[October-13-2025] Daily Cybersecurity Threat Report

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

Mercante Tubos e Aços falls victim to Mydata/Alphalocker Ransomware

Category: Ransomware
Content: The group claims to have obtained 200 GB of organization’s internal data and they intend to publish it within 6-7 days
Date: 2025-10-13T23:49:23Z
Network: tor
Published URL: (http://mydatae2d63il5oaxxangwnid5loq2qmtsol2ozr6vtb7yfm5ypzo6id.onion/blog_1-25) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4612f138-9718-41ea-b892-2439db8cdbf2.png
https://d34iuop8pidsy8.cloudfront.net/1c2217cf-2bab-420c-b528-c79171dc500e.png
https://d34iuop8pidsy8.cloudfront.net/8234c068-00a3-4df9-be95-1ba182e94176.png
https://d34iuop8pidsy8.cloudfront.net/501e9a3c-8b16-4628-bb25-cbc3b62d398d.png
https://d34iuop8pidsy8.cloudfront.net/bd8a62aa-fe57-4477-890e-94eba2ce2bd3.png
Threat Actors: Mydata/Alphalocker
Victim Country: Brazil
Victim Industry: Mining/Metals
Victim Organization: mercante tubos e a\u00e7os
Victim Site: mercantetubos.com.br

Bank3 falls victim to Qilin Ransomware

Category: Ransomware
Content: The group claims to have obtained 149 GB of data, comprising the organization’s entire data set. The exposed data reportedly include personal and financial information for all clients, as well as the organization’s internal financial data.
Date: 2025-10-13T23:20:45Z
Network: tor
Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=22d0393e-aed9-3488-a49d-eb90d220d4fd) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dc0241ce-8a0e-440d-b8c7-d6c1541ac3c5.png
https://d34iuop8pidsy8.cloudfront.net/2597d2ec-a4ab-4eec-9a81-a4e867bd7875.png
https://d34iuop8pidsy8.cloudfront.net/2d450d4c-9270-4318-90de-21d15763bba1.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Banking & Mortgage
Victim Organization: bank3
Victim Site: bank3.com

Alleged data leak of Royal Bank of Scotland

Category: Data Breach
Content: The group claims to have leaked data of Royal Bank of Scotland, contains 5K+ credit cards, secret files and other secret information’s.
Date: 2025-10-13T22:21:02Z
Network: telegram
Published URL: (https://t.me/H3yder_N3ex/567) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5ef07a40-a4b1-45c2-ac5b-1beb036bf87a.png
https://d34iuop8pidsy8.cloudfront.net/18c9646b-c849-409a-8cf9-97b0d1831441.png
Threat Actors: Hider_Nex
Victim Country: UK
Victim Industry: Financial Services
Victim Organization: royal bank of scotland
Victim Site: rbs.co.uk

BHI Co., Ltd. falls victim to Qilin Ransomware

Category: Ransomware
Content: The group claims to have obtained the organization’s data.
Date: 2025-10-13T22:02:40Z
Network: tor
Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=6ce4c97a-761b-34ca-b767-96125359b050) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5067461b-504d-45c5-b7fc-42fe6d084091.png
https://d34iuop8pidsy8.cloudfront.net/ab24027a-005c-4c25-bec8-a41a1cf7148d.png
https://d34iuop8pidsy8.cloudfront.net/3fbb6727-ca6f-485c-9b6d-efdfc9adce49.png
https://d34iuop8pidsy8.cloudfront.net/45346d16-cf79-4e78-8a5c-4b720f69da42.png
Threat Actors: Qilin
Victim Country: South Korea
Victim Industry: Manufacturing
Victim Organization: bhi co., ltd.
Victim Site: bhi.co.kr

Pharaoh’s Team targets the website of Peak Performance Hiking

Category: Defacement
Content: The group claims to have deface the website of Peak Performance Hiking.
Date: 2025-10-13T21:37:52Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8259d6cb-aacf-4b4a-a38e-3ee9f269a250.png
https://d34iuop8pidsy8.cloudfront.net/c214e8de-dd5e-4cbd-a265-cee0454a5027.png
Threat Actors: Pharaoh’s Team
Victim Country: India
Victim Industry: Leisure & Travel
Victim Organization: peak performance hiking
Victim Site: peakperformancehiking.com

San Bernard Electric Coop.,Inc. falls victim to Qilin Ransomware

Category: Ransomware
Content: The group claims to have obtained 290 GB of the organization’s data.
Date: 2025-10-13T21:37:19Z
Network: tor
Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=16a87d22-eb7d-3d38-87a8-424cdeb3e2b3) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/01631366-05ef-4c35-a9fa-6b7c2983fa0b.png
https://d34iuop8pidsy8.cloudfront.net/c6115da0-7c5b-4461-92aa-92034b86f531.png
https://d34iuop8pidsy8.cloudfront.net/0da4c8bd-5947-4153-81fd-dd1394bb4315.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Energy & Utilities
Victim Organization: san bernard electric coop.,inc.
Victim Site: sbec.org

Pharaoh’s Team targets the website of Namaste Tech

Category: Defacement
Content: The group claims to have deface the website of Namaste Tech.
Date: 2025-10-13T21:33:48Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/569d4027-3afe-4239-ab0b-6c79b4ac85c4.png
https://d34iuop8pidsy8.cloudfront.net/9aecb372-33ab-409a-9358-316498ac6eca.png
Threat Actors: Pharaoh’s Team
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: namaste tech
Victim Site: namastetechs.com

Pharaoh’s Team targets the website of Hind Era Properties

Category: Defacement
Content: The group claims to have deface the website of Hind Era Properties.
Date: 2025-10-13T21:28:34Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c9fc12bc-67cf-47b9-b87e-608bcec8a595.png
https://d34iuop8pidsy8.cloudfront.net/e1315d50-bc96-404d-8ce2-253d8175807e.png
Threat Actors: Pharaoh’s Team
Victim Country: India
Victim Industry: Real Estate
Victim Organization: hind era properties
Victim Site: hinderaproperties.com

