This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.
- Alleged data breach of Yemen Mobile
- Category: Data Breach
- Content: The threat actor claims to have leaked infrastructure-related data belonging to Yemen Mobile, a major telecommunications provider in Yemen.
- Date: 2025-09-02T13:35:32Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Yemen-Mobile-Infrastructure-Company-Yemen
- Screenshots:
- Threat Actors: Anonymous2090
- Victim Country: Yemen
- Victim Industry: Network & Telecommunications
- Victim Organization: yemen mobile
- Victim Site: yemenmobile.com.ye
- Alleged data leak of Tropical Tours Shuttles
- Category: Data Breach
- Content: The threat actor claims to have leaked a database from Tropical Tours Shuttles, which contains over 5.7 million database rows, including at least 28,803 customer records and 85,819 accounts payable entries. Exposed data includes full names, identification numbers, phone numbers, emails, addresses, tax details, credit limits, and invoice records, suggesting a compromise of both customer and financial systems.
- Date: 2025-09-02T13:35:24Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Tropical-Tours-Shuttles-Data-Breach-Leaked-Download
- Screenshots:
- Threat Actors: N1KA
- Victim Country: Costa Rica
- Victim Industry: Hospitality & Tourism
- Victim Organization: tropical tours shuttles
- Victim Site: tropicaltourshuttles.com
- Alleged data leak of Saint Pedro Poveda College
- Category: Data Breach
- Content: The threat actor claims to have leaked an database from the i-CLAIM system of Saint Pedro Poveda College in the Philippines. The compromised data reportedly contains detailed records from the institution’s asset management system, including asset IDs, asset names, categories, current status, physical location, purchase dates, and supplier details.
- Date: 2025-09-02T13:16:18Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Philippines-i-CLAIM-School-Asset-Management-System-SQL-Database
- Screenshots:
- Threat Actors: hhhhhaplus
- Victim Country: Philippines
- Victim Industry: Education
- Victim Organization: saint pedro poveda college
- Victim Site: poveda.edu.ph
- Alleged sale of U.S. documents
- Category: Data Breach
- Content: The threat actor claims to be selling U.S. top secret documents.
- Date: 2025-09-02T12:54:00Z
- Network: openweb
- Published URL: https://leakbase.la/threads/top-secret-usa-documents.42222/
- Screenshots:
- Threat Actors: Sensey22
- Victim Country: USA
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged leak of Migrants resident ID cards
- Category: Data Breach
- Content: The threat actor claims to have leaked over 80 GB of migrant resident identity card data from the United Arab Emirates (UAE), allegedly containing sensitive personal information. The dataset reportedly includes full names, surnames, ID photographs, nationalities, dates of birth, employers, and occupations of UAE residents.
- Date: 2025-09-02T12:48:34Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-UAE-MIGRATION-RESIDENT-ID-CARDS
- Screenshots:
- Threat Actors: xploitleaks
- Victim Country: UAE
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak of MyChoice
- Category: Data Breach
- Content: The threat actor show claims to be selling a database allegedly from MyChoice. The dataset contains 14 million records.
- Date: 2025-09-02T12:42:35Z
- Network: openweb
- Published URL: https://leakbase.la/threads/mychoice-co-uk-2025.42216/
- Screenshots:
- Threat Actors: show_more
- Victim Country: UK
- Victim Industry: Financial Services
- Victim Organization: mychoice
- Victim Site: mychoice.co.uk
- Alleged access sale to Embassy of India, Manila
- Category: Initial Access
- Content: The threat actor claims to be selling access to India in Philippines (Embassy of India, Manila)
- Date: 2025-09-02T12:39:05Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-Admin-Access-of-2-Embassies-of-India-in-Philippines-and-Lebanon
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: India
- Victim Industry: Government Administration
- Victim Organization: india in philippines (embassy of india, manila)
- Victim Site: eoimanila.gov.in
- Alleged access sale to Embassy of India, Beirut
- Category: Initial Access
- Content: The threat actor claims to be selling access to India in Lebanon (Embassy of India, Beirut).
- Date: 2025-09-02T12:38:52Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-Admin-Access-of-2-Embassies-of-India-in-Philippines-and-Lebanon
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: India
- Victim Industry: Government Administration
- Victim Organization: india in lebanon (embassy of india, beirut)
- Victim Site: indianembassybeirut.gov.in
- Alleged access sale to Bihar Prohibition and Excise Department
- Category: Initial Access
- Content: The threat actor claims to have selling access to alcohol test portal of Bihar Prohibition and Excise Department under Bihar Goverment.
- Date: 2025-09-02T12:22:53Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-TOP-GOV-Access-from-india-Alcotest-bihar-gov-in-Indian-Police-Alcohol-Test-site
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: India
- Victim Industry: Law Enforcement
- Victim Organization: bihar prohibition and excise department
- Victim Site: alcotest.bihar.gov.in
- Alleged access sale to Odisha Police, Government of Odisha
- Category: Initial Access
- Content: The threat actor claims to have selling access to Crime & Criminal Tracking Network & Systems (CCTNS) of Odisha Police, Government of Odisha.
- Date: 2025-09-02T12:22:39Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-Selling-MindBlowing-Access-from-india-CitizenPortal-op-gov-in-Crime-Criminal-Tracking-S
- Screenshots:
- Threat Actors: BIGBROTHER
- Victim Country: India
- Victim Industry: Law Enforcement
- Victim Organization: odisha police, government of odisha
- Victim Site: citizenportal-op.gov.in
- Alleged unauthorized access to Hermes product storage management system in Ukraine
- Category: Initial Access
- Content: The group claims to have gained full administrator access to the Hermes product storage management system, developed by MAS SYSTEMS and used for Ukrainian seed potato storage. The compromised system allegedly allows complete control over key industrial parameters, including temperature, ventilation, refrigeration units, humidity, drying, and cooling cycles. This unauthorized access reportedly enables disruption of storage processes, manipulation of microclimate conditions, and potential spoilage of stored products.
- Date: 2025-09-02T12:05:52Z
- Network: telegram
- Published URL: https://t.me/Z_ALLIANCE/692
- Screenshots:
- Threat Actors: Z-ALLIANCE
- Victim Country: Ukraine
- Victim Industry: Industrial Automation
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of Israeli Air Force pilots
- Category: Data Breach
- Content: The threat actor claims to have leaked a dataset of over 378,000 Israeli Air Force pilots and 13,000+ related personnel, including personal details (birth dates, emails, phone numbers, IDs) and aviation licenses (Pilot, Flight Engineer, Instructor).
- Date: 2025-09-02T11:49:09Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-378-000-israel-airforce-pilots-data-with-13K-additional-information
- Screenshots:
- Threat Actors: FreedomSecurity1337
- Victim Country: Israel
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak from an Unidentified Indian University
- Category: Data Breach
- Content: The threat actor has allegedly leaked a database of an unidentified University in India. The exposed dataset contains personally identifiable information (PII) of applicants applying for assistant professor roles across various disciplines. The leak includes full names, mobile numbers, email addresses, qualifications, experience, gender, religion, marital status, and detailed messages submitted with the applications.
- Date: 2025-09-02T11:05:00Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Database-Career-University-Indian
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Education
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of Fresno Filmworks
- Category: Data Breach
- Content: The threat actor claims to have leaked a user database belonging to Fresno Filmworks, which includes user credentials (user_login, user_pass), personal information (first_name, last_name, user_email), registration details, display names, biographical info, and various admin-level WordPress settings such as roles, screen layouts, and menu preferences.
- Date: 2025-09-02T11:04:53Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-USA-FRESNO-FILMWORKS
- Screenshots:
- Threat Actors: MrAxSiKucingHitam
- Victim Country: USA
- Victim Industry: Motion Pictures & Film
- Victim Organization: fresno filmworks
- Victim Site: fresnofilmworks.org
- Alleged leak of login access to Hanoi University of Business and Technology
- Category: Initial Access
- Content: The group claims to have leaked login credential belonging to Hanoi University of Business and Technology.
- Date: 2025-09-02T10:06:36Z
- Network: telegram
- Published URL: https://t.me/kxichixxsec/822
- Screenshots:
- Threat Actors: Kxichixxsec
- Victim Country: Vietnam
- Victim Industry: Education
- Victim Organization: hanoi university of business and technology
- Victim Site: itc.hubt.edu.vn
- Alleged data leak of PG Soft user accounts
- Category: Data Breach
- Content: The threat actor claims to have leaked user account credentials associated with PG Soft (Pocket Games Soft), a mobile gaming software provider.
