ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb in December W1
2025.12.10

☑️ Weekly Darkweb – December Week 1, 2025



🔍 Taiwanese Electronics Company 'A' Data Breach by Everest Ransomware Gang


• On December 2, it was confirmed that the Taiwanese global electronics company 'A' had been listed on the leak site of the Everest ransomware gang.


• Everest ransomware gang claimed to have obtained 1TB of data related to company A, including source code, memory, AI models, and cameras. They posted seven sample data, including images containing file tree structure.


• The ransomware gang further stated that the leaked data also contained data on U.S. software company 'A' and semiconductor company 'Q'. As data breaches can impact not only the targeted company but also its connected third-party companies, heightened caution is advised.



🔍 Taiwanese Facility Climate Control System Alleged Hack Detected on Telegram


• On December 1st, a message claiming to have breached an environmental monitoring and climate control system of a Taiwanese facility was posted on the Telegram channel '🇨🇳Infrastructure Destruction Squad 🇰🇵.’


• The channel operator claimed that the remote-control (VNC) server linked to the system was exposed to the CVE-2006-2450 vulnerability and exploited for a Man-in-the-Middle attack.


✓ CVE-2006-2450: A buffer overflow vulnerability discovered in 2006 that forces a program to accept more data than its memory space, enabling arbitrary code execution. According to the attacker, the facility was operating an outdated remote-control server.


• The author did not disclose the facility name, posting only the IP address and a 40-second video as evidence of the attack.



🔍 Sensitive Data of U.S. Aerospace Component Company ‘S’ for Sale on Dark Web


• On November 19th, a post selling 53GB of sensitive data from U.S. aerospace parts company ‘S’ to a single buyer was detected on the Russian hacking forum ‘Exploit’. (USD 75,000)


• Forum user ‘zestix’ claimed to have obtained information on S and its clients, including technical drawings, 3D design files and the complete bill of materials of U.S. aircraft manufacturer ‘B’. The user emphasized the importance of the data, stating that it is subject to export controls by the U.S. Department of State and the Department of Commerce.


• The seller released three sample images, including two documents believed to be technical drawings from US aerospace company 'A’.


→ In the same month, the user also uploaded a post offering 77GB of sensitive data belonging to European airline ‘I’ which was allegedly stolen from internal servers. (USD 150,000)

 


👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_20251207_EN.pdf
Threat Intelligence Reports
Detailed Analysis of Recent Vulnerability Trends and Attack Patterns
2025.12.09
Previous
Threat Intelligence Reports
Docker Compose Vulnerability Analysis: CVE-2025-62725
2025.12.16
Next
List