Pharaoh’s Team targets the website hostingersite.com

Category: Defacement
Content: The group claims to have deface the website hostingersite.com.
Date: 2025-10-13T21:21:09Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a3cc8fe-a76b-4122-acc1-15db6ec79951.png
https://d34iuop8pidsy8.cloudfront.net/a10815a5-bc78-43f8-8f4b-2f3e2bacf941.png
Threat Actors: Pharaoh’s Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: hostingersite.com

Pharaoh’s Team targets the website of Grandeur Net Academy

Category: Defacement
Content: The group claims to have deface the website of Grandeur Net Academy.
Date: 2025-10-13T21:16:00Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c69dd3f9-599f-4091-b0df-b1a7cbb971e7.png
https://d34iuop8pidsy8.cloudfront.net/0a23169a-924f-4c58-982d-4903fe47974d.png
Threat Actors: Pharaoh’s Team
Victim Country: India
Victim Industry: Education
Victim Organization: grandeur net academy
Victim Site: grandeurnetacademy.com

Pharaoh’s Team targets the website darkgoldenrod-pigeon-466926.hostingersite.com

Category: Defacement
Content: The group claims to have deface the website darkgoldenrod-pigeon-466926.hostingersite.com
Date: 2025-10-13T21:12:09Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a3cc8fe-a76b-4122-acc1-15db6ec79951.png
https://d34iuop8pidsy8.cloudfront.net/a10815a5-bc78-43f8-8f4b-2f3e2bacf941.png
Threat Actors: Pharaoh’s Team
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: darkgoldenrod-pigeon-466926.hostingersite.com

Bun falls victim to ThreeAM Ransomware

Category: Ransomware
Content: The group claims to have obtained the organization’s data .
Date: 2025-10-13T21:07:53Z
Network: tor
Published URL: (http://threeamkelxicjsaf2czjyz2lc4q3ngqkxhhlexyfcp2o6raw4rphyad.onion/detail/ga91ncdex7z3l6yz50bntndj8shagd) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4b8eefd7-903a-42a2-98e9-24ceb22c9c7f.png
Threat Actors: ThreeAM
Victim Country: Netherlands
Victim Industry: Retail Industry
Victim Organization: bun
Victim Site: bun.nl

Pharaoh’s Team targets the website bookingsupport.in

Category: Defacement
Content: The group claims to have deface the website bookingsupport.in.
Date: 2025-10-13T21:04:57Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/212d9a9a-85c8-4d80-bfbc-3ea8191aa0cd.png
https://d34iuop8pidsy8.cloudfront.net/15d68c96-4668-4a3b-8d87-7d423f36f5f2.png
Threat Actors: Pharaoh’s Team
Victim Country: India
Victim Industry: Hospitality & Tourism
Victim Organization: Unknown
Victim Site: bookingsupport.in

Pharaoh’s Team targets the website of AMOREVO

Category: Defacement
Content: The group claims to have deface the website of AMOREVO.
Date: 2025-10-13T21:00:20Z
Network: telegram
Published URL: (https://t.me/Pharaohs_n/165) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/72d07907-4d2e-409e-8b44-8fa9a3c682a8.png
https://d34iuop8pidsy8.cloudfront.net/c4e5adf3-6027-461c-939c-643a030d1819.png
Threat Actors: Pharaoh’s Team
Victim Country: Spain
Victim Industry: Performing Arts
Victim Organization: amorevo
Victim Site: amourevo.com

PT. INDACO WARNA DUNIA falls victim to Nova Ransomware

Category: Ransomware
Content: The group claims to have obtained 5.4 GB of the organization’s data and intends to publish them within 3-4 days.
Date: 2025-10-13T20:35:25Z
Network: tor
Published URL: (http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/#) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e8c45306-9fab-461b-b010-a2488cc5ed3f.png
Threat Actors: Nova
Victim Country: Indonesia
Victim Industry: Wholesale
Victim Organization: pt. indaco warna dunia
Victim Site: indaco.id

Alleged leak of sensitive documents from Palestine and Egypt

Category: Data Breach
Content: Threat actor claims to have obtained and published sensitive documents allegedly originating from Palestine and Egypt. Sample screenshots released with the claim reportedly show a passport, financial/statistical reports, and other documents.
Date: 2025-10-13T20:01:02Z
Network: openweb
Published URL: (https://x.com/networker_sup/status/1977818084053545043) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3b82626a-9745-4b3c-a9f8-19e648348954.png
Threat Actors: NET-WORKER
Victim Country: Egypt
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Fountains Condominium Operations falls victim to DragonForce Ransomware

Category: Ransomware
Content: The group claims to have obtained 453.66 GB of the organization’s data and intends to publish them within 6-7 days.
Date: 2025-10-13T19:57:59Z
Network: tor
Published URL: (http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7ca48adc-0129-4512-8e17-1028c3996efb.png
https://d34iuop8pidsy8.cloudfront.net/8e06ac2f-a68f-43e9-860a-994e87c63da9.png
Threat Actors: DragonForce
Victim Country: USA
Victim Industry: Real Estate
Victim Organization: fountains condominium operations
Victim Site: fcocondo.com

Arabian Ghosts targets the website of Front Blink

Category: Defacement
Content: The group claims to have deface the website of Front Blink.
Date: 2025-10-13T19:44:48Z
Network: telegram
Published URL: (https://t.me/ARABIAN_GH0STS/150) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cce03f4a-f0ff-4446-af2c-aadb00994a21.png
Threat Actors: Arabian Ghosts
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: front blink
Victim Site: dev.frontblink.com

