This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
1. GARUDA ERROR SYSTEM targets the website of E-hinga
- Category: Defacement
- Content: The threat actor claims to have defaced the website of E-hinga.
- Date: 2025-09-15T14:21:53Z
- Network: telegram
- Published URL: (https://t.me/c/2004556114/1996)
- Screenshots:
- Threat Actors: GARUDA ERROR SYSTEM
- Victim Country: Rwanda
- Victim Industry: Agriculture & Farming
- Victim Organization: e-hinga
- Victim Site: ehinga.org
2. Alleged data sale of SmartTrader
- Category: Data Breach
- Content: The threat actor claims to be selling data from SmartTrader, with over 256,000 user records. The leak includes user details, contact info, verification data, trading ideas, charts, and private workspaces. And also selling an SQL injection exploit.
- Date: 2025-09-15T14:20:07Z
- Network: openweb
- Published URL: (https://xss.pro/threads/143261/)
- Screenshots:
- Threat Actors: MrDark
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: smarttrader
- Victim Site: smarttrader.com
3. Alleged data breach of Diia
- Category: Data Breach
- Content: The group claims to be selling 20M user data from Diia. The compromised data reportedly include 20,000,000+ records containing information such as date of birth , phone, email, created at, IPN, EDR POU, company name, address street, passport series, passport number, passport issue date, passport issued by, id card number, etc.
- Date: 2025-09-15T14:13:20Z
- Network: telegram
- Published URL: (https://t.me/h3c4kedz_official/16)
- Screenshots:
- Threat Actors: H3C4KEDZ
- Victim Country: Ukraine
- Victim Industry: Government Administration
- Victim Organization: diia
- Victim Site: diia.gov.ua
4. Alleged data leak of Kulturkvarteret
- Category: Data Breach
- Content: The group claims to have leaked more than 20K data from Kulturkvarteret. The compromised data reportedly contain information such as names, addresses, phone numbers, contact emails, sender emails, places, cities, IP addresses, and hashed passwords.
- Date: 2025-09-15T14:02:24Z
- Network: telegram
- Published URL: (https://t.me/bl4ckcyb3rofficial/1934)
- Screenshots:
- Threat Actors: BL4CK CYB3R
- Victim Country: Sweden
- Victim Industry: Recreational Facilities & Services
- Victim Organization: kulturkvarteret
- Victim Site: kulturkvarteret.se
5. Alleged data leak of Avatel Telecom
- Category: Data Breach
- Content: The threat actor claims to have leaked data from Avatel Telecom, including employee information exfiltrated from Active Directory and 380 GB of user and corporate data from the company’s Oracle Database. The leaked content allegedly contains sensitive infrastructure details, financial records, internal contracts, client data, and personal information of users.
- Date: 2025-09-15T13:59:33Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-ES-Avatel-Telecom-Database)
- Screenshots:
- Threat Actors: ByteToBreach
- Victim Country: Spain
- Victim Industry: Network & Telecommunications
- Victim Organization: avatel telecom
- Victim Site: avatel.es
6. Alleged data sale of UAE Red Crescent
- Category: Data Breach
- Content: The threat actor claims to be selling 249,256 files from the UAE Red Crescent.
- Date: 2025-09-15T13:48:26Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-%F0%9F%87%A6%F0%9F%87%AA-Emirates-Red-Crescent-Breach)
- Screenshots:
- Threat Actors: Kazu
- Victim Country: UAE
- Victim Industry: Non-profit & Social Organizations
- Victim Organization: uae red crescent
- Victim Site: emiratesrc.ae
7. Alleged data leak of Office of the Basic Education Commission
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of Office of the Basic Education Commission.
- Date: 2025-09-15T13:48:09Z
- Network: telegram
- Published URL: (https://t.me/kxichixxsec/1028)
- Screenshots:
- Threat Actors: Kxichixxsec
- Victim Country: Thailand
- Victim Industry: Education
- Victim Organization: office of the basic education commission
- Victim Site: bigdatadl.obec.go.th
8. Alleged data leak of Tickle me
- Category: Data Breach
- Content: The threat actor claims to have leaked a database from Tickle me. The data contains personal and account information of registered users, including names, email addresses, hashed passwords (bcrypt), birth dates, newsletter preferences, IPs, secure keys, and account status flags.
- Date: 2025-09-15T13:13:20Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-Free-DB-chatouillez-moi-com-Country-France)
- Screenshots:
- Threat Actors: RainbowDF
- Victim Country: France
- Victim Industry: E-commerce & Online Stores
- Victim Organization: tickle me
- Victim Site: chatouillez-moi.com
9. Alleged data leak of Majlis Agama Islam Melaka (MAIM)
- Category: Data Breach
- Content: The threat actor claims to have breached the Majlis Agama Islam Melaka (MAIM).
- Date: 2025-09-15T13:06:43Z
- Network: telegram
- Published URL: (https://t.me/x1975team/94?single)
- Screenshots:
- Threat Actors: 1975 TEAM
- Victim Country: Malaysia
- Victim Industry: Government & Public Sector
- Victim Organization: majlis agama islam melaka
- Victim Site: maim.gov.my
10. Alleged data leak of Ministry of Economy of Malaysia
- Category: Data Breach
- Content: The threat actor claims to have breached the Ministry of Economy of Malaysia.
- Date: 2025-09-15T12:57:49Z
- Network: telegram
- Published URL: (https://t.me/x1975team/94?single)
- Screenshots:
- Threat Actors: 1975 TEAM
- Victim Country: Malaysia
- Victim Industry: Government Administration
- Victim Organization: ministry of economy of malaysia
- Victim Site: ekonomi.gov.my
11. Alleged data leak of Ministry of Home Affairs Malaysia
- Category: Data Breach
- Content: The threat actor claims to have breached the Ministry of Home Affairs Malaysia.
- Date: 2025-09-15T12:40:24Z
- Network: telegram
- Published URL: (https://t.me/x1975team/94)
- Screenshots:
- Threat Actors: 1975 TEAM
- Victim Country: Malaysia
- Victim Industry: Government Administration
- Victim Organization: ministry of home affairs
- Victim Site: moha.gov.my
12. Alleged data leak of Bureau of Internal Revenue
- Category: Data Breach
- Content: The threat actor claims to have leaked data from Bureau of Internal Revenue (Philippines), exposing 92 records. The dataset reportedly includes website login credentials such as usernames and passwords.
- Date: 2025-09-15T11:56:55Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-Bureau-of-Internal-Revenue-LOGS)
- Screenshots:
- Threat Actors: DCAGroup
- Victim Country: Philippines
- Victim Industry: Government Administration
- Victim Organization: bureau of internal revenue phillppines
- Victim Site: bir.gov.ph
13. Alleged leak of multiple login credentials from Abu Dhabi Judicial Department
- Category: Data Breach
- Content: The group claims to have leaked multiple login credentials associated with the Abu Dhabi Judicial Department.
- Date: 2025-09-15T11:50:22Z
- Network: telegram
- Published URL: (https://t.me/c/2451084701/170485)
- Screenshots:
- Threat Actors: Buscador
- Victim Country: UAE
- Victim Industry: Government Administration
- Victim Organization: abu dhabi judicial department
- Victim Site: adjd.gov.ae
14. Alleged unauthorized access to a Maroso autoclave controller system in the UK
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to a Maroso autoclave controller system in the UK. The compromised system allegedly allows full administrative control, including managing process recipes, changing operating modes, controlling actuators such as pumps, valves, and heaters, and accessing emergency data and logs.
- Date: 2025-09-15T11:20:11Z
- Network: telegram
- Published URL: (https://t.me/Z_ALLIANCE/753)
- Screenshots:
- Threat Actors: Z-ALLIANCE
- Victim Country: UK
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
15. Alleged data leak of Rational Solutions
- Category: Data Breach
- Content: The group claims to have leaked 50GB data from Rational Solutions. The compromised data includes meeting secrets, weapon blueprints, project updates etc.
- Date: 2025-09-15T11:11:32Z
- Network: telegram
- Published URL: (https://t.me/CyberToufan02/364)
- Screenshots:
- Threat Actors: CyberToufan
- Victim Country: Israel
- Victim Industry: Manufacturing
- Victim Organization: rational solutions
- Victim Site: rational-sl.com
16. Alleged data leak of CenTríto
- Category: Data Breach
- Content: The threat actor claims to have leaked 22,948 user records from CenTríto. The compromised data includes sensitive personal information such as full names, email addresses, phone numbers, dates of birth, gender, and government-issued identification (Cédula de Ciudadanía, Cédula de Extranjería).
