Delete My Data

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

🚨 BREAKING: Hackers are now exploiting the cPanel authentication bypass flaw (CVE-2026-41940) to deploy "Sorry" ransomware on compromised websites. Numerous sources say attacks began Thursday, with threat actors breaching servers and deploying a Go-based Linux encryptor that appends the .sorry extension to files. What the ransomware does: 🔴 Encrypts files and appends the ".sorry" extension. 🔴 Protects the encryption key with an embedded RSA-2048 public key 🔴 Drops a README.md ransom note in every folder 🔴 Uses a fixed Tox ID for ransom negotiations Victims are being instructed to contact the attacker via Tox to pay for decryption. This is not related to the older 2018 HiddenTear ".sorry" ransomware. This is a new, Linux-targeting encryptor tied directly to active cPanel exploitation. If you're running cPanel or WHM, patch immediately.

🚨Cyber Alert ‼️ 🇺🇸United States - 𝗪𝘆𝗻𝗻 𝗥𝗲𝘀𝗼𝗿𝘁𝘀 ShinyHunters hacking group claims to have breached Wynn Resorts. Threat actor: ShinyHunters Sector: Hospitality Data exposure (claimed): 800,000 records Data type: Personal data and employee data Observed: Feb 20, 2026 Status: Pending verification ESIX©: 5.60 Full details and impact assessment on https://t.co/eB7qgxKFAa

‼️New Instagram Vulnerability Exposes Private Posts to Anyone A vulnerability in Instagram’s server-side logic allowed unauthenticated users to access private posts by sending GET requests with specific mobile headers. The flaw exposed direct CDN links to private media and captions for about 28% of tested accounts. Researcher Jatin Banga reported the issue in October 2025; Meta silently patched it days later but denied the bug’s validity, closing the report as “Not Applicable” without confirming the root cause. Source: https://t.co/Zm7vctGo0w

🚨Cyber Alert‼️ 🇺🇸USA - JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack SitusAMC suffered a cyberattack on November 12, 2025, exposing accounting documents and legal contracts tied to major clients, including JPMorgan Chase, Citi, and Morgan Stanley. The company confirmed the breach, alerted law enforcement and the FBI, and reported no impact on banking operations. Status Confirmed Article source: https://t.co/eMMYxQy0pX SitusAMC statement: https://t.co/6LBYPfmpJp

The FBI and our partners successfully dismantled an infostealer, remote access trojan, and botnet as part of Operation Endgame. This marks the third large-scale action in this ongoing initiative, which was launched to combat criminal infrastructure used for ransomware attacks worldwide. This operation is a joint effort with partners from Australia, Belgium, Canada, Denmark, France, Germany, Greece, Lithuania, the Netherlands, and the UK. We took down 1,025 servers, seized 20 domains, and arrested one suspect in Greece. The dismantled infrastructure, including the Rhadamanthys infostealer, VenomRAT, and Elysium botnet, was crucial to cybercriminal activities. By working with international partners, we are defending the homeland by shutting down the key services that cybercriminals depend on.

💣️ 𝗘𝗫𝗖𝗟𝗨𝗦𝗜𝗩𝗘 𝗜𝗡𝗧𝗘𝗥𝗩𝗜𝗘𝗪 𝗪𝗜𝗧𝗛 𝗟𝗢𝗖𝗞𝗕𝗜𝗧 𝟱.𝟬! Declared dismantled by law enforcement earlier this year, 𝗟𝗼𝗰𝗸𝗕𝗶𝘁 𝗵𝗮𝘀 𝗿𝗲-𝗲𝗺𝗲𝗿𝗴𝗲𝗱 under the name 𝗟𝗼𝗰𝗸𝗕𝗶𝘁 𝟱.𝟬 — and now speaks exclusively to Hackmanac. In this unprecedented interview, conducted via anonymous channels, for the first time the group explains 𝗵𝗼𝘄 𝗶𝘁 𝗿𝗲𝗯𝘂𝗶𝗹𝘁, 𝗵𝗼𝘄 𝗮𝗳𝗳𝗶𝗹𝗶𝗮𝘁𝗲𝘀 𝗼𝗽𝗲𝗿𝗮𝘁𝗲, and 𝘄𝗵𝘆 𝘁𝗵𝗲𝘆 𝗰𝗼𝗻𝘀𝗶𝗱𝗲𝗿 𝗿𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗮𝗻 “𝙚𝙣𝙙𝙡𝙚𝙨𝙨 𝙗𝙪𝙨𝙞𝙣𝙚𝙨𝙨 𝙢𝙤𝙙𝙚𝙡.” A rare look inside the world’s most notorious cyber-extortion network. 🔗 Read the full interview: https://t.co/dSIUJRrWZL