International Cyber Digest
6.28K subscribers
940 photos
52 videos
2 files
170 links
Independent reporting on cybersecurity, tech, AI & digital policy. Got a tip? http://internationalcyberdigest.com/tips
Download Telegram
‼️ iPhone 18 Pro photos were LEAKED as a result of the Tata Electronics breach we reported about recently.

On the specs: the A20 Pro is reportedly fabbed by TSMC on its first 2nm (N2) process, paired with 96-bit-wide LPDDR6 and a reported 12GB on the 18 Pro.

Tata builds about a third of Apple's iPhones in India, more than 204,000 documents totalling 630+ GB have been leaked including Tesla and Apple confidential documents.

https://www.internationalcyberdigest.com/tata-electronics-leaked-iphone-18-pro-photos-and-designs/
πŸ’©9🀣5❀1
‼️ iPhone 18 Pro photos were LEAKED as a result of the Tata Electronics breach we reported about recently.

On the specs: the A20 Pro is reportedly fabbed by TSMC on its first 2nm (N2) process, paired with 96-bit-wide LPDDR6 and a reported 12GB on the 18 Pro.

Tata builds about a third of Apple's iPhones in India, more than 204,000 documents totalling 630+ GB have been leaked including Tesla and Apple confidential documents.

https://www.internationalcyberdigest.com/tata-electronics-leaked-iphone-18-pro-photos-and-designs/
❀10πŸ’©1
‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message.

Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice.

A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust.

Read:
https://www.internationalcyberdigest.com/claude-code-accused-of-hiding-china-proxy-fingerprints-inside-system-prompts/
πŸ’©15❀7πŸ”₯3🀣3πŸ‘2πŸ‘1
‼️Researchers found six wireless pre-authentication vulnerabilities in Apple AirDrop and Google/Samsung Quick Share, the proximity file-transfer protocols running on over 5 billion devices. The bugs are reachable from wireless range with no pairing.

Five are denial-of-service or protocol-manipulation flaws. One, a use-after-free in Quick Share for Windows, earned a Google bounty and is rated potentially exploitable. The team says it could not bypass the file-transfer consent prompt.

Apple, Samsung, and Google have acknowledged the reports Most are not yet patched, and no CVEs have been assigned, with one pending for the Windows bug.

Read: https://www.internationalcyberdigest.com/researchers-find-six-new-vulnerabilities-in-airdrop-and-quick-share-affecting-5-billion-devices/
❀2
‼️ Huntress' CEO says it's not illegal that an employee of theirs tipped off a threat actor about the FBI looking for them, then closes his blog post with "protecting ALL businesses while wrecking adversaries in the process."

How exactly are you wrecking adversaries when you act as their informant by allegedly sending them screenshots that named FBI agents?

Their CEO, Kyle Hanslovan, said in an interview today that a current employee told a ransomware actor that law enforcement had reached out asking about that actor. He calls it "poor judgment," says it was not illegal, and rejects the "insider threat" label.

The former employee who raised it, Ben Folland, says that admission proves his point. He alleges the employee forwarded FBI communications to the DevMan ransomware group, then refused to cooperate with the FBI. His supporting evidence is not public yet.

Threat-intel teams routinely talk to criminals for research, but once a researcher warns a target that law enforcement is circling, an active case can collapse, and that is the line Huntress now has to defend in public.

We've reached out to Huntress with questions about the employee who allegedly sent DevMan information, and they pointed us to their CEO's blog post.

Article: https://www.internationalcyberdigest.com/huntress-admits-an-employee-tipped-a-ransomware-actor-to-law-enforcement/
πŸ’©9❀6πŸ‘1😁1
International Cyber Digest
‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message. Claude Code is sending info like timezone, proxy and…
Anthropic technical staff member Thariq has shed some light on why Anthropic implemented the spyware-like code, saying the code is being rolled back in tomorrow’s release. Thank you for the reply Thariq.
πŸ’©17🀣8πŸ‘2😭2πŸ€ͺ2
‼️ BREAKING: Apple's Hide My Email lets almost anyone uncover the real address behind a "hidden" alias, and Apple has left it unpatched for over a year.

It was reported to Apple in June 2025 by Tyler Murphy of EasyOptOuts. He says every Hide My Email address checked in limited volunteer tests was exploitable.

If you use Hide My Email to keep a real address off people-search sites or away from someone dangerous, treat that anonymity as unreliable.

https://www.internationalcyberdigest.com/apple-hide-my-email-doesnt-hide-your-email/
πŸ‘9❀3πŸ”₯1πŸ™1
❗️ The DOJ announced today that Peter Stokes, 19, a US-Estonian dual citizen and alleged member of the Scattered Spider cybercrime group, was extradited from Finland and charged in the Northern District of Illinois with conspiracy, computer intrusion, and fraud.

More than $100 million in ransom payments, belongs to the group across 100-plus intrusions; the only conduct the complaint pins on him is a May 2025 breach of a luxury jewelry retailer with an $8 million demand that went unpaid.

Stokes is the latest Scattered Spider figure pulled into US courts through international cooperation, here with Finland's National Bureau of Investigation and an Interpol Red Notice. The case sits inside Operation Riptide, the FBI campaign the bureau says is responding to more than $20 billion in reported US cybercrime losses last year.


Read the article:
https://www.internationalcyberdigest.com/us-extradites-alleged-scattered-spider-member-from-finland/
🀣10❀6πŸ”₯1
❗️ Steam is hosting a game called Woman Simulator, an unreleased game where players do chores as a housewife under a "tyrannical husband" who punishes substandard work, per the developer's own description.

The renewed backlash lands weeks after Plantation Simulator, a game Valve never acted on. Its developer pulled it in late May while Valve stayed silent through the entire uproar.

Valve's stated policy since 2018 is to allow nearly everything and let players filter.
πŸ”₯19🀣9πŸ’©2❀1πŸ‘1