94.png
• Threat Actors: blackhunter1
• Victim Country: UK
• Victim Industry: Education
• Victim Organization: london academy of professional training
• Victim Site: verification.lapt.uk

---

57. Alleged leak of admin access to an unidentified organization in the Philippines

• Category: Initial Access
• Content: The threat actor claims to have gained unauthorized admin access to an unidentified organization in the Philippines.
• Date: 2025-11-10T07:31:41Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-snapmart-ph-website-admin-access-in-the-Philippines)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f4b0368c-8a46-4188-8679-fcb68bf02bb8.png
• Threat Actors: blackhunter1
• Victim Country: Philippines
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: snapmart.ph

---

58. Alleged data leak of Army officers in Bangladesh

• Category: Data Breach
• Content: The group claims to have selling more than 900 data base of retired army officers in Bangladesh.
• Date: 2025-11-10T07:14:28Z
• Network: telegram
• Published URL: (https://t.me/c/2362414795/17980)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/7fb0df52-812d-48dd-8190-2f9e8aaafcf8.JPG
• Threat Actors: The Night Hunters
• Victim Country: Bangladesh
• Victim Industry: Military Industry
• Victim Organization: Unknown
• Victim Site: Unknown

---

59. GARUDA CYBER TEAM targets the website Madrasah Aliyah Negeri (State Islamic Senior High School) in indonesia

• Category: Defacement
• Content: The group claims to have defaces the website of Madrasah Aliyah Negeri (State Islamic Senior High School) in indonesia
• Date: 2025-11-10T06:25:06Z
• Network: telegram
• Published URL: (https://t.me/c/2922666876/954)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/965b5f05-f1a4-4550-a774-7e7842b0dd9c.png
• Threat Actors: GARUDA CYBER TEAM
• Victim Country: Indonesia
• Victim Industry: Education
• Victim Organization: madrasah aliyah negeri (state islamic senior high school)
• Victim Site: ekskul.manberau-isthebest.sch.id

---

60. HellR00ters Team targets multiple websites

• Category: Defacement
• Content: The group claims to have defaces multiple domains. Domains:- https://aalbertsteels.com/indexd.php https://aesind.co.in/indexd.php https://akmlights.com/indexd.php https://alamelu.in/indexd.php https://albertengineering.in/indexd.php https://anusharajesh.com/indexd.php https://bestengineerssalem.com/indexd.php https://bifi.co.in/indexd.php https://biotecresearchcentre.com/indexd.php https://bitternpharmaceuticals.com/indexd.php https://classicwaterproofingsystems.com/indexd.php https://cresha.org/indexd.php https://d6architects.in/indexd.php https://dharanhomes.com/indexd.php https://dietnamakkal.com/indexd.php https://dietsalem.com/indexd.php https://distinguishedme.co/indexd.php https://eniyahomecare.com/indexd.php https://ghosamrakshanatrust.org/indexd.php https://girivalampoojaproducts.com/indexd.php https://goldharvestea.com/indexd.php https://goldloansalem.com/indexd.php https://hotelwindsorcastlesalem.com/indexd.php https://hrhubrecruitmentagency.com/indexd.php https://ifsefiresafetyequip.com/indexd.php https://innerwheelclubofsalemmidtown.com/indexd.php https://iqtsindia.com/indexd.php https://iwaladieshostelandoldagehome.com/indexd.php https://jewelre.in/indexd.php https://kgfassociates.in/indexd.php https://licvms.com/indexd.php https://livewiresalem.com/indexd.php https://manojgoldpalace.com/indexd.php https://mettalasteels.com/indexd.php https://moneyminibankers.in/indexd.php https://mothersortho.com/indexd.php https://mydecohome.in/indexd.php https://naanayam.co.in/indexd.php https://naanayan.com/indexd.php https://oasisfamilysalon.com/indexd.php https://prithwinindustrialsupply.com/indexd.php https://psaholyangelssalem.com/indexd.php https://rajatradingcompany.com/indexd.php https://rarestones.org/indexd.php https://rashmiconsultancy.com/indexd.php https://realstoneconstruction.com/indexd.php https://rishinethralaya.org/indexd.php https://sceatn.org/indexd.php https://scriby.in/indexd.php https://sktindia.com/indexd.php https://spofitacademy.com/indexd.php https://srisornalayanattiyappalli.com/indexd.php https://srpillaimar.in/indexd.php https://sthitiyoga.in/indexd.php https://studiobyshamanails.com/indexd.php https://submarinerestaurant.com/indexd.php https://surryapropertymanagement.com/indexd.php https://suvaigal.com/indexd.php https://talkingspaces.co.in/indexd.php https://teakfurnishings.in/indexd.php https://techram.co.in/indexd.php https://tejhastex.com/indexd.php https://thegoldeneaglegroup.org/indexd.php https://themodernacademycbse.com/indexd.php https://tmseyehospitalappointment.in/indexd.php https://veekrya.art/indexd.php https://velagrovet.com/indexd.php https://vinoladental.com/indexd.php https://vivanarts.com/indexd.php https://vividinfomedia.com/indexd.php https://vizhiacademy.com/indexd.php https://windsorapartmentssalem.com/indexd.php https://winpowersystems.in/indexd.php
• Date: 2025-11-10T05:21:23Z
• Network: telegram
• Published URL: (https://t.me/c/2758066065/255)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3a5bc860-3261-4a57-842f-836a4f23117d.png
  • https://d34iuop8pidsy8.cloudfront.net/f2566c3d-8dc7-4a04-a251-b45cd3053ef5.png
• Threat Actors: HellR00ters Team
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

61. Alleged data breach of RESANA platform of Interministerial Directorate of Digital Affairs (DINUM)

• Category: Data Breach
• Content: The threat actor claims to be selling a database allegedly exfiltrated from RESANA, a secure collaboration platform operated by France’s Interministerial Directorate of Digital Affairs (DINUM). The compromised dataset reportedly includes email addresses, full names, personal and work phone numbers, organizational affiliations, publication metadata, recommendation records, user status, and timestamps.
• Date: 2025-11-10T04:44:51Z
• Network: openweb
• Published URL: (https://leakbase.la/threads/resana-numerique-gouv-fr-breach-data-hawksec.45626/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/1212b821-7fe4-41b8-845c-a0d92347139b.png
• Threat Actors: intelx
• Victim Country: France
• Victim Industry: Government Administration
• Victim Organization: interministerial directorate of digital affairs (dinum)
• Victim Site: resana.numerique.gouv.fr

---

62. Alleged unauthorized Shell Access to multiple domains

• Category: Initial Access
• Content: The group claims to have gained unauthorized Shell access to multiple domains. Domains:- https://kayjayforgingsmail.com/about/function.php https://indeedtraining.com/admin.php https://bsimuhendislik.com/about.php https://moranpallets.com/dropdown.php https://moreson.org/wp-admin/wp.php https://kikarchitekci.prohost.pl/about.php https://kubansmu.org/admin.php http://gaiser.org/file.php [suspicious link removed] https://icte-dubai.com/new.php https://indigoafrica.net/user.php https://sihate.co/about/function.php https://irandayun.com/dropdown.php https://www.shribhimashankarbed.com/new.php https://msk.rps-dozor.ru/about.php https://proluxingenieros.com/about.php https://surfdaweb.com/admin.php https://portraits.ecpm.org/wp-class.php https://sweetbeats.com.au/admin.php https://www.habutechnology.com/dropdown.php https://www.hoeft-immobilien.com/autoload_classmap.php https://testapicvm.edgestudio.in/about.php http://tejadosibiza.com/.hidden/config.php https://web76.green.colorhost.de/about.php https://westerfeld.fr/mah.php https://www.enjayartisticcreations.com/about.php [suspicious link removed] https://www.galantilife.com/admin.php https://www.qwertydesign.ru/defaults.php http://paty-e-thomas.com.br/about.php https://api.firehousepr.com/wp-includes/IXR/index.php https://anybizpro.com/SHELL.php https://chariseabigail.com/.hidden/config.php https://ctciwiring.com/wp-content/themes/pridmag/db.php?u https://burnwebsandbox.wpengine.com/wp-content/plugins/fix/up.php [suspicious link removed] http://baumgartlgbr.de/ws.php
• Date: 2025-11-10T04:31:33Z
• Network: telegram
• Published URL: (https://t.me/neffex_the_blackhat/18)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f5565e3-3399-4048-801f-2ecbe520906b.png
• Threat Actors: Neffex THe BlackHat
• Victim Country: Unknown
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

