Hackmanac
@hackmanac.com
We track verified, real-world cyber attacks to help you develop effective Cybersecurity strategies. Try HackRisk.io, your Strategic Threat Intelligence platform.
🌐 hackmanac.com
🌐 hackrisk.io
🌐 hackmanac.com
🌐 hackrisk.io
🚨🚨Cyber Update ‼️
🇪🇸Spain - Iberia
Everest hacking group is now demanding $6,000,000 from Iberia to prevent the data from being leaked.
Sector: Transportation / Storage
Threat class: Cybercrime
Status: Pending verification
🇪🇸Spain - Iberia
Everest hacking group is now demanding $6,000,000 from Iberia to prevent the data from being leaked.
Sector: Transportation / Storage
Threat class: Cybercrime
Status: Pending verification
November 26, 2025 at 5:47 PM
🚨🚨Cyber Update ‼️
🇪🇸Spain - Iberia
Everest hacking group is now demanding $6,000,000 from Iberia to prevent the data from being leaked.
Sector: Transportation / Storage
Threat class: Cybercrime
Status: Pending verification
🇪🇸Spain - Iberia
Everest hacking group is now demanding $6,000,000 from Iberia to prevent the data from being leaked.
Sector: Transportation / Storage
Threat class: Cybercrime
Status: Pending verification
🚨Cyber Alert‼️
80,000+ Files Leaked via Code Tools Expose 5GB of Credentials from Critical Infrastructure, Government, Finance, and More
Sensitive credentials and personal data have been leaking for years through online code formatting tools JSONFormatter and CodeBeautify.
80,000+ Files Leaked via Code Tools Expose 5GB of Credentials from Critical Infrastructure, Government, Finance, and More
Sensitive credentials and personal data have been leaking for years through online code formatting tools JSONFormatter and CodeBeautify.
November 26, 2025 at 10:02 AM
🚨Cyber Alert‼️
80,000+ Files Leaked via Code Tools Expose 5GB of Credentials from Critical Infrastructure, Government, Finance, and More
Sensitive credentials and personal data have been leaking for years through online code formatting tools JSONFormatter and CodeBeautify.
80,000+ Files Leaked via Code Tools Expose 5GB of Credentials from Critical Infrastructure, Government, Finance, and More
Sensitive credentials and personal data have been leaking for years through online code formatting tools JSONFormatter and CodeBeautify.
🚨🚨Cyberattack Alert ‼️
🇪🇸Spain - Iberia
Everest claims to have breached Iberia and stolen 596 GB of data, including 430 GB of .eml files with more than 5 million records.
🇪🇸Spain - Iberia
Everest claims to have breached Iberia and stolen 596 GB of data, including 430 GB of .eml files with more than 5 million records.
November 25, 2025 at 6:00 PM
🚨🚨Cyberattack Alert ‼️
🇪🇸Spain - Iberia
Everest claims to have breached Iberia and stolen 596 GB of data, including 430 GB of .eml files with more than 5 million records.
🇪🇸Spain - Iberia
Everest claims to have breached Iberia and stolen 596 GB of data, including 430 GB of .eml files with more than 5 million records.
🚨Cyberattack Alert ‼️
🇪🇸Spain - Marlex
Rhysida hacking group claims to have breached Marlex.
Ransom demand: 15 BTC (approx. $1,300,000)
Sector: Other Services
Threat class: Cybercrime
Observed: Nov 25, 2025
Status: Pending verification
🇪🇸Spain - Marlex
Rhysida hacking group claims to have breached Marlex.
Ransom demand: 15 BTC (approx. $1,300,000)
Sector: Other Services
Threat class: Cybercrime
Observed: Nov 25, 2025
Status: Pending verification
November 25, 2025 at 1:51 PM
🚨Cyberattack Alert ‼️
🇪🇸Spain - Marlex
Rhysida hacking group claims to have breached Marlex.
Ransom demand: 15 BTC (approx. $1,300,000)
Sector: Other Services
Threat class: Cybercrime
Observed: Nov 25, 2025
Status: Pending verification
🇪🇸Spain - Marlex
Rhysida hacking group claims to have breached Marlex.
Ransom demand: 15 BTC (approx. $1,300,000)
Sector: Other Services
Threat class: Cybercrime
Observed: Nov 25, 2025
Status: Pending verification
🚨Cyberattack Alert‼️
🇪🇸Spain - Fundación de la Universidad Autónoma de Madrid (FUAM)
The Fundación de la Universidad Autónoma de Madrid (FUAM) has disclosed a cyberattack that may have exposed user data.
