[EVEREST] – Ransomware Victim: Colins Aerospace / RTX[.]com

AI Generated Summary of the Ransomware Leak Page

On October 17, 2025, the leak page associated with Colins Aerospace / RTX.com—a United States-based manufacturing company—appears to have been published by the Everest ransomware group. The available metadata identifies the industry as Manufacturing and lists the country as the United States. The post date given is 2025-10-17 20:19:51.104314; there is no separate compromise date provided, so this timestamp should be treated as the post date. The data do not specify whether the attack resulted in encryption, data exfiltration, or other impact, as the impact field is empty and no ransom figure is documented. The page indicates a claim URL is present, suggesting there may be a ransom-related note or negotiation link linked from the post. The leak presentation includes two image assets, described only in general terms, with no detailed content described in the data.

From a sanitization perspective, PII is redacted and the victim name Colins Aerospace / RTX.com is preserved. The description field shows “[AI generated] N/A,” and there is no non-English content to translate. The dataset indicates no downloads or files, and there is no size information provided. The two images noted in the annotations appear to be part of a small gallery or set of screenshots, though their exact subjects are not described in the data. All URLs, if present in the original post, would be defanged in this summary, and no raw URLs are included here. In short, the leak post yields metadata about a US manufacturing victim with two accompanying images and a claim URL, posted on 2025-10-17 by Everest, but does not provide explicit details about the attack’s impact or any ransom figures.