- Date: 2025-09-15T09:37:55Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-CENTRITO-CO-%E2%80%94-22-948-Records-User-Accounts-Emails-Phones)
- Screenshots:
- Threat Actors: privilege
- Victim Country: Colombia
- Victim Industry: E-commerce & Online Stores
- Victim Organization: centrito
- Victim Site: centrito.co
17. Alleged data leak of Heyfood
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Heyfood, compromising 139,123 user records. The dataset includes personally identifiable information of consumers, vendors, and drivers—such as full names, phone numbers, email addresses, dates of birth, bcrypt-hashed passwords, referral codes, account roles, and guest identifiers.
- Date: 2025-09-15T09:12:58Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-HEYFOOD-AFRICA-%E2%80%94-139K-Records-User-Accounts-Phones-Emails)
- Screenshots:
- Threat Actors: privilege
- Victim Country: South Africa
- Victim Industry: Food & Beverages
- Victim Organization: heyfood
- Victim Site: heyfood.africa
18. Alleged data leak of Speedi
- Category: Data Breach
- Content: The threat actor claims to have leaked 4,345 records from Speedi. The leaked dataset contains sensitive personal and company-related data such as mobile numbers, email addresses, identity numbers, bcrypt-hashed passwords, device IDs, last login IPs, account tokens, and geolocation coordinates. The breach impacts thousands of drivers, pickers, and employees
- Date: 2025-09-15T07:38:52Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DB-LEAK-SPEEDI-SA-%E2%80%94-4-345-Records-Accounts-Phones-Passwords)
- Screenshots:
- Threat Actors: privilege
- Victim Country: Saudi Arabia
- Victim Industry: Food & Beverages
- Victim Organization: speedi
- Victim Site: speedi.sa
19. Alleged data leak of Urzza Charge Tech
- Category: Data Breach
- Content: The threat actor claims to have leaked 4,303 user records from Urzza Charge Tech. The compromised data includes names, mobile numbers, email addresses, physical addresses, account creation and update timestamps, Razorpay customer IDs, and email verification hashes.
- Date: 2025-09-15T07:31:51Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DB-LEAK-URZZAEV-COM-%E2%80%94-4-303-Records-Accounts-Emails-Phones)
- Screenshots:
- Threat Actors: privilege
- Victim Country: India
- Victim Industry: Automotive
- Victim Organization: urzza charge tech
- Victim Site: urzzaev.com
20. Alleged leak from an unidentified Brazilian database
- Category: Data Breach
- Content: The threat actor claims to have leaked an unidentified Brazilian database containing 4,059 user records. The exposed data includes names, phone numbers, emails, Telegram IDs, account creation and update timestamps, along with activity status.
- Date: 2025-09-15T07:24:23Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-Brazilian-Database-%E2%80%94-4-059-Records-Names-Phones-Emails-TG-ID)
- Screenshots:
- Threat Actors: privilege
- Victim Country: Brazil
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
21. Alleged data leak of Oblige
- Category: Data Breach
- Content: The threat actor claims to have leaked 804 user records from Oblige, a France-based enterprise access and authentication management platform. The exposed data includes user display names, emails, bcrypt-hashed passwords, registration and confirmation dates, authentication modes, tokens, account states, and other metadata
- Date: 2025-09-15T07:18:56Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-LEAK-OBLIGE-FR-%E2%80%94-804-Records-User-Accounts-Emails-Tokens)
- Screenshots:
- Threat Actors: privilege
- Victim Country: France
- Victim Industry: Information Technology (IT) Services
- Victim Organization: oblige
- Victim Site: oblige.fr
22. Alleged data leak of Mitecnico
- Category: Data Breach
- Content: The threat actor claims to have leaked 1,913 user account records from Mitecnico, a Colombia-based IT and helpdesk management platform. The exposed data includes usernames, emails, phone numbers, password hashes (with update timestamps), personal and API tokens, session cookies, user roles, profile information, and internal configuration metadata.
- Date: 2025-09-15T07:14:30Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-MITECNI-CO-%E2%80%94-1913-Records-User-Accounts-Passwords-Tokens)
- Screenshots:
- Threat Actors: privilege
- Victim Country: Colombia
- Victim Industry: Information Technology (IT) Services
- Victim Organization: mitecnico
- Victim Site: mitecni.co
23. Alleged Data Breach of MobiVerse
- Category: Data Breach
- Content: Threat actor claims to have obtained the data from MobiVerse exposed 930 records containing applicant details, contact information, and education data tied to Zimbabwe and other regions.
