[November-2-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

1. Alleged data leak of Medline Europe

2. Alleged unauthorized access to Indian government tax authorities.

  • Category: Initial Access
  • Content: Group claims to have gained unauthorized access to Indian government tax authorities.s a result, the internal network and human resource management system were hacked, allowing them to obtain the categories of data
  • Date: 2025-11-02T00:04:49Z
  • Network: telegram
  • Published URL: https://t.me/n2LP_wVf79c2YzM0/2224
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/09ddb7fc-90c8-4f1a-8e00-cfb33c0a685b.png
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: India
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

3. Alleged data leak of Indian government tax authorities

4. Alleged leak of medical insurance database

5. Alleged data breach of British Airways

6. BROTHERHOOD target the websites of Borephil Farms

7. Alleged data leak of phone numbers from Spain

8. Alleged sale of unauthorized access to an unidentified University in Spain

9. BABAYO EROR SYSTEM target the websites of Borephil Farms

10. BABAYO EROR SYSTEM target the websites of nikthe.tech

11. Wind alliance claims to target Spain

12. WINDALLINCE targets the website of AquaService

13. Alleged sale of Stealer Search Bot

14. HEZI RASH claims to target multiple countries

15. BROTHERHOOD CAPUNG INDONESIA targets multiple subdomains of uivibe.me

16. Alleged unauthorized access to industrial control system of Costabeber Luciano & C Srl

17. BROTHERHOOD CAPUNG INDONESIA targets multiple subdomains of hexellajewels.com

18. Deco Dental falls victim to Qilin Ransomware

19. Pharaoh’s Team targets multiple Indian websites

20. Pharaoh’s Team targets the website of meryemiz.net

21. Alleged sale of fullz

  • Category: Data Breach
  • Content: Threat actor claims to be selling fullz that include first name, last name, date of birth, SSN, email, cell phone number, military status, address, city, state, ZIP code, employer, occupation, bank account number, routing number, bank name, and other related personal and employment details.
  • Date: 2025-11-02T16:30:00Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/269492/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/b2ebc844-9d92-4627-9db8-2a99156865e5.png
  • Threat Actors: litem
  • Victim Country: Unknown
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

22. Alleged sale of credit card data from UK and USA

23. Castilla falls victim to Nova Ransomware

24. Alleged data sale of Vexels

25. BABAYO EROR SYSTEM target the websites of A24 Media

26. BABAYO EROR SYSTEM target the websites of UPTD SD Negeri

27. BABAYO EROR SYSTEM target the websites of Kantor Urusan Agama Kapanewon Pleret

28. Alleged sale of U.S citizens database aged 65 and above

29. Alleged sale of leaked email inboxes from National Security Agency

30. Alleged sale of Shopify dump from Switzerland

31. Alleged sale of Barak-8 Missile System contract data

32. Alleged sale of a malicious plugin

33. Alleged Sale of Israel’s Iron Dome System Data

34. Alleged sale of unauthorized access to an online store in UK

35. BROTHERHOOD CAPUNG INDONESIA targets the website of MOV Corp Co

36. HEZI RASH targets the website of gagan.wz.cz

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from healthcare and education to government administration and defense, and impacting countries including India, USA, Spain, UK, Indonesia, Switzerland, Uruguay, and Israel. The compromised data ranges from full patient PHI and sensitive defense contract details to large databases of US citizens’ personal information and credit card data.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to a Spanish university’s NAS server, an online UK store, and Indian government tax authorities. Malware sales, including a malicious WordPress, Joomla, and Drupal plugin, further underscore the availability of offensive capabilities in the cyber underground. Additionally, there are multiple instances of website defacement across various countries and industries, and ransomware attacks impacting organizations like a dental office in the USA and a consumer services company in Spain.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts