This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
- Alleged leak of RED LINE VIP premium logs
- Category: Data Breach
- Content: The threat actor claims to have leaked REDLINEVIP premium logs,
- Date: 2025-09-10T14:00:13Z
- Network: openweb
- Published URL: https://demonforums.net/Thread-Leak-REDLINEVIP-PREMIUM-FRESH-FULL-LOGS-SEP-1053
- Screenshots:
- Threat Actors: FATHER121
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged sale of salesforce account in USA
- Category: Initial Access
- Content: The threat actor claims to be selling unauthorized access to business’s salesforce account. The compromised data contains 68 million transaction records 9M New Accounts Report etc.
- Date: 2025-09-10T13:50:34Z
- Network: openweb
- Published URL: https://ramp4u.io/threads/sell-access-to-a-businesss-salesforce-account.3436/
- Screenshots:
- Threat Actors: zoominfo
- Victim Country: USA
- Victim Industry: Information Technology (IT) Services
- Victim Organization: salesforce
- Victim Site: salesforce.com
- Alleged unauthorised access to CloudLex
- Category: Initial Access
- Content: The threat actor claims to have unauthorized access to CloudLex.
- Date: 2025-09-10T13:38:34Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265956/
- Screenshots:
- Threat Actors: kline
- Victim Country: USA
- Victim Industry: Legal Services
- Victim Organization: cloudlex
- Victim Site: cloudlex.com
- Alleged sale of 200 Credit cards from USA
- Category: Initial Access
- Content: The threat actor is offering to sell 200 credits cards from USA in in a cybercrime forum.
- Date: 2025-09-10T13:16:12Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265950/
- Screenshots:
- Threat Actors: Forbs
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged sale of admin access to an Unidentified PrestaShop Store in France
- Category: Initial Access
- Content: A threat actor claims to be selling admin panel access to a France-based PrestaShop store, including full rights and module access.
- Date: 2025-09-10T13:11:40Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265936/
- Screenshots:
- Threat Actors: cosmodrome
- Victim Country: France
- Victim Industry: E-commerce & Online Stores
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged leak of contacts from various Scottish Law Firms and Councils
- Category: Data Breach
- Content: The threat actor claims to have leaked a dataset containing a comprehensive list of legal firms and councils primarily based in Scotland, along with associated contact details. The data includes names of law firms such as Aberdein Considine, Addleshaw Goddard, Anderson Strathern, BTO, Burness Paull, Brodies, and many others, along with individual solicitor names and email addresses used for court motions, legal correspondence, and general communication. Several governmental bodies, including Dundee City Council, East Ayrshire Council, and Fife Council, are also listed with official litigation or motions email addresses.
- Date: 2025-09-10T12:47:07Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-DATA-ANGGOTA-WORLD
- Screenshots:
- Threat Actors: FokafSquad
- Victim Country: UK
- Victim Industry: Law Practice & Law Firms
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of National Security Agency
- Category: Data Breach
- Content: The group claims to have leaked data from the U.S. National Security Agency (NSA)
- Date: 2025-09-10T12:44:34Z
- Network: telegram
- Published URL: https://t.me/nullsechackers/160
- Screenshots:
- Threat Actors: Nullsec Philippines
- Victim Country: USA
- Victim Industry: Government Administration
- Victim Organization: national security agency
- Victim Site: nsa.gov
- Alleged Unauthorized Access to Industrial Control System, Australia
- Category: Initial Access
- Content: The group claims to have gained alleged unauthorized access to the central control system of an industrial company in Australia.
- Date: 2025-09-10T12:29:04Z
- Network: telegram
- Published URL: https://t.me/n2LP_wVf79c2YzM0/1488
- Screenshots:
- Threat Actors: Infrastructure Destruction Squad
- Victim Country: Australia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of Traffy Bangkok
- Category: Data Breach
- Content: The group claims to be selling 1.34GB data from Traffy Bangkok. The compromised data reportedly include 2.4 million records containing information such as ticket IDs, types, organizations, comments, photos, coordinates, addresses, subdistricts, districts, provinces, timestamps, states, ratings, reopen counts, and last activity records.
- Date: 2025-09-10T11:29:48Z
- Network: telegram
- Published URL: https://t.me/We_H3c4kedzsec/1005
- Screenshots:
- Threat Actors: H3C4KEDZ
- Victim Country: Thailand
- Victim Industry: Government Administration
- Victim Organization: traffy bangkok
- Victim Site: bangkok.traffy.in.th
- GenZRisingNepal targets the website of Kathmandu Metropolitan City
- Category: Defacement
- Content: The group claims to have deface the website of Kathmandu Metropolitan City.
- Date: 2025-09-10T11:28:57Z
- Network: telegram
- Published URL: https://t.me/ctrl_nepal/87
- Screenshots:
- Threat Actors: GenZRisingNepal
- Victim Country: Nepal
- Victim Industry: Government Administration
- Victim Organization: kathmandu metropolitan city
- Victim Site: ebps.kathmandu.gov.np
- Alleged data leak of Wegow
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of Wegow, exposing data of approximately 45.6k users. The compromised information reportedly includes purchase references, full names, email addresses, newsletter subscriptions, national IDs (DNI), ticket and transaction details, prices, QR codes, purchase dates, ticket status, seating information, city and administrative divisions, payment methods, access codes, and other related fields.
- Date: 2025-09-10T11:21:54Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Wegow-Data-Breach-Leaked-Download
- Screenshots:
- Threat Actors: 888
- Victim Country: Spain
- Victim Industry: Events Services
- Victim Organization: wegow
- Victim Site: wegow.com
- Alleged Unauthorized Access to Energy Storage System, Taiwan
- Category: Initial Access
- Content: A group claims to have gained alleged unauthorized remote access to an energy storage system in Taiwan.
- Date: 2025-09-10T11:08:49Z
- Network: telegram
- Published URL: https://t.me/n2LP_wVf79c2YzM0/1465
- Screenshots:
- Threat Actors: Infrastructure Destruction Squad
- Victim Country: Taiwan
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged sale of admin access to an unidentified shops in multiple countries
- Category: Initial Access
- Content: The threat actor claims to be selling admin access to an unidentified shops in multiple countries.
- Date: 2025-09-10T10:57:23Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265933/
- Screenshots:
- Threat Actors: Zimmer
- Victim Country: Greece
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data sale of Municipality of Canegrate
- Category: Data Breach
- Content: The threat actor claims to be selling a database of the Municipality of Canegrate (Milano, Italy). The leaked dataset reportedly includes resident details such as internal IDs, full names, tax codes (Codice Fiscale), addresses, house numbers, family codes, birth dates, and master codes.
- Date: 2025-09-10T10:48:54Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-Municipality-of-Canegrate-Milano-Italy
- Screenshots:
- Threat Actors: krekti
- Victim Country: Italy
- Victim Industry: Government Administration
- Victim Organization: municipality of canegrate
- Victim Site: comune.canegrate.mi.it
- Alleged leak of Joko Widddo’s KTP
- Category: Data Breach
- Content: The threat actor claims to have leaked KTP of Joko Widddo. It contains personal information such as the National Identity Number (NIK), name, place and date of birth, gender, address, religion, marital status, occupation, nationality, and validity period. The card also includes a photograph of the holder and their signature.
- Date: 2025-09-10T10:19:37Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATA-JOKOWI
- Screenshots:
- Threat Actors: FokafSquad
- Victim Country: Indonesia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged leak of Chinese and Taiwanese passports
- Category: Data Breach
- Content: The threat actor claims to have leaked a set of 30 organized, valid passports from China and Taiwan.
- Date: 2025-09-10T10:07:08Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-30-China-and-Taiwan-passport-Organized-Not-expired
- Screenshots:
- Threat Actors: yellowdianwei88
- Victim Country: China
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of LYSI Mexico
- Category: Data Breach
- Content: The threat actor claims to have leaked a database allegedly belonging to LYSI Mexico, affecting over 1.1 million individuals. The compromised data includes full names, national ID numbers, phone numbers, physical addresses, email addresses, and purchase activity related to Tienda Nube.
- Date: 2025-09-10T09:20:18Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-LYSI-MEXICO-1-1-MILLION-DATABASE
- Screenshots:
- Threat Actors: Himenisme666
- Victim Country: Mexico
- Victim Industry: E-commerce & Online Stores
- Victim Organization: lysi mexico
- Victim Site: lysimexico.com
- Alleged data leak of personal details of Indian users
- Category: Data Breach
- Content: The threat actor claims to have leaked a database allegedly containing personal details of Indian users. The compromised dataset includes sensitive information such as usernames, Gmail addresses, WhatsApp numbers, and corresponding email passwords.
