APT37 used Facebook to run a targeted malware campaign.
Fake profiles built trust, moved chats to Telegram, then pushed a trojanized PDF app that installs RokRAT via a JPG payload, using compromised sites and Zoho WorkDrive for control.
Fake profiles built trust, moved chats to Telegram, then pushed a trojanized PDF app that installs RokRAT via a JPG payload, using compromised sites and Zoho WorkDrive for control.
Hacktivist group Handala claims responsibility for taking down Foulat (Bahrain) & SULB (Saudi Arabia), calling it retaliation for "crimes against resistance axis" & slain hackers during "Ramadan War."
Both firms reportedly knocked offline—$5B+ annual revenue, 2M tons steel capacity, 2K+ staff. Group warns: "No point of enemy geography is out of reach."
#TGITM @TheGhostITM
Both firms reportedly knocked offline—$5B+ annual revenue, 2M tons steel capacity, 2K+ staff. Group warns: "No point of enemy geography is out of reach."
#TGITM @TheGhostITM
👏1
Hacker group Handala has announced that it will release, for the first time, footage of reconnaissance and intelligence operations carried out by its operatives in the occupied territories within the coming hours.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala hackers deep penetration of Mossad and Shin Bet facilities as unprecedented footage surfaces of spy chiefs’ homes.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala has obtained and released aerial surveillance of sensitive Israeli sites, including what it describes as Mossad facilities, residences of air force pilots, and homes of senior intelligence officials. A public statement from the group claims the material was gathered over months through operations conducted with the assistance of local collaborators inside the occupied territories:
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala hackers captured aerial footage on operatives of top-secret Mossad headquarters, the homes of Israeli Air Force pilots, residences of senior Iran Desk officials within Mossad, homes of Shin Bet counter-terrorism managers, as well as the travel routes and daily movements of senior Zionist security and military officials,
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Handala: the footage maps not only locations but also movement patterns and daily routes of senior military and security figures, presenting it as evidence of sustained intelligence access and operational reach. It frames the release as a glimpse into capabilities behind recent undisclosed actions, suggesting a broader campaign that has so far remained largely in the shadows.
#TGITM @TheGhostITM
#TGITM @TheGhostITM
Composer disclosed two command injection flaws (CVE-2026-40176 and CVE-2026-40261) with up to CVSS 8.8 severity.
Malicious composer.json or crafted source refs can execute arbitrary commands—even without Perforce installed. Affects multiple 2.x versions; patches released and metadata disabled as a precaution.
Malicious composer.json or crafted source refs can execute arbitrary commands—even without Perforce installed. Affects multiple 2.x versions; patches released and metadata disabled as a precaution.
Booking.com Issues Data Breach Alert: Customer Info Potentially Compromised
Booking.com has notified select users via email that unauthorized actors may have accessed reservation-related data, including names, email addresses, phone numbers, postal addresses, and details shared with properties.
Booking.com has notified select users via email that unauthorized actors may have accessed reservation-related data, including names, email addresses, phone numbers, postal addresses, and details shared with properties.
Hacktivist group Nasir has breached the world’s largest Holocaust museum, leaking personal data of visitors, donors, and even undercover intelligence agents. The attack was announced as Israel marks Holocaust Remembrance events — a symbolic strike mixing cyberwarfare.
Reports indicate a surge in Russian-linked cyber activity targeting France’s nuclear deterrence infrastructure. The operations appear focused on mapping communication networks and support contractors — probing for potential vulnerabilities in critical systems.
Hackers stole $9.5M in crypto after uploading a *fake Ledger Live app* to Apple’s App Store.
Around 50 users entered their private keys between April 8–11, giving attackers full access to their wallets.
Around 50 users entered their private keys between April 8–11, giving attackers full access to their wallets.
Following the pro-Palestine hackers’ breach —Israeli PR firm Ben Horin Alexandrowicz is suing three cloud providers, claiming negligence and a cover-up of a data breach that led to massive damages.
One provider responded: “If there was negligence, it lies with the firm itself.”
A fascinating case about shared responsibility and legal accountability in cloud security.
#TGITM @TheGhostITM
One provider responded: “If there was negligence, it lies with the firm itself.”
A fascinating case about shared responsibility and legal accountability in cloud security.
#TGITM @TheGhostITM
Cyber Dispatch™️
Hacktivist group Nasir has breached the world’s largest Holocaust museum, leaking personal data of visitors, donors, and even undercover intelligence agents. The attack was announced as Israel marks Holocaust Remembrance events — a symbolic strike mixing cyberwarfare.
Breach of Yad Vashem museum's systems, leaking files pulled from their CRM database. Access to sensitive visitor/donor data.
#TGITM @TheGhostITM
#TGITM @TheGhostITM