Arabian Ghosts targets the website of Hackberry Softech Private Limited

Category: Defacement
Content: The group claims to have deface the website of Hackberry Softech Private Limited.
Date: 2025-10-13T19:39:16Z
Network: telegram
Published URL: (https://t.me/ARABIAN_GH0STS/149) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4fd4e956-3f34-493c-bcc6-bfbcaea7ec6d.png
Threat Actors: Arabian Ghosts
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: hackberry softech private limited
Victim Site: hackberrysoftech.com

Alleged data breach of Bienvenue à Paris

Category: Data Breach
Content: The group claims to have leaked data of Bienvenue \u00e0 Paris.
Date: 2025-10-13T19:34:10Z
Network: telegram
Published URL: (https://t.me/lunarisS3C/55) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f7305204-8a02-483c-8819-d5dfaff93b9b.png
Threat Actors: LunarisSec
Victim Country: France
Victim Industry: Leisure & Travel
Victim Organization: bienvenue \u00e0 paris
Victim Site: bienvenueaparis.fr

HellR00ters Team targets the website of Shiv Shakti International

Category: Defacement
Content: The group claims to have deface the website of Shiv Shakti International.
Date: 2025-10-13T18:58:01Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eb3a2229-9b96-4fce-a8e3-adb424d20f1f.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Import & Export
Victim Organization: shiv shakti international
Victim Site: shivshaktiinternationals.in

HellR00ters Team targets the website of Shiv Gaushala Charitable Trust Miyani

Category: Defacement
Content: The group claims to have deface the website of Shiv Gaushala Charitable Trust Miyani.
Date: 2025-10-13T18:54:06Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4cc83b59-c539-42fe-9a53-4554867be4a6.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Non-profit & Social Organizations
Victim Organization: shiv gaushala charitable trust miyani
Victim Site: shivgaushala.org

HellR00ters Team targets the website of M/s M. R. Overseas Pvt. Ltd

Category: Defacement
Content: The group claims to have deface the website M/s M. R. Overseas Pvt. Ltd.
Date: 2025-10-13T18:50:23Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/35ad3398-c770-421a-9061-baea7723d985.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Transportation & Logistics
Victim Organization: m/s m. r. overseas pvt. ltd
Victim Site: mjroverseas.com

Alleged data sale of personally identifiable information

Category: Data Breach
Content: Threat actor claims to be selling personally identifiable information from USA. The compromised data reportedly contain 16,000 Social Security Number(SSN) also includes name, dob, email, zip code, etc.
Date: 2025-10-13T18:45:32Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/268151/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2a445b5-073f-47aa-bf45-eded32c08840.png
Threat Actors: sganarelle2
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

HellR00ters Team targets the website of Smileshot Photography

Category: Defacement
Content: The group claims to have defaced the website of Smileshot Photography, India
Date: 2025-10-13T18:44:22Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/96bc0508-d85c-4e43-9af6-389713c52c1d.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Photography
Victim Organization: smileshot photography
Victim Site: smileshot.in

The group claims to have deface the website of MindWhiz

Category: Defacement
Content: The group claims to have deface the website of MindWhiz
Date: 2025-10-13T18:43:55Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/51d74c18-b254-42d7-86cf-900de934f345.png
Threat Actors: HellR00ters Team
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: mindwhiz
Victim Site: mindwhiz.in

HellR00ters Team targets the website of Ziran

Category: Defacement
Content: The group claims to have defaced the website of Ziran, India.
Date: 2025-10-13T18:40:35Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7a449a1b-9c29-452a-9c14-dd1d17f76b37.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Glass, Ceramics & Concrete
Victim Organization: ziran
Victim Site: ziran.co.in

HellR00ters Team targets the website of Kuldevi Brass

Category: Defacement
Content: The group claims to have deface the website of Kuldevi Brass.
Date: 2025-10-13T18:38:37Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1599eb08-5402-453d-99e9-fc6319d3e80b.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Manufacturing
Victim Organization: kuldevi brass
Victim Site: kuldevibrassproduct.com

HellR00ters Team targets the website of Truenam Global

Category: Defacement
Content: The group claims to have defaced the website of Truenam Global, India.
Date: 2025-10-13T18:35:38Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dd7ed228-92ec-4267-be92-6e3819745b72.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Fashion & Apparel
Victim Organization: truenam global
Victim Site: truenamglobal.com

HellR00ters Team targets the website of K9HR Solutions

Category: Defacement
Content: The group claims to have deface the website of K9HR Solutions.
Date: 2025-10-13T18:34:56Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5257b9c7-8e3f-4b16-92ce-a83f9d6582a0.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Human Resources
Victim Organization: k9hr solutions
Victim Site: k9hr .com

SourceOne Corp. falls victim to Qilin Ransomware

Category: Ransomware
Content: The group claims to have obtained 528 GB of the organization’s data.
Date: 2025-10-13T18:34:25Z
Network: tor
Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=7f590f16-c8cd-353a-9072-7fe001d60114) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b8515d0e-befe-4d58-a1f3-383377647eb8.png
https://d34iuop8pidsy8.cloudfront.net/3a9797e1-f67a-4409-b5bc-99e8ac44ec48.png
https://d34iuop8pidsy8.cloudfront.net/bed1ef4e-3aa9-4929-b47c-be4c5950a330.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Network & Telecommunications
Victim Organization: sourceone corp.
Victim Site: sourceonecorp.com

HellR00ters Team targets the website of Tulsi Precision Product LLP

Category: Defacement
Content: The group claims to have deface the website of Tulsi Precision Product LLP (TPPL), India.
Date: 2025-10-13T18:30:46Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5f0445ed-a34e-4be8-82f6-b7f092d2f262.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Machinery Manufacturing
Victim Organization: tulsi precision product llp
Victim Site: [suspicious link removed]

HellR00ters Team targets the website of JK Tech

Category: Defacement
Content: The group claims to have deface the website of JK Tech.
Date: 2025-10-13T18:29:47Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f8e3b0df-d655-45cf-a620-691adc2d0282.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: jk tech
Victim Site: jktechnoforg.com

HellR00ters Team targets the website of HTF Tools

Category: Defacement
Content: The group claims to have deface the website of HTF Tools.
Date: 2025-10-13T18:24:26Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/76d39e82-8479-41bf-874c-a54a35a5491b.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: htf tools
Victim Site: htftools.com

HellR00ters Team targets the website of snap2shoot photography

Category: Defacement
Content: The group claims to have defaced the website of snap2shoot photography, India.
Date: 2025-10-13T18:20:55Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/29b7d05e-c559-4fa1-9443-f99cad225ac7.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Photography
Victim Organization: snap2shoot photography
Victim Site: snap2shoot.in

HellR00ters Team targets the website of GujcoMart

Category: Defacement
Content: The group claims to have deface the website of GujcoMart.
Date: 2025-10-13T18:20:06Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6dc5c472-4aad-4641-9874-13a88e7190ee.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Retail Industry
Victim Organization: gujcomart
Victim Site: gujmart.in

HellR00ters Team targets the website of Goldcoin Group

Category: Defacement
Content: The group claims to have deface the website of Goldcoin Group.
Date: 2025-10-13T18:16:17Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/428b4949-418d-455f-a7d6-b24bf6644283.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Manufacturing
Victim Organization: goldcoin group
Victim Site: goldcoingroups.com

HellR00ters Team targets the website of Shree Gayatri Refrigeration

Category: Defacement
Content: The group claims to be defaced the website of Shree Gayatri Refrigeration, India.
Date: 2025-10-13T18:16:01Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7f3cad4b-c7bf-4193-9b77-8d45282b472b.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Industrial Automation
Victim Organization: shree gayatri refrigeration
Victim Site: shreegayatrirefrigeration.com

HellR00ters Team targets the website of Gatral Trading

Category: Defacement
Content: The group claims to have deface the website of Gatral Trading.
Date: 2025-10-13T18:12:42Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cca7973a-ddb0-4f17-bcd6-c685999bac87.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Retail Industry
Victim Organization: gatral trading
Victim Site: gatraltrading.com

HellR00ters Team targets the website of Cromix Cab

Category: Defacement
Content: The group claims to have deface the website of Cromix Cab.
Date: 2025-10-13T18:05:59Z
Network: telegram
Published URL: (https://t.me/c/2758066065/77) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/15f7b4cb-992b-46a5-9ed2-a3cf694db152.png
Threat Actors: HellR00ters Team
Victim Country: India
Victim Industry: Transportation & Logistics
Victim Organization: cromix cab
Victim Site: cromixcab.com

Alleged sale of access to unidentified Telecom company from Peru

Category: Initial Access
Content: Threat actor claims to be selling unauthorized Webshell access to an unidentified Telecom company from Peru. The compromised website reportedly have Linux operating system with root password privileges.
Date: 2025-10-13T18:00:45Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-70kk-PE-Telecom-Industry–55914) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/87baba0a-9e82-43c3-b9d8-52fe3043e6d7.png
Threat Actors: Yrrrr
Victim Country: Peru
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown

Alleged data sale of Companies and Intellectual Property Commission

Category: Data Breach
Content: Threat actor claims to be selling accounts from Companies and Intellectual Property Commission (CIPC). The compromised data reportedly contain account credentials
Date: 2025-10-13T17:44:20Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-eservices-cipc-co-za-Accounts) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/be377169-b92f-4f6d-ac23-4e41e55006b5.png
Threat Actors: fuckoverflow
Victim Country: South Africa
Victim Industry: Government & Public Sector
Victim Organization: companies and intellectual property commission (cipc)
Victim Site: Unknown

Hauts-de-France Region falls victim to Qilin Ransomware

Category: Ransomware
Content: The group claims to have obtained 1,100 GB of the organization’s data.
Date: 2025-10-13T17:21:25Z
Network: tor
Published URL: (http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=80d021bf-eb14-3630-80dc-57fbe4295d7e) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1ad59fd4-bc09-4ef0-8078-adf138554f66.png
https://d34iuop8pidsy8.cloudfront.net/78ac6a0b-15da-4c39-b77b-110bae1a6184.png
Threat Actors: Qilin
Victim Country: France
Victim Industry: Public Relations/PR
Victim Organization: hauts-de-france region
Victim Site: hautsdefrance.fr

Alleged Sale of Merged Credit-Card Database

Category: Data Breach
Content: The threat actor claims to be selling a merged database of stolen credit card records from 2022\u20132025, totaling approximately 9.8 million cards (claimed 80% U.S.) the listing and its contents have not been independently verified.
Date: 2025-10-13T17:03:10Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/268143/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0a13f72a-5e9b-451e-a60c-7b55a998ddb5.png
Threat Actors: cashmoneycard
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged sale of Thailand ID Card Database

Category: Data Breach
Content: The threat actor claims to be selling a database of Thailand national ID card records
Date: 2025-10-13T16:47:18Z
Network: openweb
Published URL: (https://leakbase.la/threads/thailand-id-card-database.44412/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0d6c7b0d-0787-4783-a7c3-342884c0c19f.png
Threat Actors: jacare9658
Victim Country: Thailand
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged sale of Playtech Gambling Database

Category: Data Breach
Content: Threat actor claims to selling Playtech Gambling Database.
Date: 2025-10-13T16:39:03Z
Network: openweb
Published URL: (https://leakbase.la/threads/playtech-gambling-database.44411/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/df8ed776-70e4-43ea-81a3-c75191eaad16.png
Threat Actors: matobe6288
Victim Country: UK
Victim Industry: Gambling & Casinos
Victim Organization: playtech
Victim Site: playtech.com

