Hackmanac's Avatar

Hackmanac

@hackmanac.com.bsky.social

We track verified, real-world cyber attacks to help you develop effective Cybersecurity strategies. Try HackRisk.io, your Strategic Threat Intelligence platform. ๐ŸŒ hackmanac.com ๐ŸŒ hackrisk.io

1,154 Followers  |  105 Following  |  1,560 Posts  |  Joined: 14.11.2024  |  1.8023

Latest posts by hackmanac.com on Bluesky



The leak allegedly includes over 30,000 high-resolution scans and photos of guest identification documents, such as passports (from EU, US, and Middle Eastern countries) and Italian ID cards, in JPG, PNG, and PDF formats.

Discover more at hackrisk.io

05.08.2025 14:50 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

๐ŸšจData Breach Alertโ€ผ๏ธ

๐Ÿ‡ฎ๐Ÿ‡นItaly - Hotel Regina Isabella

A threat actor known as "mydocs" claims to be selling a fresh data dump from Hotel Regina Isabella, a luxury resort located in Ischia, Italy.

05.08.2025 14:50 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0



The leaked data was posted on a cybercrime forum and includes contact records with personal and corporate details. Exposed fields include full names, email addresses, company names and types, job roles, phone numbers, and full physical addresses.

Discover more at hackrisk.io

05.08.2025 14:43 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

๐ŸšจData Breach Alertโ€ผ๏ธ

๐Ÿ‡ฏ๐Ÿ‡ตJapan - Kawamoto Pump Mfg. Co. , Ltd.

The threat actor N1KA has claimed responsibility for leaking a database from the Japanese company Kawamoto Pump Mfg. Co. , Ltd.

05.08.2025 14:43 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Preview
Hackmanac HACK TUESDAY WEEK 30 JULY - 05 AUG 2025 HACK TUESDAY WEEK 30 JULY - 05 AUG 2025: 222 CYBERATTACKS ACROSS 35 COUNTRIES

๐ŸŸง #HackTuesday ๐ŸŸง

Hack Tuesday: Week 30 July - 05 August 2025

โš ๏ธ222 cyber attacks across 35 countries โš ๏ธ

More details:
hackmanac.com/news/hack-tu...

#Hackmanac #HT

05.08.2025 13:30 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Cisco discloses data breach impacting Cisco.com user accounts Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company representative.

๐ŸšจData Breach Alertโ€ผ๏ธ

Cisco discloses data breach impacting Cisco[. ]com user accounts
https://www.bleepingcomputer.com/news/security/cisco-discloses-data-breach-impacting-ciscocom-user-accounts/

05.08.2025 12:25 โ€” ๐Ÿ‘ 4    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

๐ŸšจSonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
https://thehackernews.com/2025/08/sonicwall-investigating-potential-ssl.html

05.08.2025 07:29 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

He added that he is willing to delete the data if the authorities identify and address the source of the leak.

Discover more at hackrisk.io

05.08.2025 05:58 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0



The actor states that the information includes sensitive records, membership details, and population card data. DigitalGhost emphasized the scale of the breach, noting that 130,000 accounts represent a significant portion of Pakistanโ€™s estimated 900,000 police personnel.

05.08.2025 05:58 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

๐ŸšจData Breach Alertโ€ผ๏ธ

๐Ÿ‡ต๐Ÿ‡ฐPakistan - Pakistani police personnel

The threat actor using the alias "DigitalGhost" has claimed possession of data belonging to 130,000 Pakistani police personnel, allegedly obtained through a security breach.

05.08.2025 05:58 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0



For Elmcrest Children's Center, the group has released samples and claims to have exfiltrated 448 GB of data, while for Weisman Children's, samples were also published and the exfiltrated data amounts to 566 GB.

Discover more at hackrisk.io

05.08.2025 05:33 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

-based nonprofit healthcare and child support organizations specializing in pediatric rehabilitation and trauma-informed residential care for vulnerable youth.

05.08.2025 05:33 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

๐ŸšจCyber Attack Alertโ€ผ๏ธ

๐Ÿ‡บ๐Ÿ‡ธUSA - Weisman Children's | Elmcrest Children's Center

Interlock ransomware group claims to have hit Weisman Children's and Elmcrest Children's Center, two U. S.

05.08.2025 05:33 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

Related threats include ToxicPanda (3,000 infections via fake Chrome updates) and DoubleTrouble, spread through Discord.

Full article:
https://thehackernews.com/2025/08/playpraetor-android-trojan-infects.html

05.08.2025 05:19 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0



Controlled by a Chinese C2, it abuses accessibility services to steal banking credentials and control devices. It's offered as a MaaS with five variants, including โ€œPhantom,โ€ used for on-device fraud on 4,500 devices.

The campaign now focuses on Spanish- and Arabic-speaking users.

05.08.2025 05:19 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

๐ŸšจCyber Alertโ€ผ๏ธ

๐Ÿ‡ช๐Ÿ‡ธ๐Ÿ‡ต๐Ÿ‡น๐Ÿ‡ซ๐Ÿ‡ท๐Ÿ‡ฒ๐Ÿ‡ฆ๐Ÿ‡ต๐Ÿ‡ช๐Ÿ‡ญ๐Ÿ‡ฐ
PlayPraetor, a new Android RAT, has infected over 11,000 devices, mainly in Portugal, Spain, France, Morocco, Peru, and Hong Kong, growing by 2,000 weekly. It's spread via fake Google Play pages pushed through Meta Ads and SMS phishing.

05.08.2025 05:19 โ€” ๐Ÿ‘ 2    ๐Ÿ” 1    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

๐ŸšจQuishing Alertโ€ผ๏ธ

๐Ÿ‡ช๐Ÿ‡ธSpain - A fake DGT fine with a QR code leading to a payment gateway is circulating, complete with a support chat

04.08.2025 14:27 โ€” ๐Ÿ‘ 5    ๐Ÿ” 4    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

๐Ÿšจ A New Linux Backdoor Named Plague Exposes Critical Linux Systems to Silent Credential Theft - Undetected by Every Antivirus.

Source:
https://thehackernews.com/2025/08/new-plague-pam-backdoor-exposes.html

04.08.2025 09:51 โ€” ๐Ÿ‘ 5    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 1
ใ€ไฝๅทๆ€ฅไพฟใ€‘๏ฝœใŠ็Ÿฅใ‚‰ใ›

The company has blocked the source IP address and will notify affected users individually.

Source:
https://www2.sagawa-exp.co.jp/information/detail/352/

04.08.2025 09:48 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

The access was likely carried out using credentials obtained through third-party sources, suggesting a credential stuffing attack.

Although no server damage or financial data leakage has been confirmed, unauthorized logins to customer accounts may have occurred.

04.08.2025 09:48 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

๐ŸšจCyber Attack Alertโ€ผ๏ธ

๐Ÿ‡ฏ๐Ÿ‡ตJapan - Sagawa Express Co. , Ltd.

Sagawa Express Co. , Ltd. reported unauthorized access to its customer portal "Smart Club" as of August 1, 2025.

04.08.2025 09:48 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0



As previously reported, SGI suffered a ransomware attack on July 14, 2025, disrupting operations and halting core services. Systems were restored after four days.

Discover more at hackrisk.io

04.08.2025 09:30 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

๐ŸšจCyber Attack Update โ€ผ๏ธ

๐Ÿ‡ฐ๐Ÿ‡ท South Korea - Seoul Guarantee Insurance (SGI)

Gunra hacking group claims responsibility for the cyberattack on Seoul Guarantee Insurance (SGI).

According to the post, the group exfiltrated a 13. 2 TB (compressed) database.

04.08.2025 09:30 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

The domain used for managing digital certificates was also reportedly left highly vulnerable.
The attacker invited others to explore further.

At the moment, we cannot confirm the claims, but an investigation never hurts.

04.08.2025 09:23 โ€” ๐Ÿ‘ 5    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

๐ŸšจCyber Alert โ€ผ๏ธ

๐Ÿ‡ช๐Ÿ‡ธ Spain - Policรญa Nacional

A threat actor has published an "unauthorized pentest" report exposing severe misconfigurations on policia[. ]es.

According to the report, critical directories were publicly accessible, revealing SSH keys, shell history, and browser data.

04.08.2025 09:23 โ€” ๐Ÿ‘ 6    ๐Ÿ” 3    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 2



The opt-in option required users to manually select and share chats, but OpenAI acknowledged that the risk of accidental exposure was too high.

The company is now working to have any indexed content removed from search engine results.

04.08.2025 07:58 โ€” ๐Ÿ‘ 2    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

OpenAI has removed the feature that allowed ChatGPT conversations to be indexed by search engines.

Announced by OpenAIโ€™s CISO, Dane Stuckey, the feature was originally designed to help people discover useful conversations, but it was rolled back due to privacy concerns.

04.08.2025 07:58 โ€” ๐Ÿ‘ 2    ๐Ÿ” 3    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0



More details:
https://cointelegraph.com/news/3-5b-btc-heist-retroactively-uncovered-arkham

04.08.2025 07:08 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

The vulnerability exploited is believed to be a weak private key generation algorithm susceptible to brute-force attacks. Evidence shows LuBian later sent 1,516 OP_RETURN messages to the hackerโ€™s wallet addresses. At todayโ€™s value, the stolen BTC is worth $14. 5 billion.

04.08.2025 07:08 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

The hack went unreported for years by both LuBian and the attacker.

The threat actor stole 90% of the poolโ€™s funds before LuBian managed to move 11,886 BTC to safety.

04.08.2025 07:08 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

@hackmanac.com is following 19 prominent accounts