The European Commission has confirmed a significant data breach after its Europa.eu web platform was compromised in a cyberattack claimed by the notorious ShinyHunters extortion gang. The attackers allegedly exfiltrated over 350GB of sensitive data from the Commission’s Amazon Web Services (AWS) cloud environment. Breach Discovery and Response The intrusion was detected on March 24,…
Threat actors are actively exploiting CVE-2026-3055, a critical severity memory overread vulnerability in Citrix NetScaler ADC and NetScaler Gateway appliances. Security researchers at watchTowr have confirmed in-the-wild exploitation began at least March 27, 2026, with attackers extracting authenticated administrative session IDs that could enable full takeover of vulnerable devices. The Vulnerability CVE-2026-3055 is a memory…
The FBI has issued a critical alert warning that Iranian government hackers are weaponizing Telegram as a command and control (C2) channel to steal data from dissidents, opposition groups, and journalists who oppose the regime around the world. According to the FBI alert published Friday, hackers working for Iran’s Ministry of Intelligence and Security (MOIS)…
Iran-linked hackers have successfully breached the personal email account of FBI Director Kash Patel, publishing photos, documents, and email correspondence in a significant escalation of cyber operations targeting senior U.S. government officials. The Handala Hack Team, a hacktivist persona operating on behalf of Iran’s Ministry of Intelligence and Security (MOIS), announced the compromise on Friday,…
A sophisticated new info-stealing malware named Infinity Stealer is targeting macOS systems using an innovative attack chain that combines ClickFix social engineering with Python payloads compiled using the open-source Nuitka compiler. Attack Overview According to Malwarebytes researchers, this marks the first documented macOS campaign combining ClickFix delivery with a Python-based infostealer compiled using Nuitka. The…
A sophisticated new information-stealing malware named Infinity Stealer has emerged targeting macOS systems, combining the increasingly popular ClickFix social engineering technique with advanced evasion capabilities through Nuitka compilation. According to Malwarebytes research, this represents the first documented macOS campaign combining ClickFix delivery with a Python-based infostealer compiled using Nuitka—a technique that produces native binaries far…
Iran-linked hacking group Handala Hack Team has successfully breached the personal email account of FBI Director Kash Patel, publishing photographs and documents stolen from his inbox, according to The Guardian and confirmed by the FBI. Attack Details The breach was announced by Handala on their website, where they stated that Patel “will now find his…
The European Commission, the executive branch of the European Union, has confirmed a significant cyberattack after the notorious ShinyHunters extortion group claimed responsibility for breaching its Amazon Web Services cloud infrastructure and stealing over 350GB of sensitive data. Attack Details On March 24, 2026, the European Commission detected malicious activity targeting its cloud infrastructure hosting…
Security researchers at Malwarebytes have uncovered a new macOS infostealer called Infinity Stealer that combines the ClickFix social engineering technique with a Python payload compiled using the open-source Nuitka compiler — a first for documented macOS malware campaigns. Why Nuitka Matters Unlike PyInstaller, which bundles Python with bytecode that analysts can often extract and decompile,…
The FBI has issued a public alert warning that Iranian government hackers affiliated with the Ministry of Intelligence and Security (MOIS) are actively weaponizing Telegram as a command-and-control (C2) platform to conduct espionage operations against dissidents, opposition groups, and journalists worldwide. Attack Chain: From Social Engineering to Full Device Compromise The sophisticated attack campaign begins…