Alleged gain of access to IT networking monitoring system and 403 network devices

Category: Initial Access
Content: The group claims to have gained access to IT networking monitoring system and 403 network devices.
Date: 2025-10-13T16:35:05Z
Network: telegram
Published URL: (https://t.me/c/3019913760/238) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ade0ce8-2bf2-413b-80ad-0f8bffef01d9.png
https://d34iuop8pidsy8.cloudfront.net/bb672f8f-e13c-4e49-a6e5-1ace7cfa280b.png
Threat Actors: AL-MUJAHIDEEN FORCE 313
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: Unknown
Victim Site: Unknown

Alleged data leak of Italian Mobile Number Data with Email

Category: Data Breach
Content: Threat actor claims to be selling Italian mobile number data with email.
Date: 2025-10-13T16:26:29Z
Network: openweb
Published URL: (https://leakbase.la/threads/italy-mobile-number-data-with-email.44410/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e07e0d22-d5bc-449a-ae20-1b47f5f44d82.png
Threat Actors: topopow941
Victim Country: Italy
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged data sale of Companies and Intellectual Property Commission – eServices

Category: Data Breach
Content: Threat actor claims to be selling leaked accounts from Companies and Intellectual Property Commission – eServices portal, South Africa.
Date: 2025-10-13T16:24:51Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-eservices-cipc-co-za-Accounts) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2623b81c-613b-40c8-9bec-fbfd08c792af.png
https://d34iuop8pidsy8.cloudfront.net/1cfe70b2-46df-49ec-911d-90d93c074015.png
Threat Actors: fuckoverflow
Victim Country: South Africa
Victim Industry: Government Administration
Victim Organization: companies and intellectual property commission – eservices
Victim Site: eservices.cipc.co.za

Alleged sale of Indian Aadhaar database

Category: Data Breach
Content: The threat actor claims to be selling data from an Indian database containing Aadhaar card numbers.
Date: 2025-10-13T16:17:44Z
Network: openweb
Published URL: (https://leakbase.la/threads/india-aadhaar-card-number-database.44409/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef7be7e9-0a35-4dfa-b2d4-56075b97b7f7.png
Threat Actors: dadexi4657
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

InDoM1nu’s targets the website gemista.store

Category: Defacement
Content: The group claims to have deface the website gemista.store.
Date: 2025-10-13T16:02:55Z
Network: telegram
Published URL: (https://t.me/InDoM1nusTe4m/34?single) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a64805d7-fec3-4c5f-9edd-993225a5d599.png
https://d34iuop8pidsy8.cloudfront.net/f61dc4b3-d0d9-483f-aacb-34e8ab19ba3f.png
Threat Actors: InDoM1nu’s
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: Unknown
Victim Site: gemista.store

InDoM1nu’s targets the website of Meta Nxt Solutions Private Limited

Category: Defacement
Content: The group claims to have deface the website of Meta Nxt Solutions Private Limited.
Date: 2025-10-13T15:15:58Z
Network: telegram
Published URL: (https://t.me/InDoM1nusTe4m/34?single) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/94ff0d40-d7c8-4306-b9ac-8751a55bf9e3.png
https://d34iuop8pidsy8.cloudfront.net/95bd3ace-8a05-4909-ac7e-e6022aa2c749.png
Threat Actors: InDoM1nu’s
Victim Country: India
Victim Industry: Business and Economic Development
Victim Organization: meta nxt solutions private limited
Victim Site: metanextsolutions.com

InDoM1nu’s targets the website of Gift Corporate India

Category: Defacement
Content: The group claims to have deface the website of Gift Corporate India.
Date: 2025-10-13T15:06:45Z
Network: telegram
Published URL: (https://t.me/InDoM1nusTe4m/34?single) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d69caed3-ec79-458a-9d81-6ebee384bd0c.png
https://d34iuop8pidsy8.cloudfront.net/33dc1ece-578c-4a2b-8bc1-9fb9bfb7b0d9.png
Threat Actors: InDoM1nu’s
Victim Country: India
Victim Industry: Business and Economic Development
Victim Organization: gift corporate india
Victim Site: giftcorporateindia.com

Alleged data leak of multiple US banks

Category: Data Breach
Content: The threat actor claims to be selling data from multiple US banks. The compromised data reportedly contain 1 millions records.
Date: 2025-10-13T15:04:26Z
Network: openweb
Published URL: (https://leakbase.la/threads/usa-banks-chase-boa-citibank-etc-1-million-rows.44406/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/64067864-f695-45b3-8dc7-8a29609d4e83.png
Threat Actors: Nousername_147
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged sale of Android Spyware 2025

Category: Malware
Content: Threat actor claims to be selling Android Spyware 2025, an open-source, Rails-based command and control tool for educational Android device testing. The project integrates Metasploit for payload orchestration and Android Debug Bridge (ADB for direct device interaction, is distributed in Docker containers for cross-platform deployment, and includes features such as payload generation, device monitoring, data-dump collection, ADB-backed file and screen operations, telemetry logging, and modular integrations for training and lab use.
Date: 2025-10-13T14:57:43Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Source-Code-Android-Spyware-2025) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b467d8e6-e1bb-4e7e-aa4e-ca19ba2f50d2.png
https://d34iuop8pidsy8.cloudfront.net/90c58955-49a8-4246-b4dc-ba506e9cac6c.png
Threat Actors: dimexor4381
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Undefasa falls victim to Black Nevas Ransomware

Category: Ransomware
Content: The group claims to have obtained 2.3 TB of data from the organization.
Date: 2025-10-13T14:45:18Z
Network: tor
Published URL: (http://ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion/publications/details/fb85455d-c25e-4ca8-b597-6e53202fed82) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f6cad78a-f0f8-4a64-9e2f-3949db61ec4b.png
https://d34iuop8pidsy8.cloudfront.net/58652b0f-7f7f-42c2-8e9f-af5efe317b67.png
https://d34iuop8pidsy8.cloudfront.net/06cdcb87-b85f-41c6-a214-f706372d04ab.png
https://d34iuop8pidsy8.cloudfront.net/79221e0d-163e-445c-8bb1-e8baa5ca2840.png
https://d34iuop8pidsy8.cloudfront.net/43a4d346-7921-4f04-9ffe-5b4ec81f3364.png
https://d34iuop8pidsy8.cloudfront.net/0c3aee5d-bfd1-450a-8797-1c98e5e61212.png
https://d34iuop8pidsy8.cloudfront.net/0ebff6cc-61ee-4519-8a7c-05a2ed0e1032.png
Threat Actors: Black Nevas
Victim Country: Spain
Victim Industry: Glass, Ceramics & Concrete
Victim Organization: undefasa
Victim Site: undefasa.com

Alleged data leak of multiple royal palaces in Morocco

Category: Data Breach
Content: The group claims to have leaked sensitive databases containing all employees of the Royal Palaces in Morocco. The royal palaces includes Rabat, Casablanca, etc
Date: 2025-10-13T14:35:02Z
Network: telegram
Published URL: (https://t.me/jabaroot3/59) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f69ef01d-b9c3-40dd-ab57-83e3a9913366.JPG
https://d34iuop8pidsy8.cloudfront.net/85637bcc-6ed6-426b-b591-a795aac019de.JPG
Threat Actors: Jabaroot
Victim Country: Morocco
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

BABAYO EROR SYSTEM targets the website of ADES-Nord

Category: Defacement
Content: The group claims to have defaced the website of ADES-Nord.
Date: 2025-10-13T13:54:29Z
Network: telegram
Published URL: (https://t.me/c/2532663346/269) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/29753036-a3cc-45cc-bcb0-e7ed7df44e72.JPG
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Burkina Faso
Victim Industry: Non-profit & Social Organizations
Victim Organization: ades-nord
Victim Site: adesnord.bf

North Stonington Public Schools falls victim to INTERLOCK Ransomware

Category: Ransomware
Content: The group claims to have obtained over 3 TB of data from the organization.
Date: 2025-10-13T13:50:32Z
Network: tor
Published URL: (http://ebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onion/leaks.php) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6e82cd05-494a-42e2-9499-a263972cd245.png
Threat Actors: INTERLOCK
Victim Country: USA
Victim Industry: Education
Victim Organization: north stonington public schools
Victim Site: northstonington.k12.ct.us

Alleged breach of MAYA Technologies Ltd

Category: Data Breach
Content: The group claims to have breached MAYA Technologies Ltd. They allege that they obtained access to a network of defense-related companies and accessed sensitive ideas and plans related to military equipment development.\n\nNB: The authenticity of the claim is yet\u00a0to\u00a0be\u00a0verified
Date: 2025-10-13T12:56:05Z
Network: telegram
Published URL: (https://t.me/CyberIsnaadFront1/758) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0b3e29f8-e638-4640-9e90-6241bb030139.png
Threat Actors: Cyber Isnaad Front
Victim Country: Israel
Victim Industry: Machinery Manufacturing
Victim Organization: maya technologies ltd
Victim Site: maya-il.com

Alleged data breach of IAS – Industrial Application Software

Category: Data Breach
Content: The group claims to have breached the organization’s data.
Date: 2025-10-13T11:28:31Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/canias-2) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/72608e02-5e84-4409-bfce-a1bfe3739cc3.png
Threat Actors: CoinbaseCartel
Victim Country: Switzerland
Victim Industry: Information Technology (IT) Services
Victim Organization: ias – industrial application software
Victim Site: canias.com

Alleged data breach of PLC TRANS

Category: Data Breach
Content: The group claims to have breached the organization’s data.
Date: 2025-10-13T11:11:54Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/plc-trans) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/11fdc1ed-6ff4-4e2b-a6a3-0cd834706742.jpg
Threat Actors: CoinbaseCartel
Victim Country: Bulgaria
Victim Industry: Transportation & Logistics
Victim Organization: plc trans
Victim Site: plc-trans.com

Alleged data breach of Kuehne+Nagel

Category: Data Breach
Content: The group claims to have obtained organizations data.
Date: 2025-10-13T11:05:25Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/31-billion) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/391b68ef-2aad-4f12-aad1-23bbca1876ad.jpg
Threat Actors: CoinbaseCartel
Victim Country: Switzerland
Victim Industry: Transportation & Logistics
Victim Organization: kuehne+nagel
Victim Site: kuehne-nagel.com

Alleged data breach of CareWell

Category: Data Breach
Content: The group claims to have breached the organization’s data.
Date: 2025-10-13T11:02:54Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/carewell) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3d6ece19-9f38-4b3f-97c6-607d966b32a8.png
Threat Actors: CoinbaseCartel
Victim Country: Unknown
Victim Industry: Hospital & Health Care
Victim Organization: carewell
Victim Site: Unknown

Alleged data breach of DSV – Global Transport and Logistics

Category: Data Breach
Content: The group claims to have obtained organizations data.
Date: 2025-10-13T10:47:59Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/dsv) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a5b686c-44a5-4b3f-afcf-8ac9700561e4.jpg
Threat Actors: CoinbaseCartel
Victim Country: Denmark
Victim Industry: Transportation & Logistics
Victim Organization: dsv – global transport and logistics
Victim Site: dsv.com

Alleged data breach of Legal Boutique

Category: Data Breach
Content: The group claims to have breached the organization’s data.
Date: 2025-10-13T10:40:26Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/legalboutique) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/89b9763c-5fb5-4381-b9f1-4aaa0c13e433.png
Threat Actors: CoinbaseCartel
Victim Country: Unknown
Victim Industry: Legal Services
Victim Organization: legal boutique
Victim Site: Unknown

Alleged data breach of Borrowell

Category: Data Breach
Content: The group claims to have breached the organization’s data.
Date: 2025-10-13T10:20:06Z
Network: tor
Published URL: (http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/borrowell) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/586414eb-5599-4a23-a2d2-f30e277b5ad9.png
Threat Actors: CoinbaseCartel
Victim Country: Canada
Victim Industry: Financial Services
Victim Organization: borrowell
Victim Site: borrowell.com

Alleged sale of access to an unidentified Internet Service Provider In Brazil

Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to the operations center of an internet service provider in Brazil.
Date: 2025-10-13T10:11:37Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-exclusive-live-admin-api-r-w-brazilian-isp) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/786b2c74-c3a6-4052-bf9f-9423858fa4a6.png
Threat Actors: billy113
Victim Country: Brazil
Victim Industry: Network & Telecommunications
Victim Organization: Unknown
Victim Site: Unknown

Alleged Unauthorized Access to Irrigation Control System in New Zealand

Category: Initial Access
Content: The group claims to have gained access to an irrigation and water treatment control system in New Zealand. The compromised system reportedly manages irrigation flows, tank levels, dosing pumps, and valves.
Date: 2025-10-13T09:31:59Z
Network: telegram
Published URL: (https://t.me/c/2634086323/1956) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e7f6812f-5478-458a-8dab-9915c4b4ddae.png
https://d34iuop8pidsy8.cloudfront.net/2f45d127-838d-43c9-bf16-ff0990b636f5.png
Threat Actors: NoName057(16)
Victim Country: New Zealand
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged data breach of Bank Central Asia

Category: Data Breach
Content: The threat actor claims to have leaked 30 million user records from Bank Central Asia (BCA). The compromised data includes the employee number, identity number, name, mobile phone number, and more.
Date: 2025-10-13T09:26:51Z
Network: openweb
Published URL: (https://breachsta.rs/topic/30-million-bca-bank-customer-data-breached-by-daemonroot-sicxx6kt81cx) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/28514910-5df1-4120-bd81-08ab9390d60b.png
https://d34iuop8pidsy8.cloudfront.net/f275644b-2305-413e-a96e-2e80b4f0c4bf.png
Threat Actors: DaemonRoot
Victim Country: Indonesia
Victim Industry: Banking & Mortgage
Victim Organization: bank central asia
Victim Site: bca.co.id

Alleged data breach of SMBT Sevabhavi Trust

Category: Data Breach
Content: The group claims to have leaked data from SMBT Sevabhavi Trust. The compromised data reportedly include id, username, password, status etc.
Date: 2025-10-13T09:14:28Z
Network: telegram
Published URL: (https://t.me/c/2702757113/597) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1fa58959-d27e-4b30-a42a-920567941d08.png
Threat Actors: Night Owll
Victim Country: India
Victim Industry: Education
Victim Organization: smbt sevabhavi trust
Victim Site: smbt.edu.in

Alleged leak of multiple login credentials in Indonesia

Category: Data Breach
Content: The threat actor claims to have leaked multiple login credentials in Indonesia.
Date: 2025-10-13T09:05:22Z
Network: telegram
Published URL: (https://t.me/c/2532663346/266) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c3fb1a7d-687b-47d9-bde5-e01405c79bb4.JPG
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: glints
Victim Site: employers.glints.id

Alleged sale of USA/EU Corporate Mail Credentials

Category: Data Breach
Content: The threat actor claims to be selling corporate mail credentials from the USA/EU region.
Date: 2025-10-13T06:40:57Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/268101/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/98a8073f-c198-4d11-9e55-4426d605d9ec.png
Threat Actors: Kay
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

The City of Michigan City falls victim to Obscura Ransomware

Category: Ransomware
Content: The group claims to have obtained 450 GB of organization’s data and intends to publish it within 4-5 days.\n\nUpdate: Initially, on September 28, 2025, the group posted about an unidentified victim (city.gov). On October 13, 2025, they revealed the full domain name, and uploaded compromised data for download on their dark web portal.
Date: 2025-10-13T06:23:31Z
Network: tor
Published URL: (http://obscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onion/leaks/10) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0689b406-bbbc-4d5d-8b73-4ac1810ca343.jpg
https://d34iuop8pidsy8.cloudfront.net/864dbc05-4b32-4c22-b539-94f7c8ce0aa7.png
Threat Actors: Obscura
Victim Country: USA
Victim Industry: Government Administration
Victim Organization: the city of michigan city
Victim Site: michigancityin.gov

Alleged leak of Principal Accountant General (Audit) Haryana

Category: Data Breach
Content: The group claims to have obtained 1,900+ Excel databases from India\u2019s Principal Accountant General , comprising a wide range of sensitive governmental data.
Date: 2025-10-13T06:15:39Z
Network: telegram
Published URL: (https://t.me/c/3088972502/61) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0b9375af-9b7b-491d-b9cc-f550ed898072.png
Threat Actors: HIME666
Victim Country: India
Victim Industry: Government & Public Sector
Victim Organization: principal accountant general (audit)
Victim Site: cag.gov.in

Alleged Sale of VPN Access to Unidentified Shop in West Africa

Category: Initial Access
Content: The threat actor claims to be selling the vpn access to an unidentified shop in Exotic West Africa.
Date: 2025-10-13T06:03:34Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/268100/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c8c8234-1ba6-4d5c-9fc4-6990e50a089b.png
Threat Actors: Stari4ok
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged sale of Discord leak

Category: Data Breach
Content: A threat actor claims to be selling or exposing Discord-related records containing user identification and support information. The claimed dataset reportedly includes User ID, Support Tickets, Lead Records, as well as profile metadata and Reputation
Date: 2025-10-13T05:02:33Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DISCORD-LEAK-ID-TICKETS-LEADS) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c8c636c-6a91-4289-b738-a6c4b8487a65.jpeg
Threat Actors: PRAGUE
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Cemtrex Inc. falls victim to MEDUSA Ransomware

