Lisa

Cisco source code stolen in Trivy-linked dev environment breach bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Googles Threat Intelligence Grpup has attributed the Axios supply chain attack to North Korean-nexus group UNC 1069

Vect and TeamPCP have reportedly partnered, but that is not all. Every member of Hasan BF automatically becomes an affiliate. We have never seen anything like this before, what is going on? 😂

❗️Just 13 hours after TeamPCP's Trivy supply chain exploitation, one of the groups involved was already recruiting negotiators. Today the group announced a partnership with BreachForums: every forum user automatically becomes an affiliate, with ransomware and support included.

🚨 TeamPCP Supply Chain Attack — Multi-Stage Cloud-Native Campaign Uncovered A sophisticated campaign attributed to TeamPCP has compromised multiple ecosystems through a chained supply chain attack impacting Trivy, KICS, LiteLLM, and 45+ npm packages. Key highlights: • Initial access via exposed PAT (Pwn Request) • Malicious packages pushed into CI/CD pipelines • Lateral movement through Aqua Security’s Trivy ecosystem • Deployment of Kubernetes wiper + worm (kamikaze.sh evolution) • Expansion into Checkmarx and broader developer ecosystems ⚠️ The attack propagated in under 5 days, combining credential theft, poisoned dependencies, and automated distribution pipelines. This campaign demonstrates how modern supply chain attacks are fast, scalable, and cloud-native by design, targeting developers as the new attack surface. #CyberSecurity #SupplyChainAttack #ThreatIntel #DevSecOps #CloudSecurity #Kubernetes #Infosec #DailyDarkWeb

🚨Cyber Alert ‼️ 🇪🇸Spain - Ministerio de Hacienda The threat actor going by the name ‘HaciendaSec’ claims to have breached the Ministerio de Hacienda. Allegedly, the attackers are offering for sale an updated database covering 47.3 million citizens, including DNI/NIF numbers, full names, residential addresses, phone numbers, email addresses, IBAN bank details, and tax-related financial information. Sector: Government Threat class: Cybercrime Observed: Jan 31, 2026 Status: Pending verification — About this post: Hackmanac provides early warning and cyber situational awareness through its social channels. This alert is based on publicly available information that our analysts retrieved from clear and dark web sources. No confidential or proprietary data was downloaded, copied, or redistributed, and sensitive details were redacted from the attached screenshot(s). For more details about this incident, our ESIX impact score, and additional context, visit HackRisk.io.

🚨Cyber Alert Update‼️ 🇪🇸Spain - Endesa The hacker who claimed to have breached Endesa has leaked data from 300,000 customers and is threatening to sell over 1TB of data, affecting more than 20 million people, unless the company responds by February 2–3, 2026. The attacker reportedly accessed Endesa’s commercial platform and exfiltrated customer contact details, identity documents, and IBANs. A small sample was released earlier, followed by a larger leak to escalate pressure. Endesa has confirmed the unauthorized access. Source: eleconomista.es/tecnologia/not…

‼️Shinyhunte[.]rs is back online with "Doomsday The Story of James". At the end you accept and download BreachForums database. I reviewed the data and it is legit. Why? My user ID leading to a fake email address shows. If you ever registered on BF... GGs. Use alts! 😂

A user from a #hackers forum may have possibly leaked customer data linked to #Endesa (@Endesa), the leading Spanish 🇪🇸 company in the generation, distribution, and commercialization of electricity and natural gas. This could be a new #CyberAttack adding to those accumulated by #Endesa. #BME $ELE @EndesaClientes @EnelGroupES Stay informed, monitor cyber threats, and sign up for free on #VenariX 👉 venarix.com #CyberAttack #España #Madrid #Barcelona #energia #electricity #gas #InfoSec #Ciberseguridad #CyberSec

🚨BreachForums is back again... Clearnet: breachforums[.]bf Dark Web: http://breachedmw4otc2lhx7nqe4wyxfhpvy32ooz26opvqkmmrbg73c7ooad[.]onion IP: 91.215.85.48 ASN: 200593 Server: Apache/2.4.65 (Debian) IP: 45.134.26.22 ASN: 198953 Server: Apache/2.4.65 (Debian)

🚨 Spanish Police Arrest Alleged Threat Actor Accused of Stealing and Selling Nearly 64 Million Personal Records policia.es/_es/comunicaci…

Los 77Gb robados a Iberia Documentos técnicos, programas de mantenimiento, configuraciones de aeronaves y datos confidenciales de Airbus Archivos CSV, PDF y BD sistema ACDATA de Airbus Firmas digitales (DocuSign) y variaciones de SLA Certificado de Operador Aéreo (AOC)

🚨RaidForums V2 appears to be a thing... raidforums[.]st

Spain 🇪🇸 - Integra Energía has been targeted by a threat actor claiming to sell over 200,000 customer records including IBANs and personal contact details. dailydarkweb.net/integra-energi…

Spain 🇪🇸 - Iberia has allegedly been breached, with a threat actor offering 77 GB of sensitive data for sale, including aircraft maintenance programs, technical configurations, and Air Operator Certificates. dailydarkweb.net/iberia-airline…

🚨Cyber Alert ‼️ 🇪🇸Spain - ING Bank Spain The threat actor BreachParty has claimed responsibility for a data breach involving 21,090 records from ING Bank Spain. According to the attacker, the compromised data includes personally identifiable information (PII) such as ID numbers, dates of birth, full names, cities, phone numbers, IBANs, bank codes, and bank names. Sector: Financial Threat class: Cybercrime Observed: Nov 5, 2025 Status: Pending verification — About this post: Hackmanac provides early warning and cyber situational awareness through its social channels. This alert is based on publicly available information that our analysts retrieved from clear and dark web sources. No confidential or proprietary data was downloaded, copied, or redistributed, and sensitive details were redacted from the attached screenshot(s). For more details about this incident, our ESIX impact score, and additional context, visit HackRisk.io.

🚨Cyber Alert ‼️ 🇪🇸Spain - Spain citizens: 34 million records for sale The threat actor "Cayenne22" claims to be selling 34 million records of Spanish citizens' data, including full name, DNI, email, phone number and IBAN. Threat class: Cybercrime Observed: Oct 31, 2025 Status: Pending verification — About this post: Hackmanac provides early warning and cyber situational awareness through its social channels. This alert is based on publicly available information that our analysts retrieved from clear and dark web sources. No confidential or proprietary data was downloaded, copied, or redistributed, and sensitive details were redacted from the attached screenshot(s). For more details about this incident, our ESIX impact score, and additional context, visit HackRisk.io.

here we go!! #39c3

@as_informatico @flipper_net Tengo pendiente actualizar el firmware, que tal las extras?

Actualizado el firmware del @flipper_net con la ultima versión de Unleashed y las extra apps, a ver qué novedades trae...