63. Alleged leak of FBI director personal data

• Category: Data Breach
• Content: Threat actor claims to have leaked FBI director personal data. The compromised data include SSN, address, etc.
• Date: 2025-11-10T03:41:57Z
• Network: openweb
• Published URL: (https://darkforums.st/Thread-%F0%9F%A4%94-KASH-PATEL-FBI-DIRECTOR-FULL-PERSONAL-DATA-LEAK-SSN-ADDRESS-%F0%9F%A4%94)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/95818fae-23ee-429d-bf49-5a375a0665c9.png
  • https://d34iuop8pidsy8.cloudfront.net/a64ff9f9-8b08-4ff4-aaea-e454c81b6876.png
• Threat Actors: jrintel
• Victim Country: USA
• Victim Industry: Unknown
• Victim Organization: Unknown
• Victim Site: Unknown

---

64. Alleged unauthorized access to Central Bank of India

• Category: Initial Access
• Content: The group claims to have gained unauthorized access to Central Bank of India
• Date: 2025-11-10T03:37:29Z
• Network: telegram
• Published URL: (https://t.me/tbcnofficial/170)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/429c5247-c937-4664-bcf6-f24e9dd3a9c5.png
• Threat Actors: TEAM BD CYBER NINJA OFFICIAL
• Victim Country: India
• Victim Industry: Banking & Mortgage
• Victim Organization: central bank of india
• Victim Site: centralbank.bank.in

---

65. Alleged sale of Indonesian administrator court access

• Category: Data Breach
• Content: Threat actor claims to be selling Indonesian administrator court access.
• Date: 2025-11-10T01:46:53Z
• Network: openweb
• Published URL: (https://leakbase.la/threads/indonesian-administrator-court-full-acces-avilable-with-proof.45621/)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/faa227dc-f03a-45e5-9c57-d3b5e10d98d1.png
• Threat Actors: nsjzjdjd
• Victim Country: Indonesia
• Victim Industry: Judiciary
• Victim Organization: Unknown
• Victim Site: Unknown

---

66. TEAM BD CYBER NINJA OFFICIAL claims to target The Times of India

• Category: Alert
• Content: A recent post by the group indicates that they are targeting The Times of India.
• Date: 2025-11-10T01:19:49Z
• Network: telegram
• Published URL: (https://t.me/tbcnofficial/169)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/f45c1599-25de-4585-9c65-3685172bcacd.png
• Threat Actors: TEAM BD CYBER NINJA OFFICIAL
• Victim Country: India
• Victim Industry: Newspapers & Journalism
• Victim Organization: the times of india
• Victim Site: timesofindia.indiatimes.com

---

67. CapitalPlus Exchange (CapPlus) falls victim to Sinobi Ransomware

• Category: Ransomware
• Content: The group claims to have obtained 260 GB of the organization’s data, including contracts, customer information, financial records, and other confidential assets. They intend to publish the data within 8 days.
• Date: 2025-11-10T00:56:26Z
• Network: tor
• Published URL: (http://sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onion/leaks/6910f47688b6823fa25dd142)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/a2fb34f1-80ba-4df7-a2e8-fa0719ce5189.png
• Threat Actors: Sinobi
• Victim Country: USA
• Victim Industry: Financial Services
• Victim Organization: capitalplus exchange (capplus)
• Victim Site: capplus.org

---

68. Seward County, Kansas falls victim to Sinobi Ransomware

• Category: Ransomware
• Content: The group claims to have obtained the organization’s data, including financial records and intends to publish it within 10 days
• Date: 2025-11-10T00:17:59Z
• Network: tor
• Published URL: (http://sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onion/leaks/6910f38388b6823fa25dca87)
• Screenshots:
  • https://d34iuop8pidsy8.cloudfront.net/3cf9c90f-7f21-4c83-bf7c-07760378ae52.png
• Threat Actors: Sinobi
• Victim Country: USA
• Victim Industry: Government Administration
• Victim Organization: seward county, kansas
• Victim Site: sewardcountyks.org

---

Conclusion

The incidents detailed in this report, spanning November 10, 2025, highlight a diverse and active landscape of cyber threats. Ransomware remains a significant threat, with groups like Everest, INC RANSOM, PLAY, Qilin, Akira, RansomHouse, and Sinobi targeting sectors including Manufacturing, Financial Services, Education, and Construction across multiple countries, notably the USA. Data breaches and data leaks are also prominent, affecting sectors such as E-commerce, Financial Services, Government, and Telecommunications in countries like Germany, France, China, India, and the UAE. Furthermore, threats involving Initial Access sales and Defacement attacks underscore the continuous need for robust security measures across various industries globally.