news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Jobinfo
- Asia
- Israel
- Data Encrypted For Impact
- Middle East
- Handala
- Business Services
- Shelter Locations In Israel
- Retail
- Saudi Arabia
- Cyber Fattah Team
- Saudi Games
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Kibbutz Almog
- Government
- Saban Brands Israel
- Manufacturing
- Digitalghost
- Mprest
- The Knesset
- Evil_Byte
- Gonjeshke Darande
- Nobitex
- Kimia Farma
- Sentap
- exclusive
- Indonesia
- Chemicals And Allied Products
- South-Eastern Asia
- Europe
- Sweden
- Transportation
- Hensi
- Scania
- Northern Europe
- Tbn Israel
- Media
- Education
- Weizmann Institute Of Science
- Israeli Air Force
- Resistancetrench
- Dienet
- Israel Antiquities Authority
- Wazuh
- CVE-2025-24016
- United States
- North America
- Cve-2025-24016
- Mirai
- Epsilor Electric Fuel
- Clayoxtymus1337
- Technology
- India
- Advanced Weapons And Equipment India
- Southern Asia
- Fin6
- More_Eggs
- Cryptocurrency
- Alex Lab
- Edf Energy
- Critical Infrastructures
- United Kingdom
- Zoldyck
- Spearphishing Link
- Ingress Tool Transfer
- Telecommunications
- Spectrum
- Credentials In Files
- Amos
- Unix Shell
- Disable Or Modify Tools
- Match Legitimate Name Or Location
- Sudo And Sudo Caching
- Israel Defense Forces
- Ghna
- Food And Kindred Products
- Coca-Cola Europacific Partners
- Southern Europe
- Automotive
- Italy
- Locauto
- Whitecoat
- Mercadona
- Spain
- Healthcare
- Ups
- Wow Health Solutions
- Rip_Real_World
- Cyprus Airways
- Netsupport Rat
- Illeak
- Tel Aviv University
- Desec0X
- Numero
- Yashma
- Unc6032
- Cyberlock
- Chaos
- Lucky_Gh0$T
- 303
- Deloitte
- Gucci
- Virtualization/Sandbox Evasion
- Input Capture
- Credentials From Web Browsers
- Credentials From Password Stores
- Exfiltration Over C2 Channel
- Data From Local System
- System Information Discovery
- User Execution
- Phishing
- Command And Scripting Interpreter
- Eddiestealer
- Obfuscated Files Or Information
- Drive-By Compromise
- Password Managers
- File And Directory Discovery
- Screen Capture
- Windows Credential Manager
- W_Tchdogs
- Superloop
- Australia And New Zealand
- Australia
- Smb/Windows Admin Shares
- Docker
- Exploitation For Client Execution
- Remote System Discovery
- Lateral Tool Transfer
- Network Service Discovery
- Resource Hijacking
- Change Default File Association
- Deploy Container
- External Remote Services
- Exploit Public-Facing Application
- Web Protocols
- Escape To Host
- Bitdefender
- Venom Rat
- Cameleon
- Financial Theft
- Eastern Europe
- Romania
- Vicioustrap
- Eastern Asia
- Cve-2023-20118
- CVE-2023-20118
- Macao Special Administrative Region
- Cisco
- Cve-2025-0944
- CVE-2025-0944
- Trimble
- Uat-6382
- Tetraloader
- Rundll32
- China
- Dynamic-Link Library Injection
- Regsvr32
- Scheduled Task
- Malicious File
- Masquerade Task Or Service
- Process Discovery
- Valleyrat
- Reflective Code Loading
- File Deletion
- Silver Fox
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- Powershell
- Bumblebee
- Qakbot
- Warmcookie
- Trickbot
- Danabot
- Cetus
- Purehvnc
- Bytebreaker
- Telcel
- Mexico
- Latin America And The Caribbean
- Viralgod
- Peter Green Chilled
- Cellcom
-
Jun 24, 2025
Handala Claims Cyberattack on Israeli Recruitment Firm
On June 24, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a cyberattack targeting Israel Job Info Ltd, a prominent Israeli recruitment and placement company. The group alleged it had exfiltrated 419 gigabytes of internal data, including resumes, employment contracts, internal communications, and client records, and published over 50,000 documents as proof of compromise. Additionally, They warned of additional leaks to come.
