[September-5-2025] Daily Cybersecurity Threat Report

Posted on

This report details a series of recent cyber incidents, providing key information for each event, including published URLs and associated screenshots, strictly based on the provided data.

  1. Deface peru claims to target Dirección Nacional de Inteligencia DINI
  1. Alleged data sale of Canadian citizens
  • Category: Data Breach
  • Content: The threat actor claims to be selling identity information of 13 million Canadian citizens, including highly detailed personal and demographic data such as first and last names, street addresses, city, province, postal code, phone numbers, income, age, sex, home ownership, language, family status, education, job type, age of children, household size, dwelling age, and dwelling type.
  • Date: 2025-09-05T13:30:15Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-DATABASE-CANADA-13million-Data)
  • Screenshots:
  • Threat Actors: badberake
  • Victim Country: Canada
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data leak of Crédit Mutuel
  1. Alleged data leak of Movistar Perú
  • Category: Data Breach
  • Content: The group claims to be selling 22 million records of customer data from Movistar. The compromise data reportedly includes DOC, DNI, customer information, service type, DCS, mobile numbers, plan details, and account status.
  • Date: 2025-09-05T12:50:47Z
  • Network: telegram
  • Published URL: (https://t.me/c/2976044031/1959)
  • Screenshots:
  • Threat Actors: Scattered Lapsus$
  • Victim Country: Peru
  • Victim Industry: Network & Telecommunications
  • Victim Organization: movistar perú
  • Victim Site: movistar.pe
  1. Alleged data leak of Balaroti
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a 1.6 GB database from Balaroti. The leaked data allegedly includes customer records with personal information such as IDs, full names, birth dates, emails, addresses (including neighborhood, city, state, postal code, street type and number), primary and secondary phone numbers, gender, and customer type.
  • Date: 2025-09-05T12:27:18Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-Balaroti-database)
  • Screenshots:
  • Threat Actors: iwakura
  • Victim Country: Brazil
  • Victim Industry: Building and construction
  • Victim Organization: balaroti
  • Victim Site: balaroti.com.br
  1. Alleged data leak of CertEurope
  • Category: Data Breach
  • Content: The threat actor claims to have leaked a database from CertEurope, allegedly containing an archive of tools and drivers for secure USB keys and smart cards, digital certificates linked to CertEurope and Certigreffe, electronic signature software such as SafeSign, PKI installation files, and legal documentation intended for lawyers and legal institutions.
  • Date: 2025-09-05T12:20:08Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-leak-CertEurope-Data)
  • Screenshots:
  • Threat Actors: mecrobyte
  • Victim Country: France
  • Victim Industry: Information Technology (IT) Services
  • Victim Organization: certeurope
  • Victim Site: certeurope.fr
  1. Alleged data sale of AT&T Intellectual Property
  1. Alleged data sale of AT&T
  1. Alleged data leak of SMA Negeri 1 Ampana
  1. Alleged unauthorized access to NCC Alumni Association
  1. Alleged data leak of Sniitch
  1. TEAM BD CYBER NINJA OFFICIAL targets the website of INDILEARN
  1. TEAM BD CYBER NINJA OFFICIAL targets the website of Ministry of Tourism of the Republic of Indonesia
  1. Alleged data leak of Department of Budget and Management, Philippines
  1. Alleged data leak of Marikina Polytechnic College
  1. Alleged unauthorized access to Gobierno regional cusco
  1. Alleged unauthorized access to KACICE System in Poland
  1. Alleged Data Leak of Chinese Government Documents
  1. AL-MUJAHIDEEN FORCE 313 claims to target Multiple countries
  1. Alleged gain access to Ministry of Labor and Employment Promotion of Peru
  1. Alleged Data Leak of Pakistan Database
  1. Alleged Data Breach of Prosys Ingeniería SpA
  1. Alleged data breach of NFT Arts 4U
  1. Alleged data leak of High-Quality Forex recovery leads from multiple countries
  1. Alleged Data Breach of Pahal Agri India Private Limited
  1. Alleged data leak of unidentified server in Japan
  1. Alleged data breach of Hikar Global
  1. Alleged Data Breach of Get Yourself Optimized
  1. Alleged Data Breach of Global Hospital
  1. Alleged sale of MMORPG Game Source Code
  • Category: Data Breach
  • Content: A threat actor is allegedly offering for sale the full source code of an MMORPG game. The package reportedly includes core systems for real-time multiplayer functionality, including character creation, combat (PvE/PvP), inventory management, quest progression, and in-game trading. It features a server/client architecture with database integration for persistent accounts, characters, and items.
  • Date: 2025-09-05T02:44:51Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/265610/)
  • Screenshots:
  • Threat Actors: IncredAustin
  • Victim Country: Unknown
  • Victim Industry: Gaming
  • Victim Organization: Unknown
  • Victim Site: Unknown
  1. Alleged data breach of British Society of Clinical Hypnosis
  1. Alleged Data Breach of BAPS Bal Mandal
  1. Alleged data breach of Srashtasoft
  1. Alleged data leak of Intelligence Directorate-National Police of Peru
  • Category: Data Breach
  • Content: Alleged data leak from the Intelligence Directorate of the National Police of Peru. The leaked data includes all DIRIN systems, including agents’ details, CIP numbers, positions, headquarters records, entries, exits, databases, and thousands of classified documents along with credentials, official letters, reports, circulars, and internal communications. NB : The authenticity of claim is yet to be verified.
  • Date: 2025-09-05T00:59:23Z
  • Network: telegram
  • Published URL: (https://t.me/DefacePeru/1523)
  • Screenshots:
  • Threat Actors: Deface Peru
  • Victim Country: Peru
  • Victim Industry: Government Administration
  • Victim Organization: intelligence directorate-national police of peru
  • Victim Site: Unknown
  1. Intelligence Directorate-National Police of Peru
  • Category: Data Breach
  • Content: Alleged data leak from the Intelligence Directorate of the National Police of Peru. The leaked data includes all DIRIN systems, including agents’ details, CIP numbers, positions, headquarters records, entries, exits, databases, and thousands of classified documents along with credentials, official letters, reports, circulars, and internal communications.
  • Date: 2025-09-05T00:48:20Z
  • Network: telegram
  • Published URL: (https://t.me/DefacePeru/1523)
  • Screenshots:
  • Threat Actors: Deface Peru
  • Victim Country: Peru
  • Victim Industry: Government Administration
  • Victim Organization: intelligence directorate-national police of peru
  • Victim Site: Unknown

A recent analysis of cyber incidents has highlighted a diverse and active landscape of threats. Data breaches and leaks are prominent, affecting various sectors from education, gaming, healthcare, and automotive, and impacting countries including Bangladesh, Mexico, Malaysia, India, Indonesia, France, Brazil, and Israel. The compromised data ranges from personal user information and credit card details to sensitive patient records, classified military components, and large customer databases.

In addition to data compromise, the report also shows significant activity in initial access sales. Threat actors are offering unauthorized access to banking systems, corporate networks (including RDWeb access to Canadian and UK firms), and even government and military infrastructure like the Royal Thai Air Force and Madrid’s irrigation system. The sale of malware, including penetration testing tools and DDoS tools, further emphasizes the availability of offensive capabilities in the cyber underground.

These incidents collectively demonstrate that organizations across various industries and geographies face persistent threats from data exfiltration, unauthorized network access, and the proliferation of malicious tools. The nature of these incidents underscores the critical importance of robust cybersecurity measures, including strong access controls, data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a wide array of sophisticated and opportunistic attacks.

Related Posts