🛰️ GPS Disruptions Intensify in the Middle East
Rising reports of GNSS interference across the Persian Gulf, Gulf of Oman, Strait of Hormuz, and near Israel.
Incidents involve spoofing and jamming, causing false positioning data for ships and aircraft—raising serious safety and security concerns.
Rising reports of GNSS interference across the Persian Gulf, Gulf of Oman, Strait of Hormuz, and near Israel.
Incidents involve spoofing and jamming, causing false positioning data for ships and aircraft—raising serious safety and security concerns.
Forwarded from 𓂆 Palestine
Handala group behind a massive breach of Israel’s cyber warfare Unit 8200
An unprecedented exposure of Israeli regime senior officers, the hacker collective Handala has revealed the identities from the "Iran Desk" of Israel’s secret Unit 8200.
An unprecedented exposure of Israeli regime senior officers, the hacker collective Handala has revealed the identities from the "Iran Desk" of Israel’s secret Unit 8200.
The Handala group reports a major breach targeting Israel’s Unit 8200, specifically its “Iran Desk.”
The group exposure of senior officers, operational roles, and infrastructure tied to cyber espionage, AI-driven operations, and influence campaigns.
#TGITM @TheGhostITM
The group exposure of senior officers, operational roles, and infrastructure tied to cyber espionage, AI-driven operations, and influence campaigns.
#TGITM @TheGhostITM
Further details indicate the exposed Unit 8200 personnel are reportedly based in a classified facility in Rosh HaAyin, with many specialists in Persian language and Iran-focused intelligence.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Bloomberg: Power constraints are becoming the hidden choke point for AI expansion.
Nearly half of U.S. data center projects slated for 2026 face delays or cancellation due to transformer shortages and grid limitations—despite $650B in Big Tech AI spending.
Nearly half of U.S. data center projects slated for 2026 face delays or cancellation due to transformer shortages and grid limitations—despite $650B in Big Tech AI spending.
Mossad Data Breach: Classified Coordinates Leaked Online
Mossad, Israel's national intelligence agency, has been compromised. A hacker has posted online that they have obtained and released sensitive data related to the agency. The hacker explicitly stated an intention for the information to reach "missile units," indicating a highly malicious and potentially dangerous motive.
The compromised data includes:
Geospatial coordinates, potentially linked to sensitive Mossad operations or facilities.
Mossad, Israel's national intelligence agency, has been compromised. A hacker has posted online that they have obtained and released sensitive data related to the agency. The hacker explicitly stated an intention for the information to reach "missile units," indicating a highly malicious and potentially dangerous motive.
The compromised data includes:
Geospatial coordinates, potentially linked to sensitive Mossad operations or facilities.
Marimo CVE-2026-39987 gave attackers a full shell with no authentication.
A missing check in /terminal/ws allowed remote code execution on exposed systems. Exploitation began within 9 hours of disclosure—no PoC needed.
A missing check in /terminal/ws allowed remote code execution on exposed systems. Exploitation began within 9 hours of disclosure—no PoC needed.
A 13-year-old flaw in Apache ActiveMQ can lead to RCE.
CVE-2026-34197 lets attackers run OS commands via the Jolokia API. Chained with CVE-2024-32114, it becomes unauthenticated RCE on some versions.
Patched in 5.19.4 and 6.2.3.
CVE-2026-34197 lets attackers run OS commands via the Jolokia API. Chained with CVE-2024-32114, it becomes unauthenticated RCE on some versions.
Patched in 5.19.4 and 6.2.3.
Google rolled out Device Bound Session Credentials (DBSC) in Chrome 146 (Windows).
It ties session cookies to a device using hardware keys, so stolen cookies can’t be reused without that device. Cookies expire quickly without validation.
It ties session cookies to a device using hardware keys, so stolen cookies can’t be reused without that device. Cookies expire quickly without validation.
Smart Slider 3 Pro shipped a backdoored update (3.5.1.35) via its official update system.
For ~6 hours, installs got hidden admin accounts, pre-auth remote code execution via HTTP headers, and full credential + site data exfiltration with persistent backdoors.
For ~6 hours, installs got hidden admin accounts, pre-auth remote code execution via HTTP headers, and full credential + site data exfiltration with persistent backdoors.
Durov blasts WhatsApp: Despite claims, it has full access to user messages!
Telegram CEO Paul Durov: WhatsApp's "encryption" might be history's biggest consumer scam, fooling billions.
It reads your chats & shares with third parties. Telegram never has, never will.
#Cybersecurity #Privacy #Telegram
Telegram CEO Paul Durov: WhatsApp's "encryption" might be history's biggest consumer scam, fooling billions.
It reads your chats & shares with third parties. Telegram never has, never will.
#Cybersecurity #Privacy #Telegram
Bitcoin Depot Breach Alert: Crypto ATM giant (25K+ machines worldwide) hit by hackers!
Attackers breached the network, accessed multiple digital wallets, and stole ~50 BTC ($3.6M).
Company disclosed to US SEC. Major reminder: Even big players aren't immune.
Attackers breached the network, accessed multiple digital wallets, and stole ~50 BTC ($3.6M).
Company disclosed to US SEC. Major reminder: Even big players aren't immune.
Attackers exploiting a zero-day in the latest Adobe Reader via malicious PDFs—no user action needed beyond opening the file.
Triggers obfuscated JS to access privileged APIs, steals local data, exfils via C2. No patch or Adobe response yet.
Advice: Skip unknown PDFs, especially in Reader. Disable JS if possible.
Triggers obfuscated JS to access privileged APIs, steals local data, exfils via C2. No patch or Adobe response yet.
Advice: Skip unknown PDFs, especially in Reader. Disable JS if possible.
Myth Busted: Basic Phones Aren't Always Secure
Many pick "dumbphones" (e.g., old Nokias) to dodge tracking—but they're not inherently safer than smartphones, and often *more* vulnerable.
Digital forensics tools easily recover deleted data (texts/photos) since storage lacks proper encryption. "Delete" just hides it, not wipes it.
Many pick "dumbphones" (e.g., old Nokias) to dodge tracking—but they're not inherently safer than smartphones, and often *more* vulnerable.
Digital forensics tools easily recover deleted data (texts/photos) since storage lacks proper encryption. "Delete" just hides it, not wipes it.
Hungary's Mass Spy Scandal: Israeli Webloc Tool Exposed
Citizen Lab & VSquare reveal: Orbán's intel agencies using Israeli Cobwebs' "Webloc" to track millions worldwide via GPS, Wi-Fi, ad data—profiling homes, routines, views.
Tied to Viktor Orbán & Antal Rogán; license renewed pre-2026 elections (Apr 12). First confirmed EU deploy—likely GDPR violation.
Citizen Lab & VSquare reveal: Orbán's intel agencies using Israeli Cobwebs' "Webloc" to track millions worldwide via GPS, Wi-Fi, ad data—profiling homes, routines, views.
Tied to Viktor Orbán & Antal Rogán; license renewed pre-2026 elections (Apr 12). First confirmed EU deploy—likely GDPR violation.
France intends to move government computers from Microsoft Windows to Linux to reduce dependence on U.S. technology.
Massive data leak hits China: Over 50 billion records exposed on a cybercrime forum by threat actor “PixieSteed.”
The leaked multi-terabyte dataset reportedly includes user info, purchase histories, and logistics data from e-commerce platforms and citizen databases — one of the largest breaches in recent years.
The leaked multi-terabyte dataset reportedly includes user info, purchase histories, and logistics data from e-commerce platforms and citizen databases — one of the largest breaches in recent years.
ShinyHunters claim a new victim: Rockstar Games 🇺🇸
The group says the breach was made possible after compromising Anodot, from which they allegedly obtained credentials to access Rockstar’s Snowflake environment.
The group says the breach was made possible after compromising Anodot, from which they allegedly obtained credentials to access Rockstar’s Snowflake environment.
Police and intelligence agencies are using phone ad data to track people.
Up to 500M devices feed Webloc, built by Cobwebs and sold by Penlink, enabling location tracking, identity inference, and 3-year history, per Citizen Lab.
Up to 500M devices feed Webloc, built by Cobwebs and sold by Penlink, enabling location tracking, identity inference, and 3-year history, per Citizen Lab.