- Date: 2025-09-10T08:32:08Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Username-Gmail-Nomor-Wa-KataSandi
- Screenshots:
- Threat Actors: BARZXPLOIT
- Victim Country: India
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of My Crediary
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of My Crediary, exposing data of over 500,000 users. The leaked dataset of 182MB reportedly includes highly sensitive personal and financial information such as full names, CPF/CNPJ, RG details, dates of birth, contact information (emails, addresses, phone numbers), employment and income data, vehicle ownership, personal references, and internal scoring metadata.
- Date: 2025-09-10T07:24:09Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-LEAK-meucrediario-com-br-500K-Records-Full-DB-Dump-CPF-RG-Address-Email
- Screenshots:
- Threat Actors: privilege
- Victim Country: Brazil
- Victim Industry: Financial Services
- Victim Organization: my crediary
- Victim Site: meucrediario.com.br
- Alleged data leak of DIAN Directorate of National Taxes and Customs
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of National Directorate of Taxes and Customs, Colombia.
- Date: 2025-09-10T06:52:49Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Fuga-de-bases-de-datos-Colombia-dian
- Screenshots:
- Threat Actors: Kprada2026
- Victim Country: Colombia
- Victim Industry: Government Administration
- Victim Organization: dian directorate of national taxes and customs
- Victim Site: dian.gov.co
- Dark Storm Team claims to target Turkey
- Category: Alert
- Content: A recent post by the group indicated that they are targeting Turkey.
- Date: 2025-09-10T06:52:44Z
- Network: telegram
- Published URL: https://t.me/DarkstormteamNewc/12
- Screenshots:
- Threat Actors: Dark Storm Team
- Victim Country: Turkey
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of Urbaner
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Urbaner. The compromised dataset have both customer and employee data including user emails, password hashes with salts, staff access credentials and other internal reports
- Date: 2025-09-10T06:51:35Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-LEAK-Urbaner-com-Complete-Database-Dump-Emails-Password-Hashes-Staff-Access
- Screenshots:
- Threat Actors: privilege
- Victim Country: Peru
- Victim Industry: Information Technology (IT) Services
- Victim Organization: urbaner
- Victim Site: urbaner.com
- Alleged data breach of Banco Falabella Colombia
- Category: Data Breach
- Content: Threat actor claims to have leaked the data of Banco Falabella Colombia. The compromised data includes online banking account details, session identifiers, savings account numbers, and login credentials.
- Date: 2025-09-10T06:23:21Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Cuentas-falabella-expuestas
- Screenshots:
- Threat Actors: Kprada2026
- Victim Country: Colombia
- Victim Industry: Banking & Mortgage
- Victim Organization: banco falabella colombia
- Victim Site: bancofalabella.com.co
- Alleged Data leak of TLB
- Category: Data Breach
- Content: The threat actor claims to have leaked of sensitive data from TLB
- Date: 2025-09-10T05:58:12Z
- Network: telegram
- Published URL: https://t.me/CyberforceTn/405
- Screenshots:
- Threat Actors: Tunisian Maskers Cyber Force
- Victim Country: Israel
- Victim Industry: E-commerce & Online Stores
- Victim Organization: tlb
- Victim Site: tlb.co.il
- Alleged data breach of Maslamani
- Category: Data Breach
- Content: The threat actor claims to have leaked of sensitive data from Maslamani.
- Date: 2025-09-10T05:38:02Z
- Network: telegram
- Published URL: https://t.me/CyberforceTn/404
- Screenshots:
- Threat Actors: Tunisian Maskers Cyber Force
- Victim Country: Israel
- Victim Industry: Information Technology (IT) Services
- Victim Organization: maslamani
- Victim Site: maslamani.co.il
- Alleged data leak of Georgia investors
- Category: Data Breach
- Content: Threat actor claims to have leaked a database of Georgia investors in 2025, reportedly containing about 971,000 records.
- Date: 2025-09-10T05:35:24Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Georgia-investors-2025
- Screenshots:
- Threat Actors: first_bug
- Victim Country: Georgia
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak of U.S. Military Base in Lebanon
- Category: Data Breach
- Content: The threat actor claims to have leaked a database containing detailed records of a secret U.S. military base in Lebanon.
- Date: 2025-09-10T05:19:37Z
- Network: telegram
- Published URL: https://t.me/c/2297393697/408
- Screenshots:
- Threat Actors: HIME666
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of Lifebear
- Category: Data Breach
- Content: The group claims to have leaked the data of Lifebear. The compromised data includes user account information, such as ID, login ID, email address, password, account creation date, date of birth, and gender.
