Hacktivist group “Mobir” claims responsibility for a cyberattack targeting the UAE Space Agency, alleging the network was taken offline. The group cites UAE cooperation with Israel and the U.S. as motive and warns of further attacks.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
U.S. officials are investigating a major cyber incident attributed to state actors targeting an internal FBI system containing sensitive law enforcement data. Reports say attackers leveraged commercial ISP infrastructure. Congress was notified in early March.
Israeli sources report over 4,000 cyberattacks during the early phase of the recent conflict, involving 60+ hacktivist groups. Activity includes DDoS, intrusions, and supply chain targeting, with growing use of social engineering against economic sectors.
Cyber Disputes the Israeli report; our own investigation identified over 100,000 cyberattacks conducted by hacktivist groups during Ramadan. Involving 100+ hacktivist groups.
Cyber Disputes the Israeli report; our own investigation identified over 100,000 cyberattacks conducted by hacktivist groups during Ramadan. Involving 100+ hacktivist groups.
Handala has exposed the identities of 50 senior officers from Israel’s elite Unit 9900 — a key geospatial intelligence unit behind drone surveillance, satellite mapping, and targeted operations. A major escalation in cyber warfare narratives.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala announces a major breach: identities of 50 top Unit 9900 officers revealed. The group says this shatters the unit’s “invincibility” and sends a message to all cyber warfare actors.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala announced that this disclosure marks the end of the "myth of invincibility" of this unit and serves as a warning to all players in the cyber warfare arena.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala team disclosed the identities of 50 senior officers of the Israel Unit 9900. Unit 9900 is one of the powerful geospatial intelligence divisions in the world, which collects strategic information using drone images, satellite imagery, and 3D maps, and uses it in targeted assassination operations.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
“NoVoice” malware spreads via 50+ Google Play apps, ~2.3M devices impacted
Exploits older Android flaws to gain root-level access — no suspicious permissions required.
Persistence is severe; even factory reset may not remove it.
Enables data theft, account takeover, and continuous C2 communication.
Update devices. Audit apps. Stay vigilant.
Exploits older Android flaws to gain root-level access — no suspicious permissions required.
Persistence is severe; even factory reset may not remove it.
Enables data theft, account takeover, and continuous C2 communication.
Update devices. Audit apps. Stay vigilant.
“Kourosh Shield” claims breach targeting Komala-linked individuals in Europe
Group alleges access to infrastructure and sensitive datasets, including identities, communications, and network metadata of 52 individuals.
Partial data reportedly released; further disclosures expected.
Claims remain unverified — potential leak monitoring ongoing.
Group alleges access to infrastructure and sensitive datasets, including identities, communications, and network metadata of 52 individuals.
Partial data reportedly released; further disclosures expected.
Claims remain unverified — potential leak monitoring ongoing.
LinkedIn under scrutiny for hidden extension scanning
Reports reveal use of browser fingerprinting scripts to detect installed Chrome extensions and gather device signals.
LinkedIn confirms the practice, citing security and abuse prevention.
Raises fresh concerns over user privacy vs platform defense.
Reports reveal use of browser fingerprinting scripts to detect installed Chrome extensions and gather device signals.
LinkedIn confirms the practice, citing security and abuse prevention.
Raises fresh concerns over user privacy vs platform defense.
Qilin ransomware claims cyberattack on Germany’s Die Linke party.
Group threatens data leak.
Group threatens data leak.
CENTCOM heavy silence.
The 24-hour silence of this official account has attracted media attention.
The 24-hour silence of this official account has attracted media attention.
Fortinet is warning of active exploitation of CVE-2026-35616 (CVSS 9.1) in FortiClient EMS.
The flaw lets unauthenticated attackers bypass API controls and run code. This is the second critical EMS flaw exploited in weeks.
The flaw lets unauthenticated attackers bypass API controls and run code. This is the second critical EMS flaw exploited in weeks.
36 npm packages posing as Strapi plugins were used to deliver malware that runs on install.
They exploited Redis and PostgreSQL, stole credentials, and deployed backdoors via postinstall scripts with full user or CI/CD access.
They exploited Redis and PostgreSQL, stole credentials, and deployed backdoors via postinstall scripts with full user or CI/CD access.
Forwarded from 𓂆 Palestine
The American satellite company Planet Labs announced that it will stop publishing images of Iran and conflict areas in the Middle East indefinitely, in response to a request from the administration of US President Trump.
The measure aims to prevent adversaries from using these images against the United States and its allies.
Initially, the publication of the images was postponed for just 14 days, but the company later decided to extend the measure to include a complete suspension of images related to the ongoing conflict since March 9, 2026.
The company now uses a review system for each image, publishing them only when absolutely necessary or for a specific public interest.
The measure aims to prevent adversaries from using these images against the United States and its allies.
Initially, the publication of the images was postponed for just 14 days, but the company later decided to extend the measure to include a complete suspension of images related to the ongoing conflict since March 9, 2026.
The company now uses a review system for each image, publishing them only when absolutely necessary or for a specific public interest.
The "Handala" group hacked into the websites of 27 Israeli companies, altered their interfaces, and posted images of the Minab school massacre in Iran.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Forwarded from 𓂆 Palestine
مجموعة "حنظلة" تخترق مواقع 27 شركة إسرائيلية وتغيّر واجهاتها وتضع صوراً عن مجزرة مدرسة ميناب في إيران.
The “Handala ” hacker group targeted 27 Israeli company websites, the operation as retaliation for the killing of children in Minab and a message against silencing civilians through violence.
“Handala: The blood of the children of Minab will not be forgotten; although they were small, their revenge is great.”
#TGITM @TheGhostITM
“Handala: The blood of the children of Minab will not be forgotten; although they were small, their revenge is great.”
#TGITM @TheGhostITM
Kuwait’s Ministry of Interior breached by hacktivist group “Nasir.”
In a statement, the group said it gained access to government and intelligence systems, sensitive data on officials, and alleged documents on Kuwait–US cooperation.
The group warned of further disruptive operations targeting national infrastructure.
In a statement, the group said it gained access to government and intelligence systems, sensitive data on officials, and alleged documents on Kuwait–US cooperation.
The group warned of further disruptive operations targeting national infrastructure.
Arabsat satellite network disrupted in cyberattack claimed by "Mabir" hackers over alleged Israel/US ties & hosting Iran International.
#TGITM @TheGhostITM
#TGITM @TheGhostITM