🇪🇸Spain - Fundación de la Universidad Autónoma de Madrid (FUAM)
The Fundación de la Universidad Autónoma de Madrid (FUAM) has disclosed a cyberattack that may have exposed user data.
November 25, 2025 at 8:50 AM
🚨Cyberattack Alert‼️
🇪🇸Spain - Fundación de la Universidad Autónoma de Madrid (FUAM)
The Fundación de la Universidad Autónoma de Madrid (FUAM) has disclosed a cyberattack that may have exposed user data.
🇪🇸Spain - Fundación de la Universidad Autónoma de Madrid (FUAM)
The Fundación de la Universidad Autónoma de Madrid (FUAM) has disclosed a cyberattack that may have exposed user data.
🚨Cyberattack Alert ‼️
🇨🇦🇸🇪- NovAtel (Hexagon)
Qilin hacking group claims to have breached NovAtel.
Allegedly, the attackers exfiltrated 35 TB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 24, 2025
Status: Pending verification
🇨🇦🇸🇪- NovAtel (Hexagon)
Qilin hacking group claims to have breached NovAtel.
Allegedly, the attackers exfiltrated 35 TB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 24, 2025
Status: Pending verification
November 25, 2025 at 6:07 AM
🚨Cyberattack Alert ‼️
🇨🇦🇸🇪- NovAtel (Hexagon)
Qilin hacking group claims to have breached NovAtel.
Allegedly, the attackers exfiltrated 35 TB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 24, 2025
Status: Pending verification
🇨🇦🇸🇪- NovAtel (Hexagon)
Qilin hacking group claims to have breached NovAtel.
Allegedly, the attackers exfiltrated 35 TB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 24, 2025
Status: Pending verification
🚨Cyberattack Alert ‼️
🇪🇸Spain - Travel Club (Air Miles España, S.A.)
Everest hacking group claims to have breached Travel Club (Air Miles España, S.A.).
🇪🇸Spain - Travel Club (Air Miles España, S.A.)
Everest hacking group claims to have breached Travel Club (Air Miles España, S.A.).
November 25, 2025 at 5:35 AM
🚨Cyberattack Alert ‼️
🇪🇸Spain - Travel Club (Air Miles España, S.A.)
Everest hacking group claims to have breached Travel Club (Air Miles España, S.A.).
🇪🇸Spain - Travel Club (Air Miles España, S.A.)
Everest hacking group claims to have breached Travel Club (Air Miles España, S.A.).
🚨Cyberattack Alert ‼️
🇧🇷Brazil - Universidade Municipal de São Caetano do Sul (USCS)
Medusa hacking group claims to have breached Universidade Municipal de São Caetano do Sul (USCS).
The attackers demanded a $250,000 ransom.
🇧🇷Brazil - Universidade Municipal de São Caetano do Sul (USCS)
Medusa hacking group claims to have breached Universidade Municipal de São Caetano do Sul (USCS).
The attackers demanded a $250,000 ransom.
November 25, 2025 at 5:27 AM
🚨Cyberattack Alert ‼️
🇧🇷Brazil - Universidade Municipal de São Caetano do Sul (USCS)
Medusa hacking group claims to have breached Universidade Municipal de São Caetano do Sul (USCS).
The attackers demanded a $250,000 ransom.
🇧🇷Brazil - Universidade Municipal de São Caetano do Sul (USCS)
Medusa hacking group claims to have breached Universidade Municipal de São Caetano do Sul (USCS).
The attackers demanded a $250,000 ransom.
🚨Cyberattack Alert ‼️
🇷🇴Romania - National Institute of Materials Physics (NIMP)
Nova hacking group claims to have breached National Institute of Materials Physics (NIMP).
Allegedly, the attackers exfiltrated 700 GB of data.
🇷🇴Romania - National Institute of Materials Physics (NIMP)
Nova hacking group claims to have breached National Institute of Materials Physics (NIMP).
Allegedly, the attackers exfiltrated 700 GB of data.
November 24, 2025 at 11:26 AM
🚨Cyberattack Alert ‼️
🇷🇴Romania - National Institute of Materials Physics (NIMP)
Nova hacking group claims to have breached National Institute of Materials Physics (NIMP).
Allegedly, the attackers exfiltrated 700 GB of data.
🇷🇴Romania - National Institute of Materials Physics (NIMP)
Nova hacking group claims to have breached National Institute of Materials Physics (NIMP).
Allegedly, the attackers exfiltrated 700 GB of data.
