Microsoft says attackers are poisoning search results to spread fake VPN clients that steal credentials.
The campaign redirects software searches to trojanized installers on GitHub that show fake VPN prompts while Hyrax steals credentials.
The campaign redirects software searches to trojanized installers on GitHub that show fake VPN prompts while Hyrax steals credentials.
Linux AppArmor hit by 9 “CrackArmor” flaws letting unprivileged users manipulate security profiles and escalate to root.
The bugs date back to 2017 and affect kernels 4.11+ across major distros including Ubuntu, Debian, and SUSE.
The bugs date back to 2017 and affect kernels 4.11+ across major distros including Ubuntu, Debian, and SUSE.
Statement No. 27 issued by the Iranian Army:
"We targeted the military intelligence agency "Aman", the 8200 cyber operations units and data processing units, in addition to a gathering site for a number of fighter jets belonging to the entity occupying Jerusalem in the occupied territories".
"We targeted the military intelligence agency "Aman", the 8200 cyber operations units and data processing units, in addition to a gathering site for a number of fighter jets belonging to the entity occupying Jerusalem in the occupied territories".
Starbucks Data Breach - Hundreds of Users' Personal Data Exposed .
This Starbucks breach, exposing SSNs and financial data via phishing, highlights the severe impact of credential theft.
This Starbucks breach, exposing SSNs and financial data via phishing, highlights the severe impact of credential theft.
Microsoft Confirms Windows 11 24H2/25H2 Bug Blocks Access to the System Drive C .
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Israeli regime's Cyber Defense Organization has issued an urgent warning asking settlers and Israeli institutions to disconnect internet-connected security cameras or restrict access to them.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
UAE Oil Firm Hit by Major Cyber Breach
Sharjah National Oil Corporation (SNOC), a key Emirati energy player, has fallen victim to a significant cyber intrusion by hacktivists.
@TheGhostITM
Sharjah National Oil Corporation (SNOC), a key Emirati energy player, has fallen victim to a significant cyber intrusion by hacktivists.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hacktivist attacks surge in Middle East amid escalating tensions.
Western firms like Proofpoint & Check Point report spike in hacktivist ops—groups monitoring targets & hoarding intel for max impact. Regional cyber frontlines heating up fast.
@TheGhostITM
Western firms like Proofpoint & Check Point report spike in hacktivist ops—groups monitoring targets & hoarding intel for max impact. Regional cyber frontlines heating up fast.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hacker group “Handala ”has leaked personal data of 50 senior Israeli Navy officers, including names, photos, ranks, home addresses, and phone numbers.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Bahrain cyber chaos: Gulf Bank, Bahrain Bourse & Gulf Air offline hrs from attacks past 24h. Systems down, ops disrupted—response teams scrambling.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Handala cyber unit claims breach of ex-Mossad deputy Laura Gillinsky: 100K+ secret emails seized from INSS. Reveals $149M Mossad budget (2012-2026) on anti-Iran ops. INSS exposed as Mossad cover for sabotage. Full docs dumping soon; agents now targets.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Israeli AppsFlyer SDK hijacked: Malicious JS swapped crypto wallet addresses mid-tx, draining BTC/ETH/Solana.
@TheGhostITM
@TheGhostITM
Researchers found 72 malicious extensions in the Open VSX registry.
Attackers publish a harmless VS Code extension, gain trust, then update it to pull a GlassWorm dependency.
The payload steals tokens, credentials, and crypto wallets from developer systems.
Attackers publish a harmless VS Code extension, gain trust, then update it to pull a GlassWorm dependency.
The payload steals tokens, credentials, and crypto wallets from developer systems.
China denies cyber espionage allegations against Costa Rica's electricity company
Costa Rican authorities reported a cyber intrusion into the state electricity company (ICE) and the extraction of 9 gigabytes of data, attributing the possible source to China.
Costa Rican authorities reported a cyber intrusion into the state electricity company (ICE) and the extraction of 9 gigabytes of data, attributing the possible source to China.
Microsoft to Block Windows 11 & Server 2025 Automated Installation After RCE Vulnerability .
A set of nine novel cross-tenant vulnerabilities in Google Looker Studio, collectively dubbed "LeakyLooker," that could have allowed attackers to run arbitrary SQL queries, exfiltrate sensitive data, and even modify or delete records across Google Cloud environments, all without victims granting explicit permission.
Metasploit Pro 5.0.0 Released With Powerful New Modules & Critical Enhancements.
A fake job notice triggered full compromise in a Konni campaign.
The attack drops EndRAT, enabling remote control, persistence, and silent data theft, then spreads via KakaoTalk messages from the victim’s account.
Trusted contacts become the attack path.
The attack drops EndRAT, enabling remote control, persistence, and silent data theft, then spreads via KakaoTalk messages from the victim’s account.
Trusted contacts become the attack path.
Firewalls still see encrypted port 443 traffic, not what users actually do inside SaaS apps or AI tools.
As Dedi Shindler (Red Access) notes, that blinds teams to prompts, data leaks, and session activity. The fix isn’t replacing firewalls—it’s adding session-level visibility.
As Dedi Shindler (Red Access) notes, that blinds teams to prompts, data leaks, and session activity. The fix isn’t replacing firewalls—it’s adding session-level visibility.