- Date: 2025-09-15T06:34:46Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-MOBIVS-COM-%E2%80%94-930-Records-Applications-Phone-Numbers-Education)
- Screenshots:
- Threat Actors: privilege
- Victim Country: Zimbabwe
- Victim Industry: Education
- Victim Organization: mobiverse
- Victim Site: mobivs.com
24. Alleged Data Breach of Fabrice Claeys
- Category: Data Breach
- Content: Threat actor claims to have obtained the 331 user and company records from fabriceclaeys, a French transport and logistics platform. The leak includes sensitive corporate information such as names, addresses, contact persons, emails, phone and fax numbers, SIRET identifiers, and activity timestamps.
- Date: 2025-09-15T06:20:41Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-LEAK-FABRICECLAEYS-COM-%E2%80%94-331-Accounts-Emails-Contacts-France)
- Screenshots:
- Threat Actors: privilege
- Victim Country: France
- Victim Industry: Transportation & Logistics
- Victim Organization: fabrice claeys
- Victim Site: fabriceclaeys.com
25. Alleged leak of Admin access to Ministry of Education and Research
- Category: Initial Access
- Content: The group claims to have leaked the Romanian Ministry of Education’s administration system, gaining access to high school application data and the ability to alter statuses. They also modified the system to visibly demonstrate the breach to administrators
- Date: 2025-09-15T06:06:13Z
- Network: telegram
- Published URL: (https://t.me/OverloadXTeam/161)
- Screenshots:
- Threat Actors: OverloadX Team Hacker
- Victim Country: Romania
- Victim Industry: Government Administration
- Victim Organization: ministry of education and research
- Victim Site: jobs.edu.ro
26. Alleged Data Breach of Ebay Accounts
- Category: Data Breach
- Content: Threat actors claim to have obtained a database of approximately 5,000 active eBay accounts, exposing email addresses and passwords associated with various regional eBay sites, including the US, UK, Germany, and Australia. The leaked data includes standard login credentials from multiple users.
- Date: 2025-09-15T06:04:00Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Cuentas-activas-ebay-CO-5K)
- Screenshots:
- Threat Actors: whitehat
- Victim Country: USA
- Victim Industry: E-commerce & Online Stores
- Victim Organization: ebay
- Victim Site: Unknown
27. Alleged data leak of Facebook
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of 9,000 active Facebook accounts, including usernames, emails, phone numbers, and passwords.
- Date: 2025-09-15T06:01:33Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Cuentas-Facebook-9K)
- Screenshots:
- Threat Actors: whitehat
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
28. Alleged data leak of Netflix
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of 5,000 active Netflix accounts, includes a sample of compromised Facebook credentials potentially used as login methods or identity verifications.
- Date: 2025-09-15T05:57:17Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Cuentas-netflix-activas-5k)
- Screenshots:
- Threat Actors: whitehat
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
29. Alleged Unauthorized Access to U.S. Oil & Gas Control System
- Category: Initial Access
- Content: The threat actor claims to have hacked a U.S. oil and gas field monitoring and control system, gaining access to operational data from tanks, pits, and wells.
- Date: 2025-09-15T05:53:01Z
- Network: telegram
- Published URL: (https://t.me/c/3019913760/119)
- Screenshots:
- Threat Actors: AL-MUJAHIDEEN FORCE 313
- Victim Country: USA
- Victim Industry: Oil & Gas
- Victim Organization: Unknown
- Victim Site: Unknown
30. Alleged data leak of LEDGER
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of fresh leads related to LEDGER, a cryptocurrency hardware wallet company.
- Date: 2025-09-15T05:43:27Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-LEDGER-FRESH-LEADS-DB)
- Screenshots:
- Threat Actors: Mblvck
- Victim Country: France
- Victim Industry: Computer & Network Security
- Victim Organization: ledger
- Victim Site: ledger.com
31. Alleged Data breach of Gravatar
- Category: Data Breach
- Content: Threat actors claim to have obtained the 6.6 million Gravatar profiles on September 15th, 2025, exposing usernames, emails, avatars, and profile details.
- Date: 2025-09-15T05:40:24Z
- Network: openweb
- Published URL: (https://breachsta.rs/topic/gravatar-scrape-september-15th-2025-h9v1oci5qphz)
- Screenshots:
- Threat Actors: boss
- Victim Country: USA
- Victim Industry: Information Services
- Victim Organization: gravatar
- Victim Site: gravatar.com
32. Alleged Data Breach of Mercado Libre
- Category: Data Breach
- Content: threat actor claims to be selling a database of approximately 4,000 Mercado Libre accounts from Colombia, compromised user accounts on the e-commerce platform.