🚨🚨Attackers are exploiting the critical WSUS flaw CVE-2025-59287 to gain SYSTEM-level remote code execution and deploy ShadowPad, a modular backdoor linked to Chinese state-sponsored actors.
Source: thehackernews.com/2025/11/shad...
Source: thehackernews.com/2025/11/shad...
November 24, 2025 at 11:24 AM
🚨🚨Attackers are exploiting the critical WSUS flaw CVE-2025-59287 to gain SYSTEM-level remote code execution and deploy ShadowPad, a modular backdoor linked to Chinese state-sponsored actors.
Source: thehackernews.com/2025/11/shad...
Source: thehackernews.com/2025/11/shad...
🚨Hackers are now phishing directly through browser notifications
Source: thehackernews.com/2025/11/matr...
Source: thehackernews.com/2025/11/matr...
November 24, 2025 at 11:18 AM
🚨Hackers are now phishing directly through browser notifications
Source: thehackernews.com/2025/11/matr...
Source: thehackernews.com/2025/11/matr...
🚨Cyber Alert‼️
🇺🇸USA - JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack
SitusAMC suffered a cyberattack on November 12, 2025, exposing accounting documents and legal contracts tied to major clients, including JPMorgan Chase, Citi, and Morgan Stanley.
🇺🇸USA - JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack
SitusAMC suffered a cyberattack on November 12, 2025, exposing accounting documents and legal contracts tied to major clients, including JPMorgan Chase, Citi, and Morgan Stanley.
November 23, 2025 at 12:47 PM
🚨Cyber Alert‼️
🇺🇸USA - JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack
SitusAMC suffered a cyberattack on November 12, 2025, exposing accounting documents and legal contracts tied to major clients, including JPMorgan Chase, Citi, and Morgan Stanley.
🇺🇸USA - JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack
SitusAMC suffered a cyberattack on November 12, 2025, exposing accounting documents and legal contracts tied to major clients, including JPMorgan Chase, Citi, and Morgan Stanley.
🚨🚨Cyberattack Alert ‼️
🇧🇷Brazil - C&M Software
DragonForce hacking group claims to have breached C&M Software.
Allegedly, the attackers exfiltrated 393.9 GB of data.
Ransom deadline: 29th November, 2025
🇧🇷Brazil - C&M Software
DragonForce hacking group claims to have breached C&M Software.
Allegedly, the attackers exfiltrated 393.9 GB of data.
Ransom deadline: 29th November, 2025
November 22, 2025 at 12:16 PM
🚨🚨Cyberattack Alert ‼️
🇧🇷Brazil - C&M Software
DragonForce hacking group claims to have breached C&M Software.
Allegedly, the attackers exfiltrated 393.9 GB of data.
Ransom deadline: 29th November, 2025
🇧🇷Brazil - C&M Software
DragonForce hacking group claims to have breached C&M Software.
Allegedly, the attackers exfiltrated 393.9 GB of data.
Ransom deadline: 29th November, 2025
🚨Cyberattack Alert ‼️
🇦🇪UAE - Pan Emirates
DragonForce hacking group claims to have breached Pan Emirates.
Allegedly, the attackers exfiltrated 16.0 GB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🇦🇪UAE - Pan Emirates
DragonForce hacking group claims to have breached Pan Emirates.
Allegedly, the attackers exfiltrated 16.0 GB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
November 21, 2025 at 11:31 AM
🚨Cyberattack Alert ‼️
🇦🇪UAE - Pan Emirates
DragonForce hacking group claims to have breached Pan Emirates.
Allegedly, the attackers exfiltrated 16.0 GB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🇦🇪UAE - Pan Emirates
DragonForce hacking group claims to have breached Pan Emirates.
Allegedly, the attackers exfiltrated 16.0 GB of data.
Sector: Manufacturing
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🚨Cyberattack Alert ‼️
🇦🇪UAE - Du
DragonForce hacking group claims to have breached Du.
Allegedly, the attackers exfiltrated 44.3 GB of data.
Ransom deadline: 21st November 2025
Sector: Telco
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🇦🇪UAE - Du
DragonForce hacking group claims to have breached Du.
Allegedly, the attackers exfiltrated 44.3 GB of data.
Ransom deadline: 21st November 2025
Sector: Telco
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
November 21, 2025 at 11:23 AM
🚨Cyberattack Alert ‼️
🇦🇪UAE - Du
DragonForce hacking group claims to have breached Du.
Allegedly, the attackers exfiltrated 44.3 GB of data.
