• Israel
• Handala
• Data Encrypted For Impact
• Manufacturing
• Middle East
• Asia
• Saban Brands Israel

Surveillance Firm Saban Systems Alleged Breached by Handala

On June 19, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a breach targeting Israeli surveillance technology provider Saban Systems. The group alleges to have exfiltrated 254GB of confidential data and has released over 50,000 internal documents as proof of compromise.

• Chemicals And Allied Products
• Kimia Farma
• exclusive
• South-Eastern Asia
• Manufacturing
• Asia
• Indonesia
• Sentap

Data Breach Exposes Over 1 Million Records from Indonesian Pharmacy Giant Kimia Farma

A threat actor named "sentap" is offering a 40GB dataset stolen from "Kimia Farma," Indonesia’s leading state-owned pharmacy network, on the dark forum "darkforumes.me." The leak includes over 1 million records containing detailed pharmaceutical inventory, sales transactions, discount schemes, and high-risk stock information collected between March and July 2024. Validated against Kimia Farma’s ERP system, the data reveals sensitive national-level supply chain and market insights valuable for market analysis, cyber intelligence, and social engineering. The dataset is sold for $10,000 USD in Bitcoin or Monero, with an escrow service ensuring transaction security.

• United States
• Manufacturing
• More_Eggs
• Fin6
• North America
• Linkedin

Fin6 Leverages Fake Resumes for Malware Delivery

The financially motivated threat actor Fin6 has been observed using fake resumes hosted on Amazon Web Services (AWS) to deliver the malware family known as More_Eggs. By posing as job seekers on platforms like LinkedIn and Indeed, Fin6 builds rapport with recruiters and sends phishing messages that lead to malware downloads. More_Eggs, developed by another cybercrime group called Golden Chickens, is a JavaScript-based backdoor capable of credential theft and system access. Fin6 has a history of targeting e-commerce sites to steal payment card data and has been operational since 2012.

• United States
• Manufacturing
• Purehvnc
• North America
• Facebook

Malware Campaign Exploiting Kling AI to Target Users

A new malware campaign has been identified that uses counterfeit Facebook pages and sponsored ads to lure users to fake websites impersonating Kling AI, an AI-powered platform. The campaign, first detected in early 2025, tricks victims into downloading a malicious file that installs a remote access trojan (RAT) on their systems, allowing attackers to steal sensitive data. The operation is linked to Vietnamese threat actors, who have been increasingly using social engineering tactics to exploit the popularity of generative AI tools. The campaign highlights the growing trend of sophisticated social media-based attacks targeting unsuspecting users.

• United States
• Bytebreaker
• Manufacturing
• North America
• Facebook

Threat Actor Claims to Have Scraped Hundreds of Millions of Facebook Records

In May 2025, a threat actor named ByteBreaker claimed to have scraped accounts from Facebook. According to the threat actor, hundreds of millions of records belonging to Facebook's users were taken, including various types of data scraped by abusing one of their APIs.