🚨 The Gentlemen have claimed 3 Victims 🇵🇱 Hart 🇵🇱 Systherm Grupa 🇵🇱 Wamtechnik

🚨🇺🇸 Westlake Christian Academy and RGD Consulting Engineers has been claimed a victim to INTERLOCK Ransomware

🚨 Threat actor claims to be selling access to a USA Government / Police Portal, including multiple internal functions. 📌 United States 🇺🇸 ▪️ Type: Access Sale ▪️ Threat Actor: rockstar ▪️ Price: $800 ▪️ Samples: No Claim includes: ▪️ Search functionality ▪️ Email access ▪️ Records management ▪️ Live dispatch monitoring ▪️ Additional internal tools

🚨 Threat actor claims to have leaked a dataset allegedly belonging to EasyCash, a French retail and second-hand goods chain. 📌 France 🇫🇷 ▪️ Website: easycash.fr ▪️ Industry: Retail / Second-hand Goods ▪️ Type: Data Leak ▪️ Threat Actor: closed ▪️ Records: ~14.6M lines (notes_french.csv) + ~26,991 parsed entries Alleged data includes: ▪️ First and last names ▪️ Email addresses ▪️ Street addresses ▪️ City / postal codes ▪️ Phone numbers ▪️ Dates of birth

🚨🇸🇬 Singapore Traditional Chinese Medicine Clinic Kin Teck Tong Allegedly Suffers Data Breach Exposing 150,000 Patient Records

Singapore Traditional Chinese Medicine Clinic Kin Teck Tong Allegedly Suffers Data Breach Exposing 150,000 Patient Records

🚨 Threat actor claims to be selling a dataset allegedly belonging to futurizesistemas.com.br, a Brazil-based information technology platform. 📌 Brazil 🇧🇷 ▪️ Website: futurizesistemas.com.br ▪️ Industry: Software / Services ▪️ Type: Data Sale ▪️ Threat Actor: AgSlowly ▪️ Data size: ~1.2GB ▪️ Records: 1,024,661+ entries Alleged data includes: ▪️ Full names ▪️ CPF/CPNJ ▪️ Email addresses ▪️ Phone numbers ▪️ CEP (postal codes) Price: ▪️ $1,500 (single buyer)

🚨 Multiple Veeam CVEs Identified: Critical Flaws Allow RCE and High-Privilege Actions CVE-2025-55125: A flaw that allows a Backup or Tape Operator to achieve remote code execution (RCE) as root by crafting a malicious backup configuration file. ▪️Severity: High ▪️CVSS v3.1: 7.2 ▪️Source: Discovered during internal testing CVE-2025-59468: A vulnerability enabling a Backup Administrator to execute remote code as the postgres user by supplying a malicious password parameter. ▪️Severity: Medium ▪️CVSS v3.1: 6.7 ▪️Source: Discovered during internal testing CVE-2025-59469 A security issue that allows a Backup or Tape Operator to write arbitrary files with root privileges. ▪️Severity: High ▪️CVSS v3.1: 7.2 ▪️Source: Discovered during internal testing CVE-2025-59470 A vulnerability that permits a Backup or Tape Operator to achieve remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter. ▪️CVSS Severity: Critical ▪️CVSS v3.1: 9.0 ▪️Source: Discovered during internal testing Veeam:

Veeam Software

KB4738: Release Information for Veeam Backup & Replication 13 and Updates

Release Information for Veeam Backup & Replication 13 and Updates

Blog format:

Multiple Veeam CVEs Identified: Critical Flaws Allow RCE and High-Privilege Actions

🚨 Threat actor claims to be selling a dataset allegedly belonging to Prosura / Hiccup / Vroomvroomvroom Insurance, an Australian insurance provider. 📌 Australia 🇦🇺 ▪️ Industry: Insurance ▪️ Type: Data Sale ▪️ Threat Actor: stuckin2019 ▪️ Records: 98M+ lines ▪️ Samples: Yes Alleged data includes: ▪️ Full names ▪️ Email addresses ▪️ Phone numbers ▪️ Ages ▪️ Driver’s license details

🚨 Threat actor is auctioning root shell + Magento admin access to a UK-based Magento store, allegedly handling 100 daily orders via third-party marketplaces. 📌 United Kingdom 🇬🇧 ▪️ Platform: Magento ▪️ Type: Initial Access ▪️ Threat Actor: JustAnon69 ▪️ Samples: No Claims include: ▪️ Root shell + Magento admin access ▪️ MySQL database access via shell ▪️ Orders sourced from eBay, Amazon, Walmart ▪️ Claimed order stats (recent days): 71 • 94 • 100 • 92 • 87 • 44 • 54 • 88 ▪️ Total customers: 15,792 ▪️ Total orders: 287,648 Auction details: ▪️ Start: $800 • Step: $100 • Blitz: $1,300

Maybe the next entity we track for info stealer leaks is the different Governments in the world. 🤪