F@pei

If you use a personal phone/laptop for your work, pay very close attention to this little detail. Iran attackers wipe 200k devices at a company called Stryker. Within those devices appears to be employees PERSONAL devices. The attackers used the company’s MDM software, which is basically IT management software running on everything. It’s an incredibly attractive backdoor to an attacker. I successfully targeted MDM software for several Red Team engagements. It’s… lots of fun :) Anyway, a lot of companies require you to install their MDM software on your personal devices before you can access resources like Corp email. It’s used to keep devices updated, lock things down if they get stolen, etc. The company often promises that they won’t access personal data, erase any personal data, etc. But this is often ONLY POLICY. If a bad actor gains access to the MDM tool, as was the case here, then anything can happen. People should be aware of these risks. I refused to run MDM software on any of my personal devices. The company needs to provide me with hardware if they want that. I personally isolate all corp devices to their own network too. If an adversary can get into the corp laptop, then can then get inside my network… there have been cases of it happening in the past.

‼️ Unremovable Israeli Spyware Found on Samsung Devices Samsung faces backlash over AppCloud, an Israeli-developed app pre-installed on budget Galaxy A and M series devices. Investigations reveal the app is embedded in the operating system, preventing full removal. Even when disabled, AppCloud remains on the device, reappears after updates, and can covertly install additional software.

🚨Alert🚨CVE-2025-7775 (CVSS 9.2) : Memory Overflow Vulnerability Leading to Remote Code Execution and/or Denial-of-Service 📊183.9K+Services are found on the https://t.co/g3tSyh1Boc yearly. 🔗Hunter Link:https://t.co/uR2hNhEufB 👇Query HUNTER : https://t.co/yFFcJwegJK="NetScaler Gateway"||https://t.co/yFFcJwegJK="NetScaler ADC" 📰Refer:https://t.co/moWyid9moS https://t.co/lQobexD7R3 https://t.co/OSbw6hPFvf #hunterhow #infosec #infosecurity #OSINT #Vulnerability

⚠️ A single click on a fake site can hijack your password manager. Researchers found 11 popular extensions (1Password, LastPass, iCloud & more) vulnerable—putting logins, 2FA codes, and credit cards at risk. 6 vendors still haven’t patched. Protect your PASSWORDS ↓ https://t.co/C7GrZY7K2f

This is my will and my final message. If these words reach you, know that Israel has succeeded in killing me and silencing my voice. First, peace be upon you and Allah’s mercy and blessings. Allah knows I gave every effort and all my strength to be a support and a voice for my people, ever since I opened my eyes to life in the alleys and streets of the Jabalia refugee camp. My hope was that Allah would extend my life so I could return with my family and loved ones to our original town of occupied Asqalan (Al-Majdal). But Allah’s will came first, and His decree is final. I have lived through pain in all its details, tasted suffering and loss many times, yet I never once hesitated to convey the truth as it is, without distortion or falsification—so that Allah may bear witness against those who stayed silent, those who accepted our killing, those who choked our breath, and whose hearts were unmoved by the scattered remains of our children and women, doing nothing to stop the massacre that our people have faced for more than a year and a half. I entrust you with Palestine—the jewel in the crown of the Muslim world, the heartbeat of every free person in this world. I entrust you with its people, with its wronged and innocent children who never had the time to dream or live in safety and peace. Their pure bodies were crushed under thousands of tons of Israeli bombs and missiles, torn apart and scattered across the walls. I urge you not to let chains silence you, nor borders restrain you. Be bridges toward the liberation of the land and its people, until the sun of dignity and freedom rises over our stolen homeland. I entrust you to take care of my family. I entrust you with my beloved daughter Sham, the light of my eyes, whom I never got the chance to watch grow up as I had dreamed. I entrust you with my dear son Salah, whom I had wished to support and accompany through life until he grew strong enough to carry my burden and continue the mission. I entrust you with my beloved mother, whose blessed prayers brought me to where I am, whose supplications were my fortress and whose light guided my path. I pray that Allah grants her strength and rewards her on my behalf with the best of rewards. I also entrust you with my lifelong companion, my beloved wife, Umm Salah (Bayan), from whom the war separated me for many long days and months. Yet she remained faithful to our bond, steadfast as the trunk of an olive tree that does not bend—patient, trusting in Allah, and carrying the responsibility in my absence with all her strength and faith. I urge you to stand by them, to be their support after Allah Almighty. If I die, I die steadfast upon my principles. I testify before Allah that I am content with His decree, certain of meeting Him, and assured that what is with Allah is better and everlasting. O Allah, accept me among the martyrs, forgive my past and future sins, and make my blood a light that illuminates the path of freedom for my people and my family. Forgive me if I have fallen short, and pray for me with mercy, for I kept my promise and never changed or betrayed it. Do not forget Gaza… And do not forget me in your sincere prayers for forgiveness and acceptance. Anas Jamal Al-Sharif 06.04.2025 This is what our beloved Anas requested to be published upon his martyrdom.

👀 “We never drop tools. We use yours.” — BlackBasta ransomware. A new Bitdefender analysis of 700,000 incidents reveals this chilling truth: 84% of major cyberattacks use Living Off the Land tools like netsh.exe, powershell.exe, wmic.exe. 🔗 Read the report: https://t.co/WIqykT90pF

🚨 GangExposed just dropped another bomb on the ransomware world. They’ve released profile photos of 15 members of the notorious Conti ransomware group, including their lead negotiator Arkady Valentinovich Bondarenko. This follows recent leaks that exposed: •“gg” — the central coordinator of Black Basta, handling ransomware deployments, target selection, financial ops, and AV evasion strategies. •Chat logs revealing internal decision-making, crypto payments, and even social engineering scripts for victim calls. GangExposed is systematically dismantling the anonymity that once protected these cybercriminals. This is no longer just a leak — it’s a high-stakes intelligence war.