- Date: 2025-09-02T07:40:21Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Leaks-Account-Slot-PGSOFT
- Screenshots:
- Threat Actors: yallism
- Victim Country: Malta
- Victim Industry: Gaming
- Victim Organization: pg soft
- Victim Site: pgsoft.com
- Alleged data breach of German Experts
- Category: Data Breach
- Content: The group claims to have leaked data from German Experts. The compromised data allegedly includes the website database, application administration panel, and employee information.
- Date: 2025-09-02T07:37:01Z
- Network: telegram
- Published URL: https://t.me/fattah_iriii/948
- Screenshots:
- Threat Actors: Cyber Fattah Team
- Victim Country: UAE
- Victim Industry: Automotive
- Victim Organization: german experts
- Victim Site: germanexperts.ae
- Alleged unauthorized access to unidentified national telecommunications control system in Paraguay
- Category: Initial Access
- Content: The group claims to have gained unauthorized access to an unidentified critical system in Paraguay that manages the operation and maintenance of national telecommunications networks. The compromised system allegedly supports major communication operators by controlling data flow, resource allocation, and high-speed internet services across both mobile and fixed networks. It reportedly includes modules for performance testing, real-time service quality monitoring, and automated failure logging with alerts to on-site operational teams. Additionally, the attackers claim the system contains tools for network traffic analysis, bandwidth management, and specialized BERT modules for measuring transmission errors in fiber optic and cable infrastructure.
- Date: 2025-09-02T07:29:13Z
- Network: telegram
- Published URL: https://t.me/n2LP_wVf79c2YzM0/1304
- Screenshots:
- Threat Actors: Infrastructure Destruction Squad
- Victim Country: Paraguay
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Cyber Fattah team claims to target multiple countries
- Category: Alert
- Content: A recent post by the group indicates that they are targeting Saudi Arabia, United Arab Emirates ,Kuwait ,Qatar ,Bahrain and Oman.
- Date: 2025-09-02T06:49:41Z
- Network: telegram
- Published URL: https://t.me/fattah_iriii/946
- Screenshots:
- Threat Actors: Cyber Fattah Team
- Victim Country: UAE
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Leak Access to Hanoi University of Public Health
- Category: Initial Access
- Content: The threat actor claims to be leak the credentials of Hanoi University of Public Health
- Date: 2025-09-02T06:07:42Z
- Network: telegram
- Published URL: https://t.me/kxichixxsec/819
- Screenshots:
- Threat Actors: Kxichixxsec
- Victim Country: Vietnam
- Victim Industry: Higher Education/Acadamia
- Victim Organization: hanoi university of public health
- Victim Site: sinhvien.huph.edu.vn
- Alleged Data Leak of Facebook
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Facebook (CZ). The compromised listing, labeled 8 code.
- Date: 2025-09-02T05:51:45Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265410/
- Screenshots:
- Threat Actors: Salvation
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data breach of USTH Vietnam France University
- Category: Data Breach
- Content: The threat actor claims to have leaked the credentials from USTH Vietnam France University.
- Date: 2025-09-02T05:51:02Z
- Network: telegram
- Published URL: https://t.me/kxichixxsec/816
- Screenshots:
- Threat Actors: Kxichixxsec
- Victim Country: Vietnam
- Victim Industry: Higher Education/Acadamia
- Victim Organization: usth vietnam france university
- Victim Site: apply.usth.edu.vn
- Alleged data breach of Jollibee
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of 50,000 members in Jollibee . The exposed dataset includes detailed records such as include ID ,first name , last name , mail , mobile number , passwords , role id , email verified at ,remember token , created at , updated at , store reports and operational reports.
- Date: 2025-09-02T05:34:51Z
- Network: telegram
- Published URL: https://t.me/sctt3rd/639
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Philippines
- Victim Industry: Restaurants
- Victim Organization: jollibee
- Victim Site: jollibeefoods.com
- Alleged data breach of Jollibee Database
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Jollibee.
- Date: 2025-09-02T05:23:14Z
- Network: telegram
- Published URL: https://t.me/sctt3rd/639
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Philippines
- Victim Industry: Restaurants
- Victim Organization: jollibee
- Victim Site: jollibeefoods.com
- Alleged sale of Payroll admin access to an unidentified organization
- Category: Initial Access
- Content: The threat actor claims to be selling a database containing 26.5k FULLz, including additional information on employers and payroll administrators.
- Date: 2025-09-02T04:33:42Z
- Network: openweb
- Published URL: https://forum.exploit.in/topic/265407/
- Screenshots:
- Threat Actors: shadowwss
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of Experian
- Category: Data Breach
- Content: The threat actor claims to be selling a full database from Experian. The leaked file is 1.1GB compressed
- Date: 2025-09-02T03:58:40Z
- Network: openweb
- Published URL: https://breachsta.rs/topic/experiancom-full-database-fy0elu9dcsvc
- Screenshots:
- Threat Actors: LFG
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: experian
- Victim Site: experian.com
- CyberVolk Group claims to target Japan
- Category: Phishing
- Content: A recent post by the group indicates that they are targeting Japan on September 4. The group claims they will commence a large-scale phishing operation targeting X, Facebook, Instagram, and key sectors in Japan.
- Date: 2025-09-02T03:20:25Z
- Network: telegram
- Published URL: https://t.me/CyberVolk_Community/739
- Screenshots:
- Threat Actors: CyberVolk. Group.
- Victim Country: Japan
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data breach of AT&T
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of AT&T.
- Date: 2025-09-02T03:12:55Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1273
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: USA
- Victim Industry: Network & Telecommunications
- Victim Organization: at&t
- Victim Site: att.com
- Alleged data breach of Chatbooks
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Chatbooks.
- Date: 2025-09-02T03:12:45Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1273
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: USA
- Victim Industry: E-commerce & Online Stores
- Victim Organization: chatbooks
- Victim Site: chatbooks.com
- Alleged data breach of Sindhi College
- Category: Data Breach
- Content: The threat actor claims to be leaking a student database from Sindhi University of India. The exposed dataset includes detailed records such as names, gender, courses, years, employers, job designations, locations, addresses, phone numbers, emails, and even payment order/transaction details. NB: Authenticity of the claim is yet to be verified
- Date: 2025-09-02T03:08:53Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Sindhi-University-of-India-Student-Database
- Screenshots:
- Threat Actors: G4ll
- Victim Country: India
- Victim Industry: Education
- Victim Organization: sindhi college
- Victim Site: sindhicollege.com
- Alleged data breach of Philippine Amusement and Gaming Corporation
- Category: Data Breach
- Content: The threat actor claims to be leaking the National Database of Restricted Persons (NDRP) managed by the Philippine Amusement and Gaming Corporation (PAGCOR). The database contains details of individuals barred from casinos due to gambling addiction, with a focus on government personnel. The leak includes nearly 4 million records (87MB) with names, birth dates, positions, agencies, and memo references. Agencies affected include the Senate, PNP, DOH, DEPED, DOF, DOTr, DICT, and local government units, with positions ranging from mayors, police officers, and school presidents to directors, undersecretaries, and hospital chiefs.
- Date: 2025-09-02T03:00:38Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-National-Database-of-Restricted-Persons-pagcor-ph
- Screenshots:
- Threat Actors: DNH
- Victim Country: Philippines
- Victim Industry: Government Administration
- Victim Organization: philippine amusement and gaming corporation
- Victim Site: pagcor.ph
- Alleged data breach of Homechef
- Category: Data Breach
- Content: The threat actor claims to have leaked the database of Homechef.
- Date: 2025-09-02T02:44:03Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1273
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: USA
- Victim Industry: Food Production
- Victim Organization: homechef
- Victim Site: homechef.com
- Alleged data leak of Ministry of Justice Court documents
- Category: Data Breach
- Content: The group claims to have leaked 52 GB data of Ministry of Justice Court documents.
- Date: 2025-09-02T02:41:55Z
- Network: telegram
- Published URL: https://t.me/digitalsghost/829
- Screenshots:
- Threat Actors: DigitalGhost
- Victim Country: UK
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of Ministry of justice
- Category: Data Breach
- Content: The group claims to have leaked the database of Ministry of justice court documents
- Date: 2025-09-02T02:39:11Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1271
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: ministry of justice
- Victim Site: Unknown
- Alleged data breach of Sandia
- Category: Data Breach
- Content: Threat actor claims to have leaked the data of Sandia. The compromised data includes id, username, email, password, created date, last update, login count, last login, etc.
- Date: 2025-09-02T02:33:49Z
- Network: openweb
- Published URL: https://darkforums.st/Thread-DATABASE-Sandia-com-Database-Breach-Leaked-Download
- Screenshots:
- Threat Actors: N1KA
- Victim Country: Unknown
- Victim Industry: Financial Services
- Victim Organization: sandia
- Victim Site: sandia.com
- Alleged data breach of Google / salesforce data
- Category: Data Breach
- Content: The group claims to have leaked the database of Google / salesforce 2025. The compromised data, totaling 4TB.
- Date: 2025-09-02T02:33:41Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1267
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged data leak of Multiple organization
- Category: Data Breach
- Content: The threat actor claims to be leaking and selling exclusive access and stolen data from multiple major organizations.
- Date: 2025-09-02T02:02:56Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1273
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged Data Breach of Jollibee Foods Corporation
- Category: Data Breach
- Content: Threat actor claims to have obtained the Jollibee database containing over 50,000 user records, including names, emails, phone numbers, password hashes, roles, and account details, exposing employees and partners across multiple domains and creating serious risks of credential theft and phishing.
- Date: 2025-09-02T01:51:07Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1259
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Philippines
- Victim Industry: Food & Beverages
- Victim Organization: jollibee foods corporation
- Victim Site: jollibeefoods.com
- Alleged data breach of Burger King Brazil
- Category: Data Breach
- Content: he group claims to have leaked the database of Burger King Brazil (2025 SAP ECC). The compromised data, totaling 5.7TB.
- Date: 2025-09-02T01:42:02Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1267
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: Brazil
- Victim Industry: Food & Beverages
- Victim Organization: burger king brazil
- Victim Site: burgerking.com.br
- Alleged leak of multiple personal and organizational databases
- Category: Data Breach
- Content: The threat actor claims to be selling a leak Datagarden which contains around 1,400 records in Excel/CSV format. The dataset is described as including personal and organizational information such as emails, names, LinkedIn profiles, job positions, industries, company names, URLs, company sizes, locations, registration numbers, and phone numbers.
- Date: 2025-09-02T01:34:02Z
- Network: openweb
- Published URL: https://bhf.pro/threads/712553/
- Screenshots:
- Threat Actors: TacnoJe
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
- Alleged sale of unauthorized access to Phantom Wallet
- Category: Initial Access
- Content: The group claims to be selling unauthorized access to Phantom Wallet.
- Date: 2025-09-02T01:03:13Z
- Network: telegram
- Published URL: https://t.me/c/2976044031/1244
- Screenshots:
- Threat Actors: Scattered Lapsus$
- Victim Country: USA
- Victim Industry: Financial Services
- Victim Organization: phantom wallet
- Victim Site: phantom.com
- Fatimion cyber team targets the website of Islamic Movements
- Category: Defacement
- Content: The group claims to have defaced the website of Islamic Movements
- Date: 2025-09-02T00:16:09Z
- Network: telegram
- Published URL: https://t.me/hak993/4223
- Screenshots:
- Threat Actors: Fatimion cyber team
- Victim Country: Unknown
- Victim Industry: Newspapers & Journalism
- Victim Organization: islamic movements
- Victim Site: islamist-movements.com
- Alleged sale of VIP RAT V7.6
- Category: Malware
- Content: The threat actor is offering to sell a malware tool called VIP RAT V7.6, which provides full remote access capabilities. Features include file manipulation, webcam and microphone spying, keylogging, password theft, GPS tracking, and botnet functionality for DDoS or crypto mining. The tool also allows full control over the victim’s device, including installing additional software and displaying custom messages.
- Date: 2025-09-02T00:05:42Z
- Network: telegram
- Published URL: https://t.me/Hyder_N3x/70
- Screenshots:
- Threat Actors: Hider_Nex
- Victim Country: Unknown
- Victim Industry: Unknown
- Victim Organization: Unknown
- Victim Site: Unknown
The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education, gaming, healthcare, and automotive, and impacting countries including Bangladesh, Mexico, Malaysia, India, Indonesia, France, Brazil, and Israel. The compromised data ranges from personal user information and credit card details to sensitive patient records, classified military components, and large customer databases. Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to banking systems, corporate networks (including RDWeb access to Canadian and UK firms), and even government and military infrastructure like the Royal Thai Air Force and Madrid’s irrigation system. The sale of malware, including penetration testing tools and DDoS tools, further underscores the availability of offensive capabilities in the cyber underground. The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.