-
Jun 24, 2025
Handala Claims Exposure of Israeli Shelter Locations
On June 24, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a large-scale breach involving the exposure of what it describes as a comprehensive database of Israeli shelter locations. The group alleges that the leaked data includes exact geographic coordinates of public and private shelters, structural details, and previously undisclosed emergency infrastructure information.
-
Jun 23, 2025
Cyber Fattah Behind Saudi Games Data Breach
The threat actor group “Cyber Fattah” has allegedly leaked thousands of sensitive records from the Saudi Games, which may include personal information, bank details, and medical certificates of athletes and visitors. The threat actor group gained unauthorized access through phpMyAdmin and exfiltrated data in the form of SQL dumps. The breach is believed to be part of a broader Iranian-led information operation aimed at spreading insecurity and damaging Saudi Arabia’s reputation.
-
Jun 22, 2025
Ben Horin Alexandrovitz Media Firm Alleged Breached by Handala
On June 22, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a large-scale breach of Israeli media and communications firm Ben Horin Alexandrovitz Ltd. The group alleges to have exfiltrated 11 TB of internal data, released over 50,000 documents as proof of compromise and disrupted operations by wiping servers and accessing affiliated platforms. The attack was described as targeting the firm’s alleged ties to Israeli intelligence and psychological operations.
-
Jun 22, 2025
Construction Firm Zacharia Levi Ltd Alleged Breached by Handala
On June 21, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a breach targeting Israeli construction company Zacharia Levi Ltd. The group alleges to have exfiltrated the company’s entire database, including project files, contracts, financial documents, internal communications, and technical blueprints. Over 20GB of data was leaked as proof of compromise.
-
Jun 22, 2025
-
Jun 22, 2025
Kibbutz Almog Allegedly Breached by Handala
On June 20, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for an alleged breach targeting Kibbutz Almog, an Israeli communal settlement. The group alleges to have exfiltrated extensive internal materials, including email communications, financial and personnel records, surveillance footage, and backup archives. As proof of compromise, Handala shared over 60,000 documents proof of compromise and threatened further data exposure.
-
Jun 22, 2025
Surveillance Firm Saban Systems Alleged Breached by Handala
On June 19, 2025, the pro-Palestinian hacktivist group Handala claimed responsibility for a breach targeting Israeli surveillance technology provider Saban Systems. The group alleges to have exfiltrated 254GB of confidential data and has released over 50,000 internal documents as proof of compromise.
-
Jun 19, 2025
DigitalGhost Claims Breach of Israeli Iron Dome Contractor
A threat actor operating under the alias "DigitalGhost" has claimed responsibility for allegedly breaching mPrest, an Israeli technology contractor allegedly involved in developing software for the Iron Dome missile defense system. According to the attacker, they managed to access a database containing personal information of individuals connected to the company. No official confirmation has been provided regarding the authenticity or scope of the breach.
-
Jun 19, 2025
Evil_Byte Claims Breach of Israeli Government Body System June
On June 17, 2025, hacktivist group Evil_Byte claimed responsibility for a cyberattack allegedly targeting Israeli government infrastructure. The group asserted that they had gained root-level access and exfiltrated sensitive data, including authentication credentials and phone numbers linked to Mossad and police personnel. No independent verification of unauthorized access or data theft has been confirmed.
-
Jun 16, 2025
Data Breach Exposes Over 1 Million Records from Indonesian Pharmacy Giant Kimia Farma
A threat actor named "sentap" is offering a 40GB dataset stolen from "Kimia Farma," Indonesia’s leading state-owned pharmacy network, on the dark forum "darkforumes.me." The leak includes over 1 million records containing detailed pharmaceutical inventory, sales transactions, discount schemes, and high-risk stock information collected between March and July 2024. Validated against Kimia Farma’s ERP system, the data reveals sensitive national-level supply chain and market insights valuable for market analysis, cyber intelligence, and social engineering. The dataset is sold for $10,000 USD in Bitcoin or Monero, with an escrow service ensuring transaction security.
-
Jun 16, 2025
Handala Exposes Alleged Intelligence Ties in TBN Israel Breach
On June 16th, Handala claimed responsibility for hacking TBN Israel, a religious broadcaster they accuse of being a Shin Bet front. The group claims to have stolen 542 gigabytes of internal data revealing intelligence ties, censorship strategies, and information warfare campaigns. Handala has promised to release selected documents soon. TBN Israel has not commented.
