😬 Former Meta employee reportedly bypassed internal security to download ~30K private Facebook photos. Meta confirmed the breach, fired the employee, and notified affected users. The case resurfaces questions about how “private” data really is — especially amid new lawsuits over WhatsApp’s end‑to‑end encryption claims.
Brockton Hospital in the U.S. hit by a ransomware attack attributed to the *Anubis* group. Critical systems shut down, ambulances diverted, and staff reportedly reverting to “pen and paper” operations for up to two weeks. #Ransomware
Cyberattack hits a U.S. company — the group *Ababil of Minab* claims responsibility for breaching GPS tracking firm *Vyncs*. The company confirmed the incident on Facebook, reporting most systems now restored following the disruption.
Handala: Cyberattack disabled Bahrain and Saudi steel giants Foulath and SULB in retaliatory operation
Pro-Palestinian collective Handala has claimed responsibility for a large-scale cyber operation targeting two major steel producers in the Gulf, saying it disrupted operations at Foulath Holding in Bahrain and Saudi Basic Steel Industries (SULB) in Saudi Arabia. The group alleges both companies were forced out of operational status following what it described as an “unprecedented” digital breach.
#TGITM @TheGhostITM
Pro-Palestinian collective Handala has claimed responsibility for a large-scale cyber operation targeting two major steel producers in the Gulf, saying it disrupted operations at Foulath Holding in Bahrain and Saudi Basic Steel Industries (SULB) in Saudi Arabia. The group alleges both companies were forced out of operational status following what it described as an “unprecedented” digital breach.
#TGITM @TheGhostITM
In its statement, the group said the operation came in response to earlier attacks on steel facilities it links to the Resistance Axis, the action as retaliation and a warning that any strike against aligned infrastructure will be answered. It described the two companies as central to regional industrial capacity, claiming they were “completely compromised” in the course of the operation.
This cyber operation is both a retaliation for the blood of martyred hackers (Iranian branch) during the Ramadan War and a firm response to the recent crimes against the people of South Lebanon.
#TGITM @TheGhostITM
This cyber operation is both a retaliation for the blood of martyred hackers (Iranian branch) during the Ramadan War and a firm response to the recent crimes against the people of South Lebanon.
#TGITM @TheGhostITM
Handala: "We warn all Epsteinist leaders in the region. This strike is only the beginning of a wave of retribution and demonstrates that Handala’s hand remains on the trigger; no act of treachery will go unanswered, and the age of false security is over."
#TGITM @TheGhostITM
#TGITM @TheGhostITM
US Vyncs Confirms Cyberattack Hit—Cyber Resilience Fears Spike
Vyncs (US telematics firm) took services offline amid network threats; restoration underway in phases.
P.S.: Latest US incidents—from outages to LA transit hacks—expose glaring cyber fragility in critical infra.
Vyncs (US telematics firm) took services offline amid network threats; restoration underway in phases.
P.S.: Latest US incidents—from outages to LA transit hacks—expose glaring cyber fragility in critical infra.
Bombshell Report: CIA Used Pegasus in US Pilot Rescue Op
London Times claims CIA deployed NSO's Pegasus spyware in a deception op to locate downed American pilot—hijacking WhatsApp/Signal with fake msgs from "Iranian officials" luring IRGC to reveal position.
Pegasus excels at spoofing comms as victim's device for intel grabs.
Note: Dubious fit for Iran ops—WhatsApp rarely used for sensitive IRGC work.
London Times claims CIA deployed NSO's Pegasus spyware in a deception op to locate downed American pilot—hijacking WhatsApp/Signal with fake msgs from "Iranian officials" luring IRGC to reveal position.
Pegasus excels at spoofing comms as victim's device for intel grabs.
Note: Dubious fit for Iran ops—WhatsApp rarely used for sensitive IRGC work.
AI Cyber Arms Race Kicks Off
New AI model "Mythos" rivals state-level cyber tools—now limited to elite firms & experts for security fixes.
But access won't stay exclusive. Tech corps are igniting a fierce cyberattack rivalry, bypassing govs.
Dawn of AI-fueled cyberwar: Future versions will be deadlier. Game on.
New AI model "Mythos" rivals state-level cyber tools—now limited to elite firms & experts for security fixes.
But access won't stay exclusive. Tech corps are igniting a fierce cyberattack rivalry, bypassing govs.
Dawn of AI-fueled cyberwar: Future versions will be deadlier. Game on.
Android trojan Mirax is spreading via Meta ads, hitting 220K+ accounts with fake streaming apps.
It gives attackers full device control and turns phones into proxy nodes to mask fraud using real IPs.
It gives attackers full device control and turns phones into proxy nodes to mask fraud using real IPs.
108 Chrome extensions with 20,000 installs were tied to one backend stealing user data.
They captured Google accounts, hijacked Telegram sessions, and injected scripts into every page—while posing as games and utilities.
They captured Google accounts, hijacked Telegram sessions, and injected scripts into every page—while posing as games and utilities.
A ShowDoc flaw (CVSS 9.4) is now under active exploitation.
CVE-2025-0520 lets attackers upload web shells via unauthenticated file upload → full server control. First attacks seen via a U.S. honeypot; ~2,000 instances remain exposed, mostly in China.
CVE-2025-0520 lets attackers upload web shells via unauthenticated file upload → full server control. First attacks seen via a U.S. honeypot; ~2,000 instances remain exposed, mostly in China.
CISA added 6 flaws to its KEV list after active exploitation.
A Fortinet bug (9.1) allows unauthenticated remote code execution, while an Exchange flaw is being used to deploy Medusa ransomware.
Federal agencies must patch by April 27.
A Fortinet bug (9.1) allows unauthenticated remote code execution, while an Exchange flaw is being used to deploy Medusa ransomware.
Federal agencies must patch by April 27.
FBI and Indonesian police dismantled W3LL, a phishing platform behind $20M+ fraud attempts.
Used by 500+ actors, it sold tools to steal credentials, bypass MFA, and resell access to 25,000+ accounts.
Used by 500+ actors, it sold tools to steal credentials, bypass MFA, and resell access to 25,000+ accounts.
🆒1
APT37 used Facebook to run a targeted malware campaign.
Fake profiles built trust, moved chats to Telegram, then pushed a trojanized PDF app that installs RokRAT via a JPG payload, using compromised sites and Zoho WorkDrive for control.
Fake profiles built trust, moved chats to Telegram, then pushed a trojanized PDF app that installs RokRAT via a JPG payload, using compromised sites and Zoho WorkDrive for control.
Hacktivist group Handala claims responsibility for taking down Foulat (Bahrain) & SULB (Saudi Arabia), calling it retaliation for "crimes against resistance axis" & slain hackers during "Ramadan War."
Both firms reportedly knocked offline—$5B+ annual revenue, 2M tons steel capacity, 2K+ staff. Group warns: "No point of enemy geography is out of reach."
#TGITM @TheGhostITM
Both firms reportedly knocked offline—$5B+ annual revenue, 2M tons steel capacity, 2K+ staff. Group warns: "No point of enemy geography is out of reach."
#TGITM @TheGhostITM
👏1
Hacker group Handala has announced that it will release, for the first time, footage of reconnaissance and intelligence operations carried out by its operatives in the occupied territories within the coming hours.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala hackers deep penetration of Mossad and Shin Bet facilities as unprecedented footage surfaces of spy chiefs’ homes.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala has obtained and released aerial surveillance of sensitive Israeli sites, including what it describes as Mossad facilities, residences of air force pilots, and homes of senior intelligence officials. A public statement from the group claims the material was gathered over months through operations conducted with the assistance of local collaborators inside the occupied territories:
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala hackers captured aerial footage on operatives of top-secret Mossad headquarters, the homes of Israeli Air Force pilots, residences of senior Iran Desk officials within Mossad, homes of Shin Bet counter-terrorism managers, as well as the travel routes and daily movements of senior Zionist security and military officials,
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala: the footage maps not only locations but also movement patterns and daily routes of senior military and security figures, presenting it as evidence of sustained intelligence access and operational reach. It frames the release as a glimpse into capabilities behind recent undisclosed actions, suggesting a broader campaign that has so far remained largely in the shadows.
#TGITM @TheGhostITM
#TGITM @TheGhostITM