Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries.
All Brazilians potentially impacted by alleged breach of Experian subsidiary.
Users react to Apple Maps erasing names of Lebanese villages and territories in southern Lebanon.
🇦🇪 Hacktivist group *Handala* carried out a broad cyberattack targeting multiple Dubai institutions — including the RTA, Land Department (DLD), and Courts Department. Data was reportedly deleted, and local reports confirm service disruptions at the RTA.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
😬 Former Meta employee reportedly bypassed internal security to download ~30K private Facebook photos. Meta confirmed the breach, fired the employee, and notified affected users. The case resurfaces questions about how “private” data really is — especially amid new lawsuits over WhatsApp’s end‑to‑end encryption claims.
Brockton Hospital in the U.S. hit by a ransomware attack attributed to the *Anubis* group. Critical systems shut down, ambulances diverted, and staff reportedly reverting to “pen and paper” operations for up to two weeks. #Ransomware
Cyberattack hits a U.S. company — the group *Ababil of Minab* claims responsibility for breaching GPS tracking firm *Vyncs*. The company confirmed the incident on Facebook, reporting most systems now restored following the disruption.
Handala: Cyberattack disabled Bahrain and Saudi steel giants Foulath and SULB in retaliatory operation
Pro-Palestinian collective Handala has claimed responsibility for a large-scale cyber operation targeting two major steel producers in the Gulf, saying it disrupted operations at Foulath Holding in Bahrain and Saudi Basic Steel Industries (SULB) in Saudi Arabia. The group alleges both companies were forced out of operational status following what it described as an “unprecedented” digital breach.
#TGITM @TheGhostITM
Pro-Palestinian collective Handala has claimed responsibility for a large-scale cyber operation targeting two major steel producers in the Gulf, saying it disrupted operations at Foulath Holding in Bahrain and Saudi Basic Steel Industries (SULB) in Saudi Arabia. The group alleges both companies were forced out of operational status following what it described as an “unprecedented” digital breach.
#TGITM @TheGhostITM
In its statement, the group said the operation came in response to earlier attacks on steel facilities it links to the Resistance Axis, the action as retaliation and a warning that any strike against aligned infrastructure will be answered. It described the two companies as central to regional industrial capacity, claiming they were “completely compromised” in the course of the operation.
This cyber operation is both a retaliation for the blood of martyred hackers (Iranian branch) during the Ramadan War and a firm response to the recent crimes against the people of South Lebanon.
#TGITM @TheGhostITM
This cyber operation is both a retaliation for the blood of martyred hackers (Iranian branch) during the Ramadan War and a firm response to the recent crimes against the people of South Lebanon.
#TGITM @TheGhostITM
Handala: "We warn all Epsteinist leaders in the region. This strike is only the beginning of a wave of retribution and demonstrates that Handala’s hand remains on the trigger; no act of treachery will go unanswered, and the age of false security is over."
#TGITM @TheGhostITM
#TGITM @TheGhostITM
US Vyncs Confirms Cyberattack Hit—Cyber Resilience Fears Spike
Vyncs (US telematics firm) took services offline amid network threats; restoration underway in phases.
P.S.: Latest US incidents—from outages to LA transit hacks—expose glaring cyber fragility in critical infra.
Vyncs (US telematics firm) took services offline amid network threats; restoration underway in phases.
P.S.: Latest US incidents—from outages to LA transit hacks—expose glaring cyber fragility in critical infra.
Bombshell Report: CIA Used Pegasus in US Pilot Rescue Op
London Times claims CIA deployed NSO's Pegasus spyware in a deception op to locate downed American pilot—hijacking WhatsApp/Signal with fake msgs from "Iranian officials" luring IRGC to reveal position.
Pegasus excels at spoofing comms as victim's device for intel grabs.
Note: Dubious fit for Iran ops—WhatsApp rarely used for sensitive IRGC work.
London Times claims CIA deployed NSO's Pegasus spyware in a deception op to locate downed American pilot—hijacking WhatsApp/Signal with fake msgs from "Iranian officials" luring IRGC to reveal position.
Pegasus excels at spoofing comms as victim's device for intel grabs.
Note: Dubious fit for Iran ops—WhatsApp rarely used for sensitive IRGC work.
AI Cyber Arms Race Kicks Off
New AI model "Mythos" rivals state-level cyber tools—now limited to elite firms & experts for security fixes.
But access won't stay exclusive. Tech corps are igniting a fierce cyberattack rivalry, bypassing govs.
Dawn of AI-fueled cyberwar: Future versions will be deadlier. Game on.
New AI model "Mythos" rivals state-level cyber tools—now limited to elite firms & experts for security fixes.
But access won't stay exclusive. Tech corps are igniting a fierce cyberattack rivalry, bypassing govs.
Dawn of AI-fueled cyberwar: Future versions will be deadlier. Game on.
Android trojan Mirax is spreading via Meta ads, hitting 220K+ accounts with fake streaming apps.
It gives attackers full device control and turns phones into proxy nodes to mask fraud using real IPs.
It gives attackers full device control and turns phones into proxy nodes to mask fraud using real IPs.
108 Chrome extensions with 20,000 installs were tied to one backend stealing user data.
They captured Google accounts, hijacked Telegram sessions, and injected scripts into every page—while posing as games and utilities.
They captured Google accounts, hijacked Telegram sessions, and injected scripts into every page—while posing as games and utilities.
A ShowDoc flaw (CVSS 9.4) is now under active exploitation.
CVE-2025-0520 lets attackers upload web shells via unauthenticated file upload → full server control. First attacks seen via a U.S. honeypot; ~2,000 instances remain exposed, mostly in China.
CVE-2025-0520 lets attackers upload web shells via unauthenticated file upload → full server control. First attacks seen via a U.S. honeypot; ~2,000 instances remain exposed, mostly in China.
CISA added 6 flaws to its KEV list after active exploitation.
A Fortinet bug (9.1) allows unauthenticated remote code execution, while an Exchange flaw is being used to deploy Medusa ransomware.
Federal agencies must patch by April 27.
A Fortinet bug (9.1) allows unauthenticated remote code execution, while an Exchange flaw is being used to deploy Medusa ransomware.
Federal agencies must patch by April 27.
FBI and Indonesian police dismantled W3LL, a phishing platform behind $20M+ fraud attempts.
Used by 500+ actors, it sold tools to steal credentials, bypass MFA, and resell access to 25,000+ accounts.
Used by 500+ actors, it sold tools to steal credentials, bypass MFA, and resell access to 25,000+ accounts.
🆒1