InfoSecBulletin Cybersecurity for mankind
The Akira ransomware group increased its attacks, adding 12 new victims to its dark web portal from July 15 to July 17, 2025. They target various industries worldwide, including food production, manufacturing, legal, and IT services. The group uses a double-extortion tactic by stealing sensitive data, encrypting systems, and threatening to publish the information if the ransom isn’t paid.
A wide range of organizations from different sectors and countries have reportedly been compromised, showing the random target selection by the ransomware group. The attackers have described the companies and started detailing the sensitive data they purport to have stolen, increasing pressure on the victims. The victims include:
UK to ban public sector from paying ransomware gangs
(CVE-2025-6704, CVE-2025-7624)
Urgent Sophos Firewall Update: Two Critical RCE Flaws Patched
Dell admits breach of test lab platform by World Leaks extortion group
Microsoft issues urgent patches for SharePoint RCE vulnerabilities
HPE alerts of hardcoded passwords in Aruba access points
Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours
Singapore urgently engage military force to tackle ‘serious’ cyberattack
Hackers infect 10M Androids with BADBOX 2.0
Oracle Patched 200 Vulns With July 2025 CPU
Ivanti Zero-Days Exploited to Drop MDifyLoader
🇺🇸 The Colgin Companies: A US-based company that offers authentic liquid smoke sauces. The group claims to have stolen files related to clients, contracts, and agreements.
🇮🇹 Mazzoleni: An Italian firm specializing in the drawing, heat treatment, and coating of steel wires. Allegedly exfiltrated data includes agreements, detailed financial data, and other confidential files.
🇮🇹 Studioc: An IT consulting and services firm. The group claims to possess its accounting and financial data, as well as client information.
🇩🇪 BAF Management Consulting: A consulting services provider. Stolen data allegedly includes client accounting and financial information, along with employee data.
🇺🇸 PEPRO: A US-based manufacturer of shielded enclosure systems for mission-critical communications. The group threatens to leak over 15 GB of data, including employee personal documents, customer information, financial data, contracts, and NDAs.
🇺🇸 Title XI: A software and support company providing cloud-based case management for bankruptcy trustees. The attackers claim to have over 50 GB of data, including a huge amount of customer personal information like financial statements, passport/DL/SSN scans, employee information, court documents, and NDAs.
🇮🇹 Acetificio Andrea Milano: A historic Italian vinegar production company. Over 47 GB of data was allegedly stolen, containing personal document scans of owners and employees, financial data, customer information, and NDAs.
🇺🇸 Goldberg & Osborne: A law firm representing plaintiff injury victims. The group boasts of having over 150 GB of data, including personal documents of more than 200 clients, passports, medical records, financial data, and court documents.
🇺🇸 GreenVest: An environmental development and consulting firm. The breach allegedly involves over 7 GB of financial data and project files.
🇷🇴 Multilift Logistic Group: A company specializing in port operations and terminal warehousing. The threat actors claim to have 17 GB of data, including complete employee personal information with passport scans, client data, and numerous contracts.
🇬🇧 Fayrefield Foods: A producer and marketer of dairy products across Europe, the Middle East, and North America. Over 41 GB of data was allegedly exfiltrated, including employee scans, financial files, client information, contracts, and NDAs.
🇸🇪 Sib-Tryck Holding: A digital printing firm from Sweden. The group claims to have 45 GB of corporate documents, including client and employee information, project data, and agreements.
The companies listed on Akira’s leak site publicly acknowledge the breach and kick off the countdown for potential data release. This strategy puts pressure on victims to negotiate payments. The variety of targeted industries shows that no sector is safe from cyber attacks, and the data from legal and software firms could greatly harm both the companies and their clients if leaked.
Source: dailydarkweb