- Date: 2025-09-10T05:00:00Z
- Network: telegram
- Published URL: https://t.me/digitalsghost/962
- Screenshots:
- Threat Actors: DigitalGhost
- Victim Country: Japan
- Victim Industry: Consumer Services
- Victim Organization: lifebear
- Victim Site: lifebear.com
- Alleged data leak of USA SSN school records
- Category: Data Breach
- Content: Threat actor claims to have leaked 120,000 U.S. school-related fullz records, including Social Security Numbers (SSNs), names, dates of birth, email addresses, phone numbers, and full residential addresses.
- Date: 2025-09-10T02:55:57Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-120k-USA-SSN-FULLZ-SCHOOL
- Screenshots:
- Threat Actors: Digimon
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of student records from china
- Category: Data Breach
- Content: Threat actor claims to have leaked Chinese students’ personal and academic information. The compromised data includes National ID numbers, full residential addresses, phone numbers, guardian names, and school/grade details
- Date: 2025-09-10T02:51:26Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-FULL-DATABASE-STUDENT-CHINESE
- Screenshots:
- Threat Actors: Digimon
- Victim Country: China
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of e-commerce records from China
- Category: Data Breach
- Content: Threat actor claims to have leaked Chinese e-commerce customer purchase records, including names, order IDs, product details, phone numbers, prices, categories, and full location information.
- Date: 2025-09-10T02:47:31Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-CHINA-FULL-DATABASE
- Screenshots:
- Threat Actors: Digimon
- Victim Country: China
- Victim Industry: E-commerce & Online Stores
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged sale of USA Linkedin
- Category: Data Breach
- Content: The threat actor claims to be selling a database of 4.2 million U.S. LinkedIn users; the breached data contains website, company, first name, last name, job title, email, industry, LinkedIn profile URL, and company country information.
- Date: 2025-09-10T02:07:49Z
- Network: telegram
- Published URL: https://t.me/digitalsghost/956
- Screenshots:
- Threat Actors: DigitalGhost
- Victim Country: USA
- Victim Industry: Social Media & Online Social Networking
- Victim Organization: linkedin
- Victim Site: linkedin.com
- Alleged data breach of Lahat Regency Government
- Category: Data Breach
- Content: Threat actor claims to have leaked the data of Lahat Regency Government. The compromised data includes sensitive personal information of senior citizens in Lahat Regency, Indonesia, containing details such as full names, national identification numbers (NIK), family card numbers (No KK), places and dates of birth, gender, guardian names and their corresponding NIKs, as well as residential addresses. NB: The organization was previously breached on August 10, 2025
- Date: 2025-09-10T01:16:48Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Source-Code-LEAKED-DATABASE-LAHAT-REGENCY-%E2%80%94-24-DISTRICTS-SENIOR-CITIZENS-ID-DOB-ADDRESS
- Screenshots:
- Threat Actors: TomSec
- Victim Country: Indonesia
- Victim Industry: Government Administration
- Victim Organization: lahat regency government
- Victim Site: lahatkab.go.id
- Alleged Sale SSH/Root Server Access
- Category: Initial Access
- Content: A threat actor is offering bulk access to SSH/root servers.
- Date: 2025-09-10T00:52:24Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265913/
- Screenshots:
- Threat Actors: bestsshroot2025
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak of Italian Police Intel
- Category: Data Breach
- Content: The group claims to be leaked 6GB Italian Police Intel Leak.
- Date: 2025-09-10T00:42:09Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/2323
- Screenshots:
- Threat Actors: Scattered Lapsus$ Hunter 5.0
- Victim Country: Italy
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak of USA Army Database
- Category: Data Breach
- Content: threat actor claims to have obtained the leaked U.S. military database.
- Date: 2025-09-10T00:17:45Z
- Network: openweb
- Published URL: https://leakbase.la/threads/top-secret-sci-noforn-usa-army-db-leak.42543/
- Screenshots:
- Threat Actors: uber
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of an Unidentified Medicare Organization in the USA
- Category: Data Breach
- Content: threat actor claims to have leaked Medicare, Allianz, and U.S. databases . The compromised data includes sensitive personal and financial details such as names, addresses, SSNs, bank information, and driver’s licenses.
- Date: 2025-09-10T00:17:23Z
- Network: openweb
- Published URL: https://leakbase.la/threads/medicare-alianz-and-usa-db-leaks-avilable-2025-8.42542/
- Screenshots:
- Threat Actors: uber
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from government and IT to financial services and e-commerce, and impacting countries including the USA, Italy, China, and Colombia. The compromised data ranges from sensitive personal information like national IDs and credit card details to military intelligence and internal company reports. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to industrial control systems, administrative panels, and server access. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.