Ransomware Group: NIGHTSPIRE

VICTIM NAME: branchcore

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NIGHTSPIRE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to a company identified as “branchcore,” based in Venezuela. The attack was publicly disclosed on May 19, 2025, shortly after the attack date, which is recorded as May 18, 2025. The breach involved an estimated data compromise of approximately 50 GB of information. There are no indications that employees or third-party entities were directly affected or targeted during the incident. The leak appears to include sensitive data, although specific contents have not been detailed publicly. The page does not include explicit screenshots or media but references a URL hosting further information about the incident.

The group responsible for the attack is identified as “nightspire.” The leak demonstrates that a significant amount of data has been exfiltrated, potentially impacting the company’s operations or reputation. No information about the activity sector was provided, nor were specific technical details regarding the compromise shared. The incident is noteworthy for its relatively recent disclosure and the substantial data volume involved. The leak page serves as a warning and informational resource for cybersecurity analysts and the public, emphasizing the importance of data security measures to prevent similar breaches in the future.