Ransomware Group: NIGHTSPIRE

VICTIM NAME: C[.]E[.]E[.] APTA

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NIGHTSPIRE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

This ransomware leak page pertains to the organization known as C.E.E. APTA, located in Spain. The attack was publicly disclosed on May 9, 2025, with the attack date recorded as May 8, 2025. The exposed data involves approximately 2 GB of information, although specific details of the data compromised are not publicly disclosed here. The threat group responsible for the attack is identified as “nightspire.”

The compromised system contained sensitive information potentially related to internal operations. The page indicates the leak includes screenshots and other data, but no explicit URLs or sample data points are provided for public viewing. No PII or specific organizational details are shown in the summary to protect privacy and confidentiality. The incident highlights the ongoing threat posed by cybercriminal groups targeting entities within Spain, with no indication of involvement of third parties or additional victims at this time. The incident was discovered and reported promptly, but further technical specifics remain limited.