Ransom deadline: 21st November 2025
Sector: Telco
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🇦🇪UAE - Du
DragonForce hacking group claims to have breached Du.
Allegedly, the attackers exfiltrated 44.3 GB of data.
Ransom deadline: 21st November 2025
Sector: Telco
Threat class: Cybercrime
Observed: Nov 21, 2025
Status: Pending verification
🚨 Mid November #RiskFriday! 🚀
👉 Here are our insights of the week based on our proprietary ESIX© (Estimated Severity Index). We use this metric to measure the operational, financial (direct and indirect), technical, and reputational impact of cyber attacks.
1/5
👉 Here are our insights of the week based on our proprietary ESIX© (Estimated Severity Index). We use this metric to measure the operational, financial (direct and indirect), technical, and reputational impact of cyber attacks.
1/5
November 21, 2025 at 11:12 AM
🚨 Mid November #RiskFriday! 🚀
👉 Here are our insights of the week based on our proprietary ESIX© (Estimated Severity Index). We use this metric to measure the operational, financial (direct and indirect), technical, and reputational impact of cyber attacks.
1/5
👉 Here are our insights of the week based on our proprietary ESIX© (Estimated Severity Index). We use this metric to measure the operational, financial (direct and indirect), technical, and reputational impact of cyber attacks.
1/5
- May 2022: Cardiff University researchers create a new method to neutralize cyberattacks in under one second
- November 2025: The number of cyberattacks has increased by approximately 535%
What went wrong?
Hackrisk.io
- November 2025: The number of cyberattacks has increased by approximately 535%
What went wrong?
Hackrisk.io
November 21, 2025 at 10:41 AM
- May 2022: Cardiff University researchers create a new method to neutralize cyberattacks in under one second
- November 2025: The number of cyberattacks has increased by approximately 535%
What went wrong?
Hackrisk.io
- November 2025: The number of cyberattacks has increased by approximately 535%
What went wrong?
Hackrisk.io
🚨FBI reports that a former IT contractor from Columbus, Ohio, pleaded guilty after hacking his ex-employer in retaliation.
He used stolen credentials, reset about 2,500 passwords, locked staff out nationwide, tried to erase logs, and caused more than $862,000 in damages.
He used stolen credentials, reset about 2,500 passwords, locked staff out nationwide, tried to erase logs, and caused more than $862,000 in damages.
November 21, 2025 at 10:14 AM
🚨FBI reports that a former IT contractor from Columbus, Ohio, pleaded guilty after hacking his ex-employer in retaliation.
He used stolen credentials, reset about 2,500 passwords, locked staff out nationwide, tried to erase logs, and caused more than $862,000 in damages.
He used stolen credentials, reset about 2,500 passwords, locked staff out nationwide, tried to erase logs, and caused more than $862,000 in damages.
🚨Cyberattack Update‼️
🇵🇪Peru - Superintendencia Nacional de Fiscalización Laboral (Sunafil)
BlackShrantac hacking group claims responsibility for the cyber attack at Superintendencia Nacional de Fiscalización Laboral (Sunafil).
🇵🇪Peru - Superintendencia Nacional de Fiscalización Laboral (Sunafil)
BlackShrantac hacking group claims responsibility for the cyber attack at Superintendencia Nacional de Fiscalización Laboral (Sunafil).
November 21, 2025 at 9:25 AM
🚨Cyberattack Update‼️
🇵🇪Peru - Superintendencia Nacional de Fiscalización Laboral (Sunafil)
BlackShrantac hacking group claims responsibility for the cyber attack at Superintendencia Nacional de Fiscalización Laboral (Sunafil).
🇵🇪Peru - Superintendencia Nacional de Fiscalización Laboral (Sunafil)
BlackShrantac hacking group claims responsibility for the cyber attack at Superintendencia Nacional de Fiscalización Laboral (Sunafil).
🚨Cyber Alert‼️
In the past 24 hours, the Cl0p hacking group has added 29 more alleged victims to its breach campaign exploiting the Zero-day vulnerability in Oracle E-Business Suite.
Observed: Nov 20, 2025
Status: Pending verification
In the past 24 hours, the Cl0p hacking group has added 29 more alleged victims to its breach campaign exploiting the Zero-day vulnerability in Oracle E-Business Suite.
Observed: Nov 20, 2025
Status: Pending verification
November 21, 2025 at 7:54 AM
🚨Cyber Alert‼️
In the past 24 hours, the Cl0p hacking group has added 29 more alleged victims to its breach campaign exploiting the Zero-day vulnerability in Oracle E-Business Suite.
