AI isn’t making code safer. It’s expanding the attack surface.
As Eric Fourrier, GitGuardian CEO, notes, 28.65M secrets were exposed in 2025 as AI workflows expanded tokens, APIs, and machine identities.
As Eric Fourrier, GitGuardian CEO, notes, 28.65M secrets were exposed in 2025 as AI workflows expanded tokens, APIs, and machine identities.
More than 50 Israeli security cameras have reportedly been compromised, marking a new phase in the expanding cyber front. Beyond data breaches, this signals a shift toward real-time surveillance disruption and psychological impact. The line between cyber ops and physical security keeps blurring.
(Israel’s National Cyber Directorate, WSJ)
#TGITM @TheGhostITM
(Israel’s National Cyber Directorate, WSJ)
#TGITM @TheGhostITM
Cyber Dispatch™️
More than 50 Israeli security cameras have reportedly been compromised, marking a new phase in the expanding cyber front. Beyond data breaches, this signals a shift toward real-time surveillance disruption and psychological impact. The line between cyber ops…
The developments come as cyber operations intensify, with hacktivists expanding their reach across the region.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
A dataset claiming to contain Israeli citizen records is being sold on a popular cybercrime forum.
Records: 842,387 lines
Size: 74.4MB
Format: CSV
Data Fields: ID number, last name, first name, city, street, house number, apartment, date of birth, phone number, mobile phone, additional phone, email.
Records: 842,387 lines
Size: 74.4MB
Format: CSV
Data Fields: ID number, last name, first name, city, street, house number, apartment, date of birth, phone number, mobile phone, additional phone, email.
Forwarded from 𓂆 Palestine
Donald Trump's threats to target energy facilities have led a group of hackers to consider targeting the energy facilities of their rivals.
A new malware loader is using fake “fix” prompts to trick users into running PowerShell commands.
DeepLoad runs inside legitimate Windows processes and begins stealing browser credentials and sessions early in the attack.
DeepLoad runs inside legitimate Windows processes and begins stealing browser credentials and sessions early in the attack.
The hacker group Handala has announced a major cyber operation, successfully taking full control of the news outlet IranWire. According to the group, the outlet was operating under the direct guidance and support of the CIA, and the operation allowed Handala to extract a vast volume of documents, including correspondence, lists of affiliates, infiltrators, and other confidential data. The extracted information has been securely encrypted.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
In its statement, Handala emphasized that “no space remains safe for treason or espionage.” The group stated that all individuals who have had any cooperation or contact with IranWire, or who transmitted photos, videos, or coordinates to foreign services over the past years, have been identified and are now under constant and precise surveillance by the Axis of Resistance. The statement warned that any attempt to erase information or sever connections will be futile, as the group claims its cyber network has penetrated all layers of communication and data infrastructure, detecting and recording any suspicious activity.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
The hacker collective Handala has claimed responsibility for an attack causing widespread cyber disruption in a U.S. city, with more details expected soon.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Forwarded from 𓂆 Palestine
Hezbollah strikes targeted major military infrastructure, including the Glilot base (Unit 8200 headquarters near Tel Aviv).
Forwarded from 𓂆 Palestine
The pro-Palestine hacker group Handala announced a major cyber operation, confirming that it had gained full control of the news website IranWire, which it said operates under the direction of the CIA.
Google has opened Android verification to all developers.
Developer verification is now live globally, letting devs confirm identity and register apps ahead of enforcement.
From Sept 30, 2026, only verified apps install in select markets, expanding globally in 2027.
Developer verification is now live globally, letting devs confirm identity and register apps ahead of enforcement.
From Sept 30, 2026, only verified apps install in select markets, expanding globally in 2027.
A zero-day in TrueConf let attackers spread malware through its own update system.
CVE-2026-3502 (CVSS 7.8) was exploited by compromising on-prem servers, pushing tampered updates to all connected clients in government networks across Southeast Asia.
CVE-2026-3502 (CVSS 7.8) was exploited by compromising on-prem servers, pushing tampered updates to all connected clients in government networks across Southeast Asia.
A flaw in Google Cloud Vertex AI could expose sensitive data across projects.
Default service agent permissions allow attackers to steal credentials from AI agents, access storage buckets, and move inside cloud environments.
Default service agent permissions allow attackers to steal credentials from AI agents, access storage buckets, and move inside cloud environments.
Silver Fox is spreading AtlasCross RAT via fake Zoom, Signal, and Teams sites.
Signed installers from typo domains bypass checks, disable security tools, and run the RAT in memory for remote access and data theft across Asia.
Signed installers from typo domains bypass checks, disable security tools, and run the RAT in memory for remote access and data theft across Asia.
Claude Code source reportedly leaked online.
If confirmed, this could expose internal architecture, safety mechanisms, and proprietary tooling behind one of the leading AI coding systems. The authenticity and scope of the leak are still under verification.
What does a Claude Code source leak mean?
Beyond IP theft, this could reveal how safety guardrails are implemented, expose potential vulnerabilities, and accelerate rival model development. For defenders, it’s insight. For attackers, it’s opportunity.
If confirmed, this could expose internal architecture, safety mechanisms, and proprietary tooling behind one of the leading AI coding systems. The authenticity and scope of the leak are still under verification.
What does a Claude Code source leak mean?
Beyond IP theft, this could reveal how safety guardrails are implemented, expose potential vulnerabilities, and accelerate rival model development. For defenders, it’s insight. For attackers, it’s opportunity.
The Anonymous collective has breached an Israeli company involved in mechanical assemblies and chip processing, publishing approximately 70GB of data.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
A hacker group has launched a DDoS attack on the Radio Galei Israel website (radio broadcasts).
#TGITM @TheGhostITM
#TGITM @TheGhostITM