ShinyHunters claims breach of Israeli firm Anodot (recently acquired by Glassbox), alleging access to customer Snowflake tokens via internal network compromise.
Group says multiple clients impacted with data theft + extortion.
Snowflake confirms anomalous activity tied to a third-party integration.
Group says multiple clients impacted with data theft + extortion.
Snowflake confirms anomalous activity tied to a third-party integration.
Forwarded from 𓂆 Palestine
هاكرز ينشرون صورة تجمع بين رئيس هيئة أركان جيش الاحتلال السابق هرتسي هاليفي مع رئيس الأركان الاردني يوسف الحنيطي
Handala hackers publish an image showing Israeli Chief of Staff Herzi Halevi in Jordan with Yousef al-Hanaiti, the current Jordanian Chief of Staff.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Palestinian hacktivist group “Handala” has breached data linked to IDF Chief of Staff Herzi Halevi, releasing a mix of purported military and personal images as proof. The group says it holds thousands of additional files but has not disclosed the attack vector (device compromise, cloud access, etc.).
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Forwarded from 𓂆 Palestine
Handala hacker collective exposes former Israeli chief of staff on secret trips to Jordan and Qatar
The Handala hacker group has infiltrated the mobile devices of former Israeli Chief of Staff Herzi Halevi, releasing over 19,000 images and videos from his personal and professional life. The leaked materials include footage of military meetings, base visits, and family moments, offering an unprecedented look into the inner workings of Israel’s top military leadership. The group framed the leak as just the beginning, suggesting that more sensitive material could follow.
Among the documents and photos, Halevi’s secret trips to Jordan and Qatar are prominently featured. In Jordan, he met with Chief of Staff Yousef al-Huneiti and presented a dagger belonging to a Jordanian soldier who was killed in the 1967 Six-Day War. The images reveal the careful orchestration of these diplomatic and military engagements, highlighting Israel’s ongoing efforts to maintain regional alliances.
Leaked materials also show Halevi visiting Qatar and meeting then-US Central Command chief Michael Kurilla, offering rare insight into Israel’s coordination with international military partners in West Asia.
The Handala hacker group has infiltrated the mobile devices of former Israeli Chief of Staff Herzi Halevi, releasing over 19,000 images and videos from his personal and professional life. The leaked materials include footage of military meetings, base visits, and family moments, offering an unprecedented look into the inner workings of Israel’s top military leadership. The group framed the leak as just the beginning, suggesting that more sensitive material could follow.
Among the documents and photos, Halevi’s secret trips to Jordan and Qatar are prominently featured. In Jordan, he met with Chief of Staff Yousef al-Huneiti and presented a dagger belonging to a Jordanian soldier who was killed in the 1967 Six-Day War. The images reveal the careful orchestration of these diplomatic and military engagements, highlighting Israel’s ongoing efforts to maintain regional alliances.
Leaked materials also show Halevi visiting Qatar and meeting then-US Central Command chief Michael Kurilla, offering rare insight into Israel’s coordination with international military partners in West Asia.
❤1
The FBI has successfully extracted deleted Signal messages from a suspect's iPhone via notification storage, the place where all your notifications are stored for up to one month.
Notification storage stores data from all messaging apps, it's a big flaw in iOS. But there's a way to turn it off..
Notification storage stores data from all messaging apps, it's a big flaw in iOS. But there's a way to turn it off..
iPhone users ⚠️
FBI can recover deleted Signal messages from notification storage (kept up to 30 days).
Fix it:
Settings → Notifications → Show Previews → Never
+ turn on Advanced Data Protection in iCloud.
Lock it down before someone else reads your messages.
FBI can recover deleted Signal messages from notification storage (kept up to 30 days).
Fix it:
Settings → Notifications → Show Previews → Never
+ turn on Advanced Data Protection in iCloud.
Lock it down before someone else reads your messages.
WhatsApp’s “end-to-end encrypted” privacy is a total lie.
New class-action lawsuit just dropped: Meta secretly let employees, contractors like Accenture, and third parties read, intercept, and store your private messages WITHOUT consent.
All while marketing it as “only you and the recipient can read it.”
Zuck lied to billions. Your chats were never safe.
New class-action lawsuit just dropped: Meta secretly let employees, contractors like Accenture, and third parties read, intercept, and store your private messages WITHOUT consent.
All while marketing it as “only you and the recipient can read it.”
Zuck lied to billions. Your chats were never safe.
Hacktivist group “Ababil Minab” claims responsibility for a major cyberattack on LA Metro’s IT infrastructure.
The group alleges destruction of 500TB+ of critical data and exfiltration of over 1TB of sensitive information.
The group alleges destruction of 500TB+ of critical data and exfiltration of over 1TB of sensitive information.
🛰️ GPS Disruptions Intensify in the Middle East
Rising reports of GNSS interference across the Persian Gulf, Gulf of Oman, Strait of Hormuz, and near Israel.
Incidents involve spoofing and jamming, causing false positioning data for ships and aircraft—raising serious safety and security concerns.
Rising reports of GNSS interference across the Persian Gulf, Gulf of Oman, Strait of Hormuz, and near Israel.
Incidents involve spoofing and jamming, causing false positioning data for ships and aircraft—raising serious safety and security concerns.
Forwarded from 𓂆 Palestine
Handala group behind a massive breach of Israel’s cyber warfare Unit 8200
An unprecedented exposure of Israeli regime senior officers, the hacker collective Handala has revealed the identities from the "Iran Desk" of Israel’s secret Unit 8200.
An unprecedented exposure of Israeli regime senior officers, the hacker collective Handala has revealed the identities from the "Iran Desk" of Israel’s secret Unit 8200.
The Handala group reports a major breach targeting Israel’s Unit 8200, specifically its “Iran Desk.”
The group exposure of senior officers, operational roles, and infrastructure tied to cyber espionage, AI-driven operations, and influence campaigns.
#TGITM @TheGhostITM
The group exposure of senior officers, operational roles, and infrastructure tied to cyber espionage, AI-driven operations, and influence campaigns.
#TGITM @TheGhostITM
Further details indicate the exposed Unit 8200 personnel are reportedly based in a classified facility in Rosh HaAyin, with many specialists in Persian language and Iran-focused intelligence.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Bloomberg: Power constraints are becoming the hidden choke point for AI expansion.
Nearly half of U.S. data center projects slated for 2026 face delays or cancellation due to transformer shortages and grid limitations—despite $650B in Big Tech AI spending.
Nearly half of U.S. data center projects slated for 2026 face delays or cancellation due to transformer shortages and grid limitations—despite $650B in Big Tech AI spending.
Mossad Data Breach: Classified Coordinates Leaked Online
Mossad, Israel's national intelligence agency, has been compromised. A hacker has posted online that they have obtained and released sensitive data related to the agency. The hacker explicitly stated an intention for the information to reach "missile units," indicating a highly malicious and potentially dangerous motive.
The compromised data includes:
Geospatial coordinates, potentially linked to sensitive Mossad operations or facilities.
Mossad, Israel's national intelligence agency, has been compromised. A hacker has posted online that they have obtained and released sensitive data related to the agency. The hacker explicitly stated an intention for the information to reach "missile units," indicating a highly malicious and potentially dangerous motive.
The compromised data includes:
Geospatial coordinates, potentially linked to sensitive Mossad operations or facilities.
Marimo CVE-2026-39987 gave attackers a full shell with no authentication.
A missing check in /terminal/ws allowed remote code execution on exposed systems. Exploitation began within 9 hours of disclosure—no PoC needed.
A missing check in /terminal/ws allowed remote code execution on exposed systems. Exploitation began within 9 hours of disclosure—no PoC needed.
A 13-year-old flaw in Apache ActiveMQ can lead to RCE.
CVE-2026-34197 lets attackers run OS commands via the Jolokia API. Chained with CVE-2024-32114, it becomes unauthenticated RCE on some versions.
Patched in 5.19.4 and 6.2.3.
CVE-2026-34197 lets attackers run OS commands via the Jolokia API. Chained with CVE-2024-32114, it becomes unauthenticated RCE on some versions.
Patched in 5.19.4 and 6.2.3.
Google rolled out Device Bound Session Credentials (DBSC) in Chrome 146 (Windows).
It ties session cookies to a device using hardware keys, so stolen cookies can’t be reused without that device. Cookies expire quickly without validation.
It ties session cookies to a device using hardware keys, so stolen cookies can’t be reused without that device. Cookies expire quickly without validation.
Smart Slider 3 Pro shipped a backdoored update (3.5.1.35) via its official update system.
For ~6 hours, installs got hidden admin accounts, pre-auth remote code execution via HTTP headers, and full credential + site data exfiltration with persistent backdoors.
For ~6 hours, installs got hidden admin accounts, pre-auth remote code execution via HTTP headers, and full credential + site data exfiltration with persistent backdoors.