- Date: 2025-09-15T05:09:22Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-BD-MERCADO-LIBRE-ACCOUNT-4K)
- Screenshots:
- Threat Actors: whitehat
- Victim Country: Colombia
- Victim Industry: E-commerce & Online Stores
- Victim Organization: mercado libre
- Victim Site: mercadolibre.com.co
33. Alleged Data Leak of Pengadilan Agama Gunung Sitoli
- Category: Data Breach
- Content: A threat actor claims to have leaked a database pa-gunungsitoli.go.id, including personal details such as names, addresses, emails, phone numbers, and other metadata.
- Date: 2025-09-15T04:47:56Z
- Network: telegram
- Published URL: (https://t.me/LenteraBawahOfc/204)
- Screenshots:
- Threat Actors: ResetIDN
- Victim Country: Indonesia
- Victim Industry: Government Administration
- Victim Organization: pengadilan agama gunung sitoli
- Victim Site: pa-gunungsitoli.go.id
34. Alleged sale of Google LLC 0day Redirection Vulnerability
- Category: Vulnerability
- Content: threat actor claims to be selling a Google 0day Redirection Vulnerability that allegedly allows attackers to deliver malware (APK/EXE) or host phishing pages via direct links on Google.com.
- Date: 2025-09-15T04:43:15Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-GOOGLE-0day-Redirection-Vulnerability-good-for-Phishing)
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: google llc
- Victim Site: Unknown
35. Alleged unauthorized admin access to an unidentified Two Top Pakistani Government Websites
- Category: Initial Access
- Content: The threat actor claims to have gained unauthorized access to the databases of two top Pakistani government websites.
- Date: 2025-09-15T04:32:55Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Selling-2-Top-Pakistani-Government-Websites-for-SALE)
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: Pakistan
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
36. Alleged Data Breach of Magnus Marketing
- Category: Data Breach
- Content: Threat actor claims to have obtained the data from Magnus Marketing, revealing business and personal records such as contact details, company information, and industry-related data.
- Date: 2025-09-15T04:15:53Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-ineedmagnus-com-Leaked-Download)
- Screenshots:
- Threat Actors: N1KA
- Victim Country: USA
- Victim Industry: Marketing, Advertising & Sales
- Victim Organization: magnus marketing
- Victim Site: ineedmagnus.com
37. Alleged Data Breach of Jacob Engineering and Education ME
- Category: Data Breach
- Content: threat actor claims to have obtained the database from calculistadeaco, containing around 13,600 entries with personal and professional information, including names, emails, job titles, company details, addresses, and social media links.
- Date: 2025-09-15T03:47:36Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-DATABASE-calculistadeaco-com-br-Leaked-Download)
- Screenshots:
- Threat Actors: N1KA
- Victim Country: Brazil
- Victim Industry: Education
- Victim Organization: jacob engineering and education me
- Victim Site: calculistadeaco.com.br
38. Alleged Data Breach of Sangoma Technologies Corporation
- Category: Data Breach
- Content: A threat actor claims to have obtained 1.5 TB of Sangoma Technologies’ data, including software, source code, and system files from its business communications platforms.
- Date: 2025-09-15T03:31:08Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-Source-Code-N1KA-Sangoma-com-Data-Leaked-Download)
- Screenshots:
- Threat Actors: N1KA
- Victim Country: Canada
- Victim Industry: Network & Telecommunications
- Victim Organization: sangoma technologies corporation
- Victim Site: sangoma.com
39. Alleged leak of Unidentified Vulnerability in Department of Education -Cordillera Administrative Region
- Category: Vulnerability
- Content: threat actor claims to have discovered vulnerabilities on the DepEd Tayo Cordillera website that could potentially allow access to all accounts through a single login. The poster advises the organization to patch the site, implement stronger encrypted passwords, and train employees.
- Date: 2025-09-15T03:17:57Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-deped-car-ph-DepEd-Tayo-Cordillera)
- Screenshots:
- Threat Actors: r00tXpLo1t
- Victim Country: Philippines
- Victim Industry: Education
- Victim Organization: department of education -cordillera administrative region
- Victim Site: depedcar.ph
40. Alleged Data Leak of Thailand Covid Study from Educational Institution
- Category: Data Breach
- Content: The threat actor claims to have leaked a COVID vaccination study database from a Thai educational institution, exposing highly sensitive personal data of what is claimed to be over 7.2 million individuals. The dataset includes Thai national ID numbers, full names, university student IDs, faculty information, and detailed COVID vaccination records such as vaccine types, dates, and dose history.