-
Jun 16, 2025
Handala Claims Breach of Weizmann Institute, 4TB of Data Stolen
On June 16, 2025, the pro-Palestinian hacktivist group Handala claimed to have breached the Weizmann Institute of Science in Israel, alleging the theft of 4 terabytes of confidential scientific data. The group threatened to publicly release the stolen documents, which they claim include sensitive research and internal communications. This attack follows previous claims by Handala targeting Israel’s security, law enforcement, and even educational systems.
-
Jun 15, 2025
Israeli Air Force Pilot Data Allegedly Leaked by Pro-Iranian Actor
On June 15, 2025, Sensitive data belonging to 40 Israeli Air Force pilots was allegedly leaked by a pro-Iranian source amid the ongoing Israel-Iran conflict. The breach reportedly targeted classified military data within the Israeli Ministry of Defense, exposing highly confidential details such as pilots' full names, ages, combat units, air bases, and field roles. According to the attackers, the pilots operated aircraft including the F-15I Ra’am, F-16I Sufa, and F-35I Adir. The credibility of the leak is challenged by the fact that the identity of the threat actor behind the disclosure was not revealed, and the unknown source of the data further raises questions about its authenticity.
-
Jun 12, 2025
Alleged Data Breach of Israeli Antiquities Authority
On June 11, 2025, a threat actor claimed a data breach targeting the Israeli Antiquities Authority, potentially exposing sensitive archaeological or administrative data. This information is recycled and irrelevant, as the claim lacks credible evidence, appears to be outdated, and has no official confirmation from the authority or cybersecurity agencies.
-
Jun 11, 2025
-
Jun 11, 2025
Hacktivist group Claims Breach of Indian Defense Contractor
In June 2025, a threat actor group named ClayOxtymus1337 claimed to have breached Advanced Weapons and Equipment India Limited (AWEIL) and to have gained access to its database. According to the threat actor, sensitive data belonging to AWEIL was taken, including critical weapon technical specifications, secret R&D projects, arms export contracts worth ₹581 crore, and a list of importing countries that could trigger diplomatic pressure.
-
Jun 09, 2025
Wave of Recycled Data Leaks Targets Israeli Institutions to Simulate Active Breach Campaigns
A possibly coordinated wave of threat activity observed in early June 2025 involves the resurfacing of recycled or publicly available data falsely presented as new breaches targeting Israeli institutions, including the Israel Police, Ministry of Housing, IDF, and National Insurance Institute. Threat actors shared large archives and high-profile claims—such as a 16.9 GB police data leak and an alleged Android zero-day used against IDF personnel—to simulate active cyberattacks, despite forensic analysis confirming that most materials are outdated or previously exposed.
-
Jun 03, 2025
Threat Actor Group Claims Breach of Tel Aviv University
In May 2025, a threat actor named "ILleak" claimed to have breached Tel Aviv University, a major Israeli academic institution. According to the threat actor, the stolen data includes personal information on 24,747 students, such as names, family names, ID numbers, phone numbers, emails, and locations.
-
May 26, 2025
Vicioustrap Threat Actor Compromises Thousands of Network Devices
Cybersecurity researchers have uncovered a threat actor known as Vicioustrap, who has compromised approximately 5,300 network edge devices across 84 countries, primarily in Macau. This actor exploits a critical vulnerability (CVE-2023-20118) in various Cisco routers to redirect traffic to a honeypot-like infrastructure, allowing them to monitor and intercept network flows. The attack chain involves executing a shell script that facilitates adversary-in-the-middle attacks, with indications that the actor may be of Chinese-speaking origin. The ultimate goal of the Vicioustrap operation remains uncertain, although it is believed to be focused on creating a honeypot network.
-
May 26, 2025
New Malware Campaign Targets Chinese-Speaking Users with Winos 4.0
Cybersecurity researchers have uncovered a malware campaign that employs fake software installers disguised as popular applications like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. First identified by Rapid7 in February 2025, the campaign utilizes a sophisticated multi-stage loader called Catena, which operates entirely in memory to evade traditional antivirus detection. The malware, attributed to a threat actor known as Silver Fox, specifically targets Chinese-speaking environments and has been active throughout 2025, adapting its tactics to maintain persistence and avoid detection. The campaign leverages trojanized NSIS installers and is characterized by its careful planning and execution.