Tag: hacking

Digital IDs are insecure and can be hacked

On Wednesday, Norman Fenton, Professor Emeritus at Queen Mary University of London, published an article describing how he lost control of his Twitter (now X) account to a hacker on 18 March but has now regained limited control. 

“After sending a spam ‘vote for me’ direct message (with a malicious link) to all my mutual followers on 20 March, the attackers began posting spam publicly. Not sporadically, but continuously: the bot was posting roughly once per second, pausing only intermittently to repost content from accounts I follow. By the time I regained access, there were thousands of spam posts and reposts,” he said.  “For now, anyone visiting my timeline will see little but pages of spam.”

Prof. Fenton ended his article by saying, “Regaining access to my account ultimately required persistence, external pressure, and, quite likely, legal escalation. Many users facing similar attacks will not have those options.

“If X cannot reliably protect accounts, respond promptly to verified compromise reports, and restore control without unnecessary barriers, then users are left dangerously exposed.

“What’s clear right now is that when things go wrong, you will be largely on your own.”

Read more: I’ve regained control of my hacked X account, Norman Fenton, 25 March 2026

In response to Prof. Fenton’s experience, Dr. Scott McLachlanformerly a lecturer in Digital Technologies for Healthcare at King’s College London, posted a Substack note taking Prof. Fenton’s final remarks a logical step further.

Keep reading

Silicon battlefields: Why Big Tech is a target in the US-Israeli war on Iran

In traditional wars, armies directed their firepower toward visible strategic assets – military bases, weapons factories, airfields – where supply lines could be mapped and battle plans drawn with relative certainty. Combat effectiveness depended on numbers, firepower, and tactical maneuver. 

Today, however, the logic of war has shifted beyond the physical battlefield. Over the past two decades, the digital revolution has built a second layer of strategic infrastructure behind the front lines, quietly transforming how power is projected and how wars are fought.

Digital infrastructure has moved from the periphery of war to its operational core. Intelligence gathering, drone coordination, and battlefield decision-making increasingly depend on cloud systems and artificial intelligence (AI) platforms. The architecture of contemporary conflict is therefore built as much on corporate-run networks as on conventional military hardware.

This evolving reality shapes Iran’s strategic outlook as the war with Washington and Tel Aviv deepens. In Tehran’s assessment, the technological backbone sustaining western-aligned military operations in West Asia cannot be viewed as politically neutral. It constitutes an extension of the battlespace itself – a domain where economic assets, corporate platforms, and national security objectives intersect.

Corporate networks as instruments of war

In recent years, advanced militaries have woven digital platforms into every stage of warfare. Satellite surveillance systems feed data into cloud networks. Armed drones transmit high-definition video streams requiring immediate analysis. 

Signals interception capabilities generate vast intelligence flows that must be converted into rapid operational decisions. Military power, increasingly, is measured not simply by missile stockpiles or air superiority, but by the capacity to process information faster than an adversary.

Major technology firms now sit at the center of this process. Companies such as Amazon, Microsoft, and Google provide the infrastructure enabling governments and militaries to store, analyze, and deploy critical data. Their cloud platforms underpin intelligence assessments, battlefield logistics, and command-and-control coordination across multiple theaters.

This convergence of corporate technology and state power has reshaped how conflict is understood. Digital networks have become as vital as aircraft carriers or missile defense systems. In the context of the US-Israeli war on Iran, Tehran increasingly interprets this reality as evidence that global technology companies form an integral part of hostile operational environments.

That perception gained public visibility when Iranian media circulated a list of nearly 30 sites across West Asia, and especially the UAE, linked to major tech firms. 

They included regional headquarters, engineering offices, and large-scale data centers operated by firms such as Amazon, Microsoft, Google, Oracle, NVIDIA, IBM, and Palantir Technologies. In Tehran’s reading of the conflict, these facilities represent strategic nodes embedded within the operational ecosystem that sustains adversaries’ military capabilities.

Stretching from Tel Aviv to Persian Gulf cities such as Dubai, Abu Dhabi, and Manama, these facilities host cloud services used by state institutions, intelligence agencies, and defense contractors. Some contribute directly to artificial intelligence development for surveillance and battlefield analysis. Others support regional digital economies whose stability indirectly underwrites military spending and technological innovation.

In an era where data flows shape combat outcomes, the infrastructures managing those flows may be viewed as legitimate strategic targets.

Keep reading

Epstein’s Wiki Page Was ‘Hacked’ In Failed Attempt To Remove ‘Sex Offender,’ Files Show

Jeffrey Epstein’s Wikipedia page was edited in 2010 to remove references to his status as a sex offender and a mugshot, an email released by the Department of Justice (DOJ) shows.

In an email to Epstein dated Nov. 6, 2010, an individual going by the name “Al Seckel” wrote that Wikipedia had “all sorts of protections” around his mug shot taken in 2006 by the Palm Beach County Sheriff’s Office.

“They have all sorts of protection around your ‘mug shot’ picture on wiki, and so, we are hacking wiki now to remove it and replace it with the photo that you sent, which will have the headline: Jeffrey Epstein, businessman, philanthropist,” wrote the message’s sender, who was in email correspondence with Epstein in 2010, according to the files.

“BTW, we also took you out in the sex offender category, and removed the headline in beginning sentence from wiki that also stated ‘sex offender,’” the email continued. “And, now it just reads businessman, philanthropist.”

The Wikipedia page’s edit history reveals an edit made the day before the email was sent which removed the category “American sex offenders.” The edit was reverted minutes later, and a user stated “There is a cited reliable source for his sex offender status.”

The author of the email also claims to have “recorded the ip addresses” of individuals reverting their edits, stating that they “actually hacked the site to block them back in.”

The same IP address made 27 changes between late October and late November 2010, many of which were made within minutes of each other, often removing mentions of Epstein’s entry in the Florida Sex Offender Registry and the experiences of children on his island.

Keep reading

Reuters Claims Office of DNI Investigated Puerto Rico Election Machines For “Claims That Venezuela Had Hacked Voting Machines” in the U.S. Territory

In June of 2024, Puerto Rico encountered numerous problems while conducting their primary elections.  The Gateway Pundit reported that vote counts were reported as lower than the paper counts.  Some voting systems reversed totals, while some reported zero votes for certain candidates.  The discrepancies were attributed to a “software issue,” according to the Puerto Rico Election Commission’s interim president at the time, Jessika Padilla-Rivera.

There wasn’t much reporting on the American territory and the problems they had surrounding that election.  However, it did cause the election commission in the territory to call into question its contract with Dominion Voting Systems prior to the November 2024 election.

In an “exclusive” story published on Wednesday, Reuters claimed that a team working for Director of National Intelligence Tulsi Gabbard “led an investigation into Puerto Rico’s voting machines,” according to Gabbard’s office and three sources familiar with the previously unreported events.

Reuters reported:

The sources said the goal was to work with the FBI to investigate claims that Venezuela had hacked voting machines in Puerto Rico, but added the probe did not produce any clear evidence of Venezuelan interference in the U.S. territory’s elections. Reuters first reported the investigation.

Gabbard’s office, in a statement to Reuters, confirmed the May investigation but denied a link to Venezuela, saying its focus was on vulnerabilities in the island’s electronic voting systems. Her team took an unspecified number of Puerto Rico’s voting machines and additional copies of data from the machines as part of its investigation, a spokesperson for Gabbard’s Office of the Director of National Intelligence said.

A source with direct knