[October-12-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Alleged gain of access to Ricous Hydroelectric Complex on the Drac River
  1. Alleged data sale of repandre.com
  1. FRISQUET S.A. falls victim to Qilin Ransomware
  1. Alleged sale of French trading database
  1. Alleged sale of Etat Civil database
  1. Dynamic Precision falls victim to Qilin Ransomware
  1. Alleged Sale of RDP Access to Italian Construction Company
  • Category: Initial Access
  • Content: A threat actor is allegedly offering rdp access to an Italy-based company operating in the Commercial & Residential Construction sector. The organization reportedly has annual revenue under $5 Million USD. The access provides user-domain level credentials on a Windows host protected by Windows Defender.
  • Date: 2025-10-12T22:08:27Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/268088/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/95a382a6-5e55-4aed-a7e5-7adcbb0c28ee.png
  • Threat Actors: 361CrimeLiFe
  • Victim Country: Italy
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data sale of Mission locale de Paris
  1. Alleged Sale of RDP Access to Italian Industrial Machinery Company
  • Category: Initial Access
  • Content: A threat actor is allegedly offering rdp access to an Italy-based company in the Industrial Machinery & Equipment sector reporting 9M in revenue. The access appears to be a user domain account on a Windows host protected by Windows Defender.
  • Date: 2025-10-12T22:03:03Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/268087/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/21cd1eb4-5101-4185-94cc-d50acd1bc1bd.png
  • Threat Actors: 361CrimeLiFe
  • Victim Country: Italy
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged Sale of RDP Access to US Corporation (Advertising & Marketing)
  • Category: Initial Access
  • Content: A threat actor is allegedly offering rdp access to a US-based corporation in the Advertising & Marketing sector. The target organization reportedly generates less than $5M in annual revenue. The access provides local administrator privileges on a Windows system protected by Windows Defender. This type of access could enable lateral movement, data exfiltration, or deployment of malicious software.
  • Date: 2025-10-12T21:56:45Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/268086/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/020bd76d-f98f-4fab-980c-77e54d6cb717.png
  • Threat Actors: 361CrimeLiFe
  • Victim Country: USA
  • Victim Industry: Marketing, Advertising & Sales
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Sunbelt Design and Development falls victim to Sinobi Ransomware
  1. Alleged sale of access to Brainerd Public Schools
  1. CMF Inc. falls victim to Sinobi Ransomware
  1. Alleged data sale of Oro Integrated Cooperative
  1. Alleged leak of Ukrainian entrepreneurs data
  1. Alleged sale of access to Sani-touch
  1. IDB Clinics Group falls victim to Sinobi Ransomware
  1. Alleged leak of Indian National Identity Cards
  1. Valtorta falls victim to Qilin Ransomware
  1. Alleged data sale of Solana Foundation
  1. Alleged data leak of Comptroller and Auditor General of India
  • Category: Data Breach
  • Content: The group claims to have leaked data of Comptroller and Auditor General of India, containing around 1.9k Excel databases with sensitive government information and internal records.
  • Date: 2025-10-12T18:18:18Z
  • Network: telegram
  • Published URL: (https://t.me/c/3088972502/61)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/75c221ea-1845-44a5-86de-4c4483167da2.png
  • Threat Actors: HIME666
  • Victim Country: India
  • Victim Industry: Government & Public Sector
  • Victim Organization: comptroller and auditor general of india
  • Victim Site: cag.gov.in
  1. Alleged data leak of Roblox
  1. Alleged Sale of Prestashop Admin Access in Spain with Credit Card Redirect
  1. Alleged Sale of Prestashop Admin Access in France with Credit Card Redirect
  1. Alleged Sale of Prestashop Admin Access in Lithuania with Credit Card Redirect
  1. Alleged Sale of Mossad Data and Israeli Companies Information
  1. Alleged data sale of Stansberry Research
  1. Alleged data breach of Perbadanan Putrajaya
  1. Alleged data sale of the Israel Defense Forces
  • Category: Data Breach
  • Content: The threat actor claims to have obtained data from the Israel Defense Forces (IDF), allegedly containing Naval deployment, personnel records and vessel specs.
  • Date: 2025-10-12T14:26:57Z
  • Network: openweb
  • Published URL: https://vfvct.github.io/VFVCT/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/ae0d63e0-99e7-4162-97d5-5c53ed3c69bb.png
  • Threat Actors: V FOR VENDETTA CYBER TEAM
  • Victim Country: Israel
  • Victim Industry: Government Administration
  • Victim Organization: israel defense forces
  • Victim Site: idf.il
  1. Alleged data sale of Johor State Court
  • Category: Data Breach
  • Content: The threat actor claims to have obtained data from Johor State Court, allegedly containing Staff information, identity cards and court records.
  • Date: 2025-10-12T14:26:27Z
  • Network: openweb
  • Published URL: https://vfvct.github.io/VFVCT/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/6c48fc89-fee9-487d-a9e9-4a4c31a57b54.png
  • Threat Actors: V FOR VENDETTA CYBER TEAM
  • Victim Country: Malaysia
  • Victim Industry: Government Administration
  • Victim Organization: johor state court
  • Victim Site: johor.kehakiman.gov.my
  1. Design To Print falls victim to MEDUSA Ransomware
  1. Ecopetróleo falls victim to MEDUSA Ransomware
  1. Alleged data sale of SMK Taruna Bhakti Depok
  • Category: Data Breach
  • Content: The threat actor claims to have obtained data from SMK Taruna Bhakti Depok, allegedly containing student records, personal information, addresses, and family data.
  • Date: 2025-10-12T14:15:06Z
  • Network: openweb
  • Published URL: https://vfvct.github.io/VFVCT/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/4e335caa-fdaf-4732-b7e0-07611a841053.png
  • Threat Actors: V FOR VENDETTA CYBER TEAM
  • Victim Country: Indonesia
  • Victim Industry: Education
  • Victim Organization: smk taruna bhakti depok
  • Victim Site: smktarunabhakti.net
  1. La VOIE EXPRESS falls victim to MEDUSA Ransomware
  1. Ministry of Health falls victim to Nova Ransomware
  1. Alledged Sale of Canva Database
  1. Alleged data breach of tarbia.tn
  1. Alleged database sale of Yunex Traffic
  1. Alleged data leak of American Airlines
  1. Alleged data breach of Lotería de Medellín
  • Category: Data Breach
  • Content: The group claims to be selling over 1 TB of compressed data allegedly stolen from Lotería de Medellín, including some winners’ information and internal documents related to the lottery’s operations.
  • Date: 2025-10-12T10:58:50Z
  • Network: telegram
  • Published URL: https://t.me/thecrimsoncollective/36
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/6a849c95-5e8e-49af-a83b-b40b0dab6711.png
  • Threat Actors: Crimson Collective
  • Victim Country: Colombia
  • Victim Industry: Gambling & Casinos
  • Victim Organization: lotería de medellín
  • Victim Site: loteriademedellin.com
  1. Alleged Sale of Brazilian Server Access
  1. Alleged Sale of Google Data
  1. Alleged unauthorized access to Business Bangla Machineries
  1. Balfour Beatty plc falls victim to INC RANSOM Ransomware
  1. Alleged data breach of Fokus
  1. Alleged Data Leak of InteractiveBrokers CRM
  1. Team Schierl Companies falls victim to Qilin Ransomware
  1. Alleged sale of unauthorized access to unidentified Telecom organization in Brazil
  1. Alleged gain of access to Climate Control System Breach at Lidl Poland

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and Initial Access sales are prominent, affecting various sectors from Government & Public Sector and Education to Airlines & Aviation and Financial Services, and impacting countries including France, USA, India, Israel, Malaysia, Italy, and Brazil. The compromised data ranges from customer and user information to sensitive government and military data, and financial records.

Beyond data compromise, the report also reveals significant activity in Ransomware attacks by groups like Qilin, Sinobi, and MEDUSA, and the continued operation of Defacement and Vulnerability exploitation.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts