A zero-day in TrueConf let attackers spread malware through its own update system.
CVE-2026-3502 (CVSS 7.8) was exploited by compromising on-prem servers, pushing tampered updates to all connected clients in government networks across Southeast Asia.
CVE-2026-3502 (CVSS 7.8) was exploited by compromising on-prem servers, pushing tampered updates to all connected clients in government networks across Southeast Asia.
A flaw in Google Cloud Vertex AI could expose sensitive data across projects.
Default service agent permissions allow attackers to steal credentials from AI agents, access storage buckets, and move inside cloud environments.
Default service agent permissions allow attackers to steal credentials from AI agents, access storage buckets, and move inside cloud environments.
Silver Fox is spreading AtlasCross RAT via fake Zoom, Signal, and Teams sites.
Signed installers from typo domains bypass checks, disable security tools, and run the RAT in memory for remote access and data theft across Asia.
Signed installers from typo domains bypass checks, disable security tools, and run the RAT in memory for remote access and data theft across Asia.
Claude Code source reportedly leaked online.
If confirmed, this could expose internal architecture, safety mechanisms, and proprietary tooling behind one of the leading AI coding systems. The authenticity and scope of the leak are still under verification.
What does a Claude Code source leak mean?
Beyond IP theft, this could reveal how safety guardrails are implemented, expose potential vulnerabilities, and accelerate rival model development. For defenders, it’s insight. For attackers, it’s opportunity.
If confirmed, this could expose internal architecture, safety mechanisms, and proprietary tooling behind one of the leading AI coding systems. The authenticity and scope of the leak are still under verification.
What does a Claude Code source leak mean?
Beyond IP theft, this could reveal how safety guardrails are implemented, expose potential vulnerabilities, and accelerate rival model development. For defenders, it’s insight. For attackers, it’s opportunity.
The Anonymous collective has breached an Israeli company involved in mechanical assemblies and chip processing, publishing approximately 70GB of data.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
A hacker group has launched a DDoS attack on the Radio Galei Israel website (radio broadcasts).
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Axios, a widely used JavaScript library with ~100M weekly downloads, has reportedly been compromised, with attackers publishing a malicious version.
A potential supply chain attack that could impact countless apps depending on Axios. Developers should verify versions and monitor for suspicious activity.
A potential supply chain attack that could impact countless apps depending on Axios. Developers should verify versions and monitor for suspicious activity.
Google links the Axios npm compromise to North Korean group UNC1069.
Attackers hijacked the maintainer account and pushed malicious versions that executed during install via a hidden dependency, deploying a cross-platform backdoor (Windows, macOS, Linux) and then removing traces.
Attackers hijacked the maintainer account and pushed malicious versions that executed during install via a hidden dependency, deploying a cross-platform backdoor (Windows, macOS, Linux) and then removing traces.
Google’s emergency Chrome patch for a zero-day (v146.0.7680.177/178) is a reminder: client-side exploitation remains one of the most reliable entry points. If patching isn’t immediate, assume exposure.
Cisco’s internal dev environment breach on AWS—reportedly exposing ~300 repositories—raises serious supply chain concerns. With code tied to banks and US government agencies, the downstream risk isn’t just data loss, it’s potential systemic exposure.
ShinyHunters claims responsibility for the Cisco breach, alleging theft of 3M Salesforce records, GitHub source code, and sensitive AWS data. A 72-hour deadline has been issued.
TeamPCP is working alongside ShinyHunters and the Vect ransomware group—highlighting the industrialization of cybercrime.
Israeli data firm Bright Data confirms a breach and is forcing password resets for users.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
CERT-UA warned of a phishing campaign impersonating the agency to spread AGEWHEEZE malware.
The malware enables full system control, but confirmed infections were limited despite wide targeting.
The malware enables full system control, but confirmed infections were limited despite wide targeting.
Forwarded from 𓂆 Palestine
Last night’s attacks in Bahrain reportedly targeted Batelco’s main headquarters — a critical telecom hub providing mobile and internet services. Notably, a significant portion of Amazon’s servers was also housed in the building.
Russia is tightening its grip on cyberspace: widespread disruptions hit Telegram, affecting messaging, media uploads, and connectivity.
Authorities are restricting VPNs and pushing state-backed messengers, while WhatsApp may be next. Telegram isn’t fully blocked—yet—but access is increasingly unstable.
Authorities are restricting VPNs and pushing state-backed messengers, while WhatsApp may be next. Telegram isn’t fully blocked—yet—but access is increasingly unstable.
Forwarded from 𓂆 Palestine
Erdogan: Recent regional conflicts underscore cybersecurity as a core pillar of national power.
Citing wars in Gaza, Lebanon, and Iran, he stressed that data security now intersects with political stability, economic independence, and military deterrence.
Turkey is set to roll out new measures to harden government data infrastructure.
Citing wars in Gaza, Lebanon, and Iran, he stressed that data security now intersects with political stability, economic independence, and military deterrence.
Turkey is set to roll out new measures to harden government data infrastructure.
Chinese-linked cyber espionage resurges, targeting Europe amid rising geopolitical tensions.
Since mid-2025, attackers have focused on EU, NATO, and embassy networks using spear-phishing lures (fake interviews, collaboration requests) to deploy malware and exfiltrate data.
Recent activity also extends into the Middle East.
Since mid-2025, attackers have focused on EU, NATO, and embassy networks using spear-phishing lures (fake interviews, collaboration requests) to deploy malware and exfiltrate data.
Recent activity also extends into the Middle East.
Forwarded from 𓂆 Palestine
War fallout is hitting tech now.
Helium shortages—triggered by disrupted Qatari gas exports—are impacting AI chip production. Qatar supplies ~1/3 of the world’s helium.
This isn’t just geopolitics anymore. It’s a direct hit on the future of AI.
Helium shortages—triggered by disrupted Qatari gas exports—are impacting AI chip production. Qatar supplies ~1/3 of the world’s helium.
This isn’t just geopolitics anymore. It’s a direct hit on the future of AI.
Handala breached PSK WIND Technologies, a firm tied to Israeli air defense C2 systems. Exfiltration includes sensitive data on command centers, communications, and infrastructure. This signals a significant supply-chain level compromise.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
🥰1