- Date: 2025-09-15T03:16:44Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266280/)
- Screenshots:
- Threat Actors: r57
- Victim Country: Thailand
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
41. Alleged data breach of Balance Brand
- Category: Data Breach
- Content: A threat actor claims to have leaked the database of Blb.co.th, allegedly exposing 305,448 records. The data includes full names, phone numbers, residential addresses, and postal codes of individuals across Thailand.
- Date: 2025-09-15T03:13:33Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266277/)
- Screenshots:
- Threat Actors: r57
- Victim Country: Thailand
- Victim Industry: Health & Fitness
- Victim Organization: balance brand
- Victim Site: blb.co.th
42. Alleged Data Breach of Council of Ministers of Iraq
- Category: Data Breach
- Content: Threat actor claims to have obtained the 500 GB of Iraqi government data, including information on 18 million citizens, the Council of Ministers, and Kirkuk province.
- Date: 2025-09-15T03:07:15Z
- Network: openweb
- Published URL: (https://darkforums.st/Thread-500-GB-Iraqi-Government-Data-2025)
- Screenshots:
- Threat Actors: Shada007
- Victim Country: Iraq
- Victim Industry: Government Administration
- Victim Organization: council of ministers of iraq
- Victim Site: cabinet.iq
43. Alleged data breach of SELF U
- Category: Data Breach
- Content: A threat actor claims to have accessed internal records from Selfu.com, an online learning platform offering courses in English language, exam preparation, and self-development. The leak allegedly contains 139,751 user records, of which 63,137 include phone numbers. Exposed data includes full names, phone numbers, emails, and timestamp posing a potential privacy risk for thousands of users.
- Date: 2025-09-15T03:01:36Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266278/)
- Screenshots:
- Threat Actors: r57
- Victim Country: Thailand
- Victim Industry: Education
- Victim Organization: self u
- Victim Site: selfu.com
44. Alleged Data Leak of USA Housekeeping Owners Data
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of 42,234 housekeeping owners in the USA, including personal details such as names, addresses, emails, phone numbers, service preferences, and other metadata.
- Date: 2025-09-15T01:21:00Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266268/)
- Screenshots:
- Threat Actors: r57
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
45. Alleged data sale of Thailand car owners information
- Category: Data Breach
- Content: A threat actor claims to have leaked a database containing personal information of over 538,000 car owners in Thailand. The exposed data allegedly includes full names, phone numbers, addresses, national ID numbers, dates of birth, and gender.
- Date: 2025-09-15T01:20:46Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266273/)
- Screenshots:
- Threat Actors: r57
- Victim Country: Thailand
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
46. Alleged data breach of ALB Commercial Capital
- Category: Data Breach
- Content: A threat actor claims to have accessed internal records from ALB Commercial Capital, allegedly exposing contact information of real estate professionals, escrow agents, appraisers, and brokers across the United States. The leaked data includes names, email addresses, phone numbers, company affiliations, and business roles.
- Date: 2025-09-15T00:20:54Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266267/)
- Screenshots:
- Threat Actors: r57
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: alb commercial capital
- Victim Site: albcommercialcapital.com
47. Alleged data breach of Look
- Category: Data Breach
- Content: The threat actor claims to have leaked a database of Look.com.ua, a Ukrainian lifestyle platform that provides content on beauty, fashion, health, and interior design. The actor alleges that the dump contains 353,761 records, including email addresses, hashed passwords, usernames, IP addresses, and other user metadata.
- Date: 2025-09-15T00:20:36Z
- Network: openweb
- Published URL: (https://forum.exploit.in/topic/266270/)
- Screenshots:
- Threat Actors: r57
- Victim Country: Ukraine
- Victim Industry: Marketing, Advertising & Sales
- Victim Organization: look
- Victim Site: look.com.ua
Conclusion
The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education and e-commerce to government and financial services. The compromised data ranges from personal user information and account details to sensitive organizational data and intellectual property.
Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to various systems, including government infrastructure and a U.S. oil and gas control system. The sale of vulnerabilities and malicious tools, such as an alleged Google 0day and an SQL injection exploit, further underscores the availability of offensive capabilities in the cyber underground.
The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.