[September-3-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Alleged defacement of Lang Suan Vocational College
  1. Alleged data leak of an unidentified university in India
  1. Alleged data breach of Pibulsongkram Rajabhat University
  1. Alleged data sale of the Department of Pensions
  1. Alleged Sale of 237K Corporate MailPass Combo List
  1. Alleged leak of admin access to the Regional Directorate of Transport and Communications of La Libertad
  • Category: Initial Access
  • Content: Group claims to have leaked administrative credentials to the Regional Directorate of Transport and Communications of La Libertad
  • Date: 2025-09-03T13:14:36Z
  • Network: telegram
  • Published URL: (https://t.me/DefacePeru/1464)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/0e29f8e6-911c-4739-9d0e-ece1d69dfaf3.png
  • Threat Actors: Deface Peru
  • Victim Country: Peru
  • Victim Industry: Transportation & Logistics
  • Victim Organization: regional directorate of transport and communications of la libertad
  • Victim Site: grtclalibertad.gob.pe
  1. Alleged data sale of GoPulse
  1. Alleged defacement of Diskal Group
  1. Alleged sale of access to unidentified U.S.-based law firm
  1. Meduza Cyber Force claims to target Ministry of Education, Research, Youth and Sports of Romania
  1. Meduza Cyber Force claims to target Ministry of Education, Romania
  1. Alleged data leak of unidentified organisation in Thailand
  1. Alleged data leak of unidentified organisation in Thailand
  1. Alleged Sale of Data and System Access from Pakistan Embassy in Turkey
  • Category: Data Breach
  • Content: The threat actor claims to be selling 4.5 GB of data from the Pakistan Embassy in Istanbul, Turkey and allegedly offering system access, browser passwords, and VPN access. The VPN access is said to allow entry into NADRA HQ systems in Pakistan for internal documents.
  • Date: 2025-09-03T10:20:21Z
  • Network: openweb
  • Published URL: https://forum.exploit.in/topic/265497/
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/93b22888-e84a-40b1-b9b7-3a2e9a14ed18.png
  • Threat Actors: xuii
  • Victim Country: Pakistan
  • Victim Industry: Government Administration
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data leak of unidentified organization in Thailand
  1. Alleged unauthorized access to refrigeration control system in Ukraine
  1. Alleged data leak of unidentified Network system in Thailand
  1. Alleged unauthorized access to unidentified microclimate in poultry houses system in Italy
  • Category: Initial Access
  • Content: The group claims to have gained unauthorized access to an unidentified microclimate in poultry houses system in Italy. The compromised system allegedly supports ventilation, temperature, cooling and heating, as well as lighting, air quality, and the condition of the flock.
  • Date: 2025-09-03T08:09:35Z
  • Network: telegram
  • Published URL: (https://t.me/n2LP_wVf79c2YzM0/1344)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/1eba88ed-502e-43a6-a88f-a6d8a4745ec0.JPG
  • Threat Actors: Infrastructure Destruction Squad
  • Victim Country: Italy
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged Data Leak of Ribalovers
  1. Alleged data leak of Ozar
  1. Alleged data leak of Ukrainian Association of Travel Agencies (UATA)
  1. Alleged data sale of Domcor Health Safety & Security
  1. Alleged data leak of GoldShield
  1. Alleged data sale of University of Southeastern Philippines (USEP)
  1. NTSEC targets the website of Phuket Destination Co.,Ltd.
  1. Alleged data breach of Risen Energy
  1. Alleged data sale of Indonesian Army soliders
  1. Alleged unathorized access to Department of Health – Philippines (EDPMS)
  1. Alleged data sale of MBDA
  1. Alleged sale of RDWeb access to an unidentified Singapore company
  1. Alleged data breach of Prep Hoops
  1. Alleged sale of 2 JP SMTPS
  1. Alleged Leak of Iranian Cloud Hosting Provider Database
  • Category: Data Breach
  • Content: The threat actor claims to be selling data from Iranian cloud hosting provider has allegedly been leaked, containing 1,300 personal records including names, emails, passwords, phone numbers, addresses, and tax IDs (TR, DE, AE). The breach also includes 1,200 decrypted CMS passwords, credentials for 245 servers, admin and database logins for over 1,200 CMS installations (e.g., WordPress, Joomla), 170 API tokens, 3,500 OAuth tokens for services like Google and cPanel, and backend source code with API keys and AES-encrypted configuration files.
  • Date: 2025-09-03T04:13:22Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Ultimate-Iranian-Hosting-Breach-Original-Unpublished)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/25eda729-7c99-4fc5-9c21-9103d525d4f1.png
  • Threat Actors: Gratinoski
  • Victim Country: Iran
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged sale of 328 KYC documents from multiple countries
  1. Alleged Data Breach of City Water Purifier
  1. Alleged data breach of LeaseHawk
  1. Alleged sale of access to Funghi Energia & Salute Srl
  1. Alleged data leak of 350K U.S. businesses records
  1. Alleged Data Leak of JPMorgan
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 500,000 September JPMorgan shareholder stock investment transactions in Thailand. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T02:42:09Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6926)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/94b9f552-55e8-4533-b192-9d4927f74379.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: Thailand
  • Victim Industry: Banking & Mortgage
  • Victim Organization: jpmorgan
  • Victim Site: jpmorgan.com
  1. Alleged Data Leak of Zerodha
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 670,000 September India Zerodha Securities stock investors’ trading accounts. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T02:33:02Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6925)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/8721993a-aeaa-4a54-91e7-6be52fc1d4df.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: India
  • Victim Industry: Investment Management, Hedge Fund & Private Equity
  • Victim Organization: zerodha
  • Victim Site: zerodha.com
  1. Alleged Data Leak of Porto Seguro