Observed: Nov 20, 2025
Status: Pending verification
In the past 24 hours, the Cl0p hacking group has added 29 more alleged victims to its breach campaign exploiting the Zero-day vulnerability in Oracle E-Business Suite.
Observed: Nov 20, 2025
Status: Pending verification
🚨Cyberattack Alert ‼️
🇮🇹Italy - Poltronesofà
Poltronesofà states that on October 27, 2025, the company was hit by a ransomware attack that encrypted its servers and made virtual machines unavailable.
🇮🇹Italy - Poltronesofà
Poltronesofà states that on October 27, 2025, the company was hit by a ransomware attack that encrypted its servers and made virtual machines unavailable.
November 21, 2025 at 7:35 AM
🚨Cyberattack Alert ‼️
🇮🇹Italy - Poltronesofà
Poltronesofà states that on October 27, 2025, the company was hit by a ransomware attack that encrypted its servers and made virtual machines unavailable.
🇮🇹Italy - Poltronesofà
Poltronesofà states that on October 27, 2025, the company was hit by a ransomware attack that encrypted its servers and made virtual machines unavailable.
🚨Cyberattack Alert ‼️
🇯🇵Japan - PATLITE CORPORATION
Sinobi hacking group claims to have breached PATLITE CORPORATION.
Allegedly, the attackers exfiltrated 410 GB of data, including contracts, customers’ data, and financial data.
🇯🇵Japan - PATLITE CORPORATION
Sinobi hacking group claims to have breached PATLITE CORPORATION.
Allegedly, the attackers exfiltrated 410 GB of data, including contracts, customers’ data, and financial data.
November 21, 2025 at 6:11 AM
🚨Cyberattack Alert ‼️
🇯🇵Japan - PATLITE CORPORATION
Sinobi hacking group claims to have breached PATLITE CORPORATION.
Allegedly, the attackers exfiltrated 410 GB of data, including contracts, customers’ data, and financial data.
🇯🇵Japan - PATLITE CORPORATION
Sinobi hacking group claims to have breached PATLITE CORPORATION.
Allegedly, the attackers exfiltrated 410 GB of data, including contracts, customers’ data, and financial data.
🚨🇧🇷Brazil - WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
It hijacks chats, sends fake messages to all your contacts, and installs a program that steals bank and crypto logins.
Source: thehackernews.com/2025/11/pyth...
It hijacks chats, sends fake messages to all your contacts, and installs a program that steals bank and crypto logins.
Source: thehackernews.com/2025/11/pyth...
November 20, 2025 at 1:45 PM
🚨🇧🇷Brazil - WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
It hijacks chats, sends fake messages to all your contacts, and installs a program that steals bank and crypto logins.
Source: thehackernews.com/2025/11/pyth...
It hijacks chats, sends fake messages to all your contacts, and installs a program that steals bank and crypto logins.
Source: thehackernews.com/2025/11/pyth...
🚨Cyber Update‼️
🇺🇸USA - Beckett
In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement.
The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly.
🇺🇸USA - Beckett
In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement.
The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly.
November 20, 2025 at 9:17 AM
🚨Cyber Update‼️
🇺🇸USA - Beckett
In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement.
The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly.
🇺🇸USA - Beckett
In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement.
The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly.
🚨Cyber Alert ‼️
🇯🇵Japan - Fake “Premium Friday” Website Exploits Expired Domain, Japan’s METI Warns of Malware and Data Theft Risks
Japan’s Ministry of Economy, Trade and Industry (METI) has issued a warning about a fake website impersonating the former official site of the “Premium Friday” campaign
🇯🇵Japan - Fake “Premium Friday” Website Exploits Expired Domain, Japan’s METI Warns of Malware and Data Theft Risks
Japan’s Ministry of Economy, Trade and Industry (METI) has issued a warning about a fake website impersonating the former official site of the “Premium Friday” campaign
November 20, 2025 at 5:18 AM
🚨Cyber Alert ‼️
🇯🇵Japan - Fake “Premium Friday” Website Exploits Expired Domain, Japan’s METI Warns of Malware and Data Theft Risks
Japan’s Ministry of Economy, Trade and Industry (METI) has issued a warning about a fake website impersonating the former official site of the “Premium Friday” campaign
🇯🇵Japan - Fake “Premium Friday” Website Exploits Expired Domain, Japan’s METI Warns of Malware and Data Theft Risks
Japan’s Ministry of Economy, Trade and Industry (METI) has issued a warning about a fake website impersonating the former official site of the “Premium Friday” campaign