Forwarded from 𓂆 Palestine
Handala hacker group leaks names of 400 US Navy officers in what it calls 'Operation Premature Death'
The cyber resistance group Handala announced the successful breach and exposure of 400 senior US Navy officers currently deployed in the Persian Gulf as part of "Operation Premature Death." The group published a detailed list including ranks and operational units, claiming their "shadows" are monitoring every movement within the US fleet. Handala stated that a direct alert was sent to the secure phones of these officers, warning them that "the sea is no longer safe" for those choosing the path of aggression in West Asia.
The statement: "This is proof that our eyes remain wide open and ever vigilant in the heart of your fleet."
#OpIsraelTeam
The cyber resistance group Handala announced the successful breach and exposure of 400 senior US Navy officers currently deployed in the Persian Gulf as part of "Operation Premature Death." The group published a detailed list including ranks and operational units, claiming their "shadows" are monitoring every movement within the US fleet. Handala stated that a direct alert was sent to the secure phones of these officers, warning them that "the sea is no longer safe" for those choosing the path of aggression in West Asia.
The statement: "This is proof that our eyes remain wide open and ever vigilant in the heart of your fleet."
#OpIsraelTeam
Critical flaws hit MOVEit Automation.
A CVSS 9.8 bug allows authentication bypass, while another enables privilege escalation. Progress Software has issued patches—no exploitation reported yet.
A CVSS 9.8 bug allows authentication bypass, while another enables privilege escalation. Progress Software has issued patches—no exploitation reported yet.
US AI Cyber Exercise
The US Army ran a cyber drill with 14 tech firms simulating 2027 AI-driven attacks in an Indo-Pacific crisis. Enemy AI launched rapid, adaptive salvos outpacing human defenders, stressing the need for automated systems in future cyber warfare.
The US Army ran a cyber drill with 14 tech firms simulating 2027 AI-driven attacks in an Indo-Pacific crisis. Enemy AI launched rapid, adaptive salvos outpacing human defenders, stressing the need for automated systems in future cyber warfare.
ByteDance Enters Pharma
ByteDance, TikTok's owner, launched Anew Labs (also called Aniu Labs) for AI-driven drug discovery. It unveiled an AI-designed IL-17 inhibitor for autoimmune diseases at Immunology 2026 in Boston, using generative AI trained on millions of biomolecular complexes.
This marks ByteDance's push into advanced therapies previously deemed undruggable.
ByteDance, TikTok's owner, launched Anew Labs (also called Aniu Labs) for AI-driven drug discovery. It unveiled an AI-designed IL-17 inhibitor for autoimmune diseases at Immunology 2026 in Boston, using generative AI trained on millions of biomolecular complexes.
This marks ByteDance's push into advanced therapies previously deemed undruggable.
ConsentFix v3 Attack
Hackers released ConsentFix v3, automating OAuth abuse against Microsoft Azure. Victims paste auth codes from fake pages, bypassing MFA for account access without passwords; it's circulating on forums with tools for phishing and exfiltration.
Hackers released ConsentFix v3, automating OAuth abuse against Microsoft Azure. Victims paste auth codes from fake pages, bypassing MFA for account access without passwords; it's circulating on forums with tools for phishing and exfiltration.
Forwarded from 𓂆 Palestine
Handala Hackers Breach Confidential Fujairah Port Documents
Handala group claims advanced cyber operation against UAE's strategic Fujairah port.
Compromised assets include contract details, vessel traffic logs, financial transactions, and highly classified blueprints of oil pipelines and subsurface infrastructure.
Precision maps immediately shared with Resistance Axis missile units, enabling targeted strikes on critical port targets.
Handala: "No covert or overt UAE-Zionist-US collaboration escapes detection; every act of betrayal will face retaliation."
Over 430,000 confidential documents exfiltrated from Fujairah servers; now publicly available for download.
#OpIsraelTeam
Handala group claims advanced cyber operation against UAE's strategic Fujairah port.
Compromised assets include contract details, vessel traffic logs, financial transactions, and highly classified blueprints of oil pipelines and subsurface infrastructure.
Precision maps immediately shared with Resistance Axis missile units, enabling targeted strikes on critical port targets.
Handala: "No covert or overt UAE-Zionist-US collaboration escapes detection; every act of betrayal will face retaliation."
Over 430,000 confidential documents exfiltrated from Fujairah servers; now publicly available for download.
#OpIsraelTeam
Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server.
Cyber Dispatch™️
Google now offers up to $1.5 million for some Android exploits.
The top reward of $1.5 million is reserved for zero-click Pixel Titan M2 security chip full-chain exploits with persistence, the most technically demanding attack scenario in the program, while the same exploits, but without persistence, are also eligible for up to $750,000.
Cyber Dispatch™️
Google now offers up to $1.5 million for some Android exploits.
On the Google Chrome side, full-chain browser process exploits on up-to-date operating systems and hardware now come with rewards of up to $250,000, plus an additional $250,128 bonus for successfully exploiting MiraclePtr-protected memory allocations.
❤1
Critical MajorDoMo RCE (CVE-2026-27174): Unauthenticated Remote Code Execution Analysis.
Chinese-linked Salt Typhoon suspected in Italy's Sistemi Informativi breach.
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools.
A scan of 2M hosts found 1M exposed services, revealing widespread security gaps in self-hosted AI systems.
31% of 5,200 Ollama servers responded without authentication, and 90+ platforms were publicly accessible. Weak defaults and misconfigurations are driving exposure.
31% of 5,200 Ollama servers responded without authentication, and 90+ platforms were publicly accessible. Weak defaults and misconfigurations are driving exposure.
North Korea-linked ScarCruft breached sqgame[.]net in a supply chain attack, deploying BirdCall malware targeting ethnic Koreans in China.
Trojanized Android apps and earlier Windows updates enabled surveillance via cloud-based control systems.
Trojanized Android apps and earlier Windows updates enabled surveillance via cloud-based control systems.
A critical MetInfo CMS flaw (CVE-2026-29014, CVSS 9.8) is under active exploitation, allowing unauthenticated remote code execution.
Attacks began April 25 and surged by May 1, targeting exposed systems globally.
Attacks began April 25 and surged by May 1, targeting exposed systems globally.