A newly tracked threat cluster is quietly breaching critical infrastructure across Asia.
Attackers exploit web servers, plant web shells, and dump credentials with tools like Mimikatz to move across networks in aviation, energy, and government sectors.
Attackers exploit web servers, plant web shells, and dump credentials with tools like Mimikatz to move across networks in aviation, energy, and government sectors.
Disclosure of documents has revealed cooperation between a UAE satellite company and Israel.
An attack has targeted the network infrastructure of the UAE space company Space42, which was formed through the merger of two Emirati companies, Yahsat and Bayanat. Space42 operates in the fields of satellite services and space communications.
An attack has targeted the network infrastructure of the UAE space company Space42, which was formed through the merger of two Emirati companies, Yahsat and Bayanat. Space42 operates in the fields of satellite services and space communications.
Cyber Dispatch™️
Disclosure of documents has revealed cooperation between a UAE satellite company and Israel. An attack has targeted the network infrastructure of the UAE space company Space42, which was formed through the merger of two Emirati companies, Yahsat and Bayanat.…
Documents detailing contracts between Yahsat and the Gilat company were also released, revealing that they provide infrastructure for Israeli military operations.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Jordan just endured its first major cyber barrage. Government sites, infrastructure, and public services were targeted—#OpIsrael campaign.
DDoS, defacements, hacks, industrial control system (ICS) intrusions and data leaks.
@TheGhostITM
DDoS, defacements, hacks, industrial control system (ICS) intrusions and data leaks.
@TheGhostITM
North Korea’s UNC4899 breached a crypto firm via AirDrop from a develop’s device.
A poisoned archive ran a fake Kubernetes CLI, opened a backdoor, pivoted into Google Cloud, exposed CI/CD tokens & reset accounts to steal millions.
A poisoned archive ran a fake Kubernetes CLI, opened a backdoor, pivoted into Google Cloud, exposed CI/CD tokens & reset accounts to steal millions.
A malicious npm package is spreading a full RAT malware disguised as an OpenClaw installer.
It pulls a hidden second-stage payload and steals browser data, macOS Keychain entries, crypto wallets, and developer cloud credentials.
It pulls a hidden second-stage payload and steals browser data, macOS Keychain entries, crypto wallets, and developer cloud credentials.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The SDK of the Israeli company AppsFlyer was hacked by attackers, who planted malicious code on the domain websdk.appsflyer.com to steal cryptocurrency.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
תוקפים פרצו ל-SDK של החברה הישראלית אפספלייר ושתלו קוד זדוני בדומיין websdk.appsflyer.com שגנב מטבעות קריפטוגרפיים.
@TheGhostITM
@TheGhostITM
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries.
Hackers Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool.
Mossad Intelligence Operation Targeting Citizens' Data
Security agencies have warned of a new enemy campaign infiltrating citizens' phones. Users of popular apps, including InShot and Video Compressor, have encountered advertisements directly created by Mossad agents, prompting individuals to submit photos and videos from various locations.
Security agencies have warned of a new enemy campaign infiltrating citizens' phones. Users of popular apps, including InShot and Video Compressor, have encountered advertisements directly created by Mossad agents, prompting individuals to submit photos and videos from various locations.
Cyber Dispatch™️
Mossad Intelligence Operation Targeting Citizens' Data Security agencies have warned of a new enemy campaign infiltrating citizens' phones. Users of popular apps, including InShot and Video Compressor, have encountered advertisements directly created by Mossad…
The primary objective of these ads is to access citizens' mobile phone data, locations, and personal information for surveillance purposes.
Experts stress that this operation aims to invade privacy and misuse citizens' data; the public is urged not to respond to such requests under any circumstances.
Experts stress that this operation aims to invade privacy and misuse citizens' data; the public is urged not to respond to such requests under any circumstances.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Anonymous hacktivist collective has breached and deleted data from Leshem Shaham & Partners, a prominent Israeli accounting firm, in a cyber operation targeting financial entities.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Killsec (ransomware) attack group publishes the Israeli insurance company "Shlomo Insurance" as a victim, setting an 8-day deadline for ransom payment.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Handala defaced the Hebrew Language Academy's website and wrote on it: "There's no need to learn the language anymore".
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Planet Labs extends restrictions on satellite imagery across West Asia amid Iran’s relentless strikes on US bases
Amid the escalating US-Israeli war on Iran and Iran's subsequent retaliatory strikes on US bases in the region, commercial satellite company Planet Labs has extended the delay on releasing satellite imagery of West Asia from four days to two weeks, citing concerns that the data could be used to target US, NATO, or allied military personnel and infrastructure, according to Bloomberg.
The San Francisco–based firm said it has also expanded the geographic scope of restricted imagery to include all of Iran, nearby allied bases, Gulf states, and other active conflict zones.
Planet Labs claimed the decision was taken independently and was not ordered by any government, describing it as a proactive measure to prevent its high-resolution satellite imagery from being tactically exploited by adversarial actors during the ongoing conflict.
The company previously held back images of Gulf states struck by Iranian drone attacks for 96 hours, but the intensifying war prompted stricter controls.
Many observers view the restrictions as a form of censorship rather than a security measure, arguing that delaying imagery limits independent verification of battlefield developments and damage assessments.
The move highlights the growing strategic role of commercial satellite imagery in modern warfare, where near–real-time data can reveal missile strikes, damage to sensitive infrastructure, and troop movements.
Once tightly controlled by governments, Earth observation has become a multi-billion-dollar industry providing intelligence to military clients, governments, media outlets, and financial markets, raising new questions about information control during active conflicts.
@TheGhostITM
Amid the escalating US-Israeli war on Iran and Iran's subsequent retaliatory strikes on US bases in the region, commercial satellite company Planet Labs has extended the delay on releasing satellite imagery of West Asia from four days to two weeks, citing concerns that the data could be used to target US, NATO, or allied military personnel and infrastructure, according to Bloomberg.
The San Francisco–based firm said it has also expanded the geographic scope of restricted imagery to include all of Iran, nearby allied bases, Gulf states, and other active conflict zones.
Planet Labs claimed the decision was taken independently and was not ordered by any government, describing it as a proactive measure to prevent its high-resolution satellite imagery from being tactically exploited by adversarial actors during the ongoing conflict.
The company previously held back images of Gulf states struck by Iranian drone attacks for 96 hours, but the intensifying war prompted stricter controls.
Many observers view the restrictions as a form of censorship rather than a security measure, arguing that delaying imagery limits independent verification of battlefield developments and damage assessments.
The move highlights the growing strategic role of commercial satellite imagery in modern warfare, where near–real-time data can reveal missile strikes, damage to sensitive infrastructure, and troop movements.
Once tightly controlled by governments, Earth observation has become a multi-billion-dollar industry providing intelligence to military clients, governments, media outlets, and financial markets, raising new questions about information control during active conflicts.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Planet Labs extends restrictions on satellite imagery across West Asia amid Iran’s relentless strikes on US bases Amid the escalating US-Israeli war on Iran and Iran's subsequent retaliatory strikes on US bases in the region, commercial satellite company…
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hacktivist Group “Handala” Conducts Cyberattack on U.S. Medical Device Company Stryker
The hacktivist group Handala carried out a large-scale cyber operation targeting Stryker, a U.S.-based medical equipment manufacturer. The attack was described by the group as a response to the attack on a school in Minab and ongoing cyber operations targeting infrastructure associated with the “Resistance Axis.”
In a statement released online, Handala said it successfully executed a major intrusion into Stryker’s digital infrastructure, compromising more than 200,000 systems, servers, and mobile devices.
The operation resulted in the exfiltration of approximately 50 terabytes of data, while Stryker offices in 79 countries were reportedly disrupted or forced offline during the incident.
Handala also accused Stryker of having ties to what it described as Zionist interests and global lobbying networks, presenting these allegations as justification for the cyberattack.
In its statement, the group warned that organizations involved in cyber operations targeting the Resistance Axis Infrastructure should expect further retaliation, declaring that the “era of hit‑and‑run is over.”
@TheGhostITM
The hacktivist group Handala carried out a large-scale cyber operation targeting Stryker, a U.S.-based medical equipment manufacturer. The attack was described by the group as a response to the attack on a school in Minab and ongoing cyber operations targeting infrastructure associated with the “Resistance Axis.”
In a statement released online, Handala said it successfully executed a major intrusion into Stryker’s digital infrastructure, compromising more than 200,000 systems, servers, and mobile devices.
The operation resulted in the exfiltration of approximately 50 terabytes of data, while Stryker offices in 79 countries were reportedly disrupted or forced offline during the incident.
Handala also accused Stryker of having ties to what it described as Zionist interests and global lobbying networks, presenting these allegations as justification for the cyberattack.
In its statement, the group warned that organizations involved in cyber operations targeting the Resistance Axis Infrastructure should expect further retaliation, declaring that the “era of hit‑and‑run is over.”
@TheGhostITM