Category: Ransomware
Content: The group claims to have obtained organization’s internal data and they intend to publish it within 7-8 days
Date: 2025-10-13T04:35:56Z
Network: tor
Published URL: (http://s7lmmhlt3iwnwirxvgjidl6omcblvw2rg75txjfduy73kx5brlmiulad.onion/detail?id=84ff5e6d4cd82bd0e7f1d7394819fc51) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c04807d9-106f-4283-9bdf-1a2baa679c4c.png
Threat Actors: MEDUSA
Victim Country: USA
Victim Industry: Consumer Electronics
Victim Organization: cemtrex inc.
Victim Site: cemtrex.com

Alleged data breach of Berkeley Lab

Category: Data Breach
Content: The threat actor claims to be selling leaked data from the Lawrence Berkeley National Laboratory (LBNL), a U.S. government research institution. The compromised data reportedly includes source code and internal tools obtained from a breach in October 2025
Date: 2025-10-13T02:55:07Z
Network: openweb
Published URL: (https://darkforums.st/Thread-Selling-LBL-GOV-LBNL-U-S-Data-Breach) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/46808302-864a-4dd3-b78f-23274fd5c800.png
https://d34iuop8pidsy8.cloudfront.net/39675071-8c70-4fb1-aa45-c65319d3a5ea.png
Threat Actors: KaruHunters
Victim Country: USA
Victim Industry: Research Industry
Victim Organization: berkeley lab
Victim Site: lbl.gov

Alleged data breach of Discord Inc

Category: Data Breach
Content: The threat actor claims to have leaked data from Discord, The leaked data includes usernames, emails, locations, phone numbers, and country codes of users from multiple countries, including Norway, Pakistan, the United Kingdom, Belgium, Canada, Indonesia, Saudi Arabia, Malaysia, Czechia, and Ukraine.
Date: 2025-10-13T02:41:00Z
Network: openweb
Published URL: (https://darkforums.st/Thread-DISCORD-LEAK) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/969c5943-bca9-4591-baea-06a06aeaf0d0.png
https://d34iuop8pidsy8.cloudfront.net/45ce212d-53b6-49dc-989e-631d9d1d3a10.png
Threat Actors: PRAGUE
Victim Country: USA
Victim Industry: Network & Telecommunications
Victim Organization: discord inc.
Victim Site: discord.com

Alleged leak of BrightTech Solutions’ Amazon Enterprise Management System

Category: Data Breach
Content: Group claims to have leaked the enterprise management platform developed and operated by BrightTech Solutions for Amazon. The compromised system reportedly manages HR, finance, and operational data for large-scale administrative operations. Exposed information is said to include detailed employee records, personal and work contact details, and sensitive payroll and financial data. The incident, if verified, could raise serious concerns about data protection and corporate confidentiality within Amazon\u2019s management infrastructure.
Date: 2025-10-13T02:17:00Z
Network: telegram
Published URL: (https://t.me/n2LP_wVf79c2YzM0/1902) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a2deddc-1a76-4e50-8b28-fd6c623ee8bf.png
https://d34iuop8pidsy8.cloudfront.net/e2fe2ba1-e99d-4e98-b5f2-44e8f5e1de00.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged sale of 12K Indian investors database

Category: Data Breach
Content: The threat actor claims to be selling more than 12,000 valid WhatsApp contact details of Indian investors. The claimed data includes Full Name, Mobile Number, Email, Category, City, State, Country, and Avatar Image.
Date: 2025-10-13T00:41:39Z
Network: openweb
Published URL: (https://forum.exploit.in/topic/268093/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/12fd5ffe-3c76-4d9d-b5b4-09e6ce621c1d.png
Threat Actors: r57
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown

Alleged data breach of TFUEL

Category: Data Breach
Content: The threat actor claims to have breached the organization’s data.
Date: 2025-10-13T00:15:14Z
Network: openweb
Published URL: (https://xss.pro/threads/143745/) Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8342d156-7724-430b-9458-f2554b7d93d4.png
https://d34iuop8pidsy8.cloudfront.net/e4177f5d-31d6-4bfd-9192-a12a25156eff.png
Threat Actors: Observe
Victim Country: Portugal
Victim Industry: Retail Industry
Victim Organization: tfuel
Victim Site: tfuel.pt

Conclusion

The incidents detailed in this report highlight a diverse and active landscape of cyber threats, ranging from Ransomware attacks and Data Breaches to Initial Access sales and Defacements. Ransomware groups like Qilin, Mydata/Alphalocker, and Black Nevas continue to target diverse organizations, including finance (Bank3), manufacturing (BHI Co., Ltd.), and public services (San Bernard Electric Coop.,Inc., Hauts-de-France Region). Data compromise remains prominent, affecting sectors from education (North Stonington Public Schools, SMBT Sevabhavi Trust) and financial services (Royal Bank of Scotland, Bank Central Asia) to government entities (Principal Accountant General (Audit) Haryana, The City of Michigan City, Companies and Intellectual Property Commission – eServices) and large tech platforms (Discord Inc.). Initial Access sales are also evident, with threat actors offering access to telecommunications infrastructure in Peru and irrigation control systems in New Zealand. The significant number of defacements, primarily targeting organizations in India by groups like HellR00ters Team and Pharaoh’s Team, underscores a high volume of opportunistic web attacks. This persistent activity across multiple threat categories and global regions emphasizes the critical need for robust and multi-layered cybersecurity defenses.

Conclusion

Related Posts

[August-7-2025] Daily Cybersecurity Threat Report

[July-08-2025] Daily Cybersecurity Threat Report

[July-17-2025] Daily Cybersecurity Threat Report