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of Brazil’s Porto Seguro Group (Porto) Insurance Company, the third largest insurer in the country, affecting customers across auto, home, health, life, and commercial insurance services NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T02:18:27Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6924)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/e45f1ec4-a348-45c1-8f5f-ef8aeea7bbe6.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: Brazil
  • Victim Industry: Insurance
  • Victim Organization: porto seguro
  • Victim Site: portoseguro.com.br
  1. Alleged Data Leak of Unidentified Online Gambling Slot Thailand
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 490,000 September Thailand online gambling slot machine players, including account balances. NB : Authenticity of claim is yet to be verified.
  • Date: 2025-09-03T02:13:45Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6928)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/6bf37072-5bc5-4a2f-8df7-e1be74e7180f.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: Thailand
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged Data Leak of State Bank of India
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 590,000 September India SBI (State Bank of India) personal and business loan customers, with associated loan amounts. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T02:07:47Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6929)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/80534930-257e-45b8-814f-94861a843a39.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: India
  • Victim Industry: Banking & Mortgage
  • Victim Organization: state bank of india
  • Victim Site: onlinesbi.sbi
  1. Alleged Data Leak of Silicon Valley Bank
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 560,000 September US Silicon Valley Bank large fund client cash management accounts. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T02:01:07Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6930)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/7a902501-aec0-4aa7-82e9-ab24a4decebd.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: USA
  • Victim Industry: Banking & Mortgage
  • Victim Organization: silicon valley bank
  • Victim Site: svb.com
  1. Alleged Data Leak of LPL Private Wealth Management
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 800,000 September LPL Financial private wealth advisory and custody investment clients over the age of 40. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T01:56:40Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6931)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/45141178-05c7-4694-9b33-300e5b6eefe6.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: USA
  • Victim Industry: Insurance
  • Victim Organization: lpl private wealth management
  • Victim Site: lpl.com
  1. Alleged Data Leak of Goldman Sachs Bank
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 760,000 September Goldman Sachs Bank Group (Goldman Sachs) investment account holders, with August fund transfers ranging from 100,000 to 500,000 USD. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T01:48:54Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6932)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/5b72c568-26ca-46d2-904b-e05609219ce8.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: USA
  • Victim Industry: Banking & Mortgage
  • Victim Organization: goldman sachs bank
  • Victim Site: goldmansachs.com
  1. Alleged Data Leak of Banco Galicia
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of Argentina BANCO GALICIA categorized premium accounts of september. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T01:37:32Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6934)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/ed27a9e8-6b43-4a26-a4cc-0e86ad4a8b4b.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: Argentina
  • Victim Industry: Banking & Mortgage
  • Victim Organization: banco galicia
  • Victim Site: galicia.ar
  1. Alleged Data Leak of Unidentified bank
  • Category: Data Breach
  • Content: Threat actor claims to leak a database of 780,000 (male) september US Fidelity Investments annuities, IRA, wealth management accounts. NB : Authenticity of claim is yet to be verified
  • Date: 2025-09-03T01:30:48Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6935)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/3661ac98-2341-4e51-80b6-02319091b44f.png
  • Threat Actors: Ai Qian Jin » Global Real-Time Data Channel
  • Victim Country: USA
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged leak of USA personal data
  1. Alleged Data Breach of In22 Labs
  • Category: Data Breach
  • Content: Threat actor claims to share three GoFile links allegedly containing compromised data from in22labs.com: one file with emails, phone numbers, and names, another with emails and phone numbers, and a third containing information related to projects.
  • Date: 2025-09-03T00:43:00Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-in22labs-com)
  • Screenshots: https://d34iuop8pidsy8.cloudfront.net/c6a3ac85-d966-4d2e-a739-97a01b1a25bb.png
  • Threat Actors: kanie2903
  • Victim Country: India
  • Victim Industry: Information Technology (IT) Services
  • Victim Organization: in22 labs
  • Victim Site: in22labs.com
  1. Alleged data breach of KashmirPort
  1. Alleged Data Leak of USA Marketing Database

Conclusion The incidents detailed in this report highlight a diverse and active landscape of cyber threats. Data breaches and leaks are prominent, affecting various sectors from education and leisure & travel to financial services and government administration, and impacting countries including Thailand, India, Sri Lanka, Peru, Iceland, Israel, Russia, Ukraine, Canada, Philippines, China, Indonesia, UK, Singapore, Italy, Brazil, Argentina, and USA. The compromised data ranges from personal user information and sensitive employee and customer records to administrative credentials and classified military documents.

Beyond data compromise, the report also reveals significant activity in initial access sales, with threat actors offering unauthorized access to government systems, corporate networks, and other industrial infrastructure. The sale of malware and combo lists further underscores the availability of offensive capabilities in the cyber underground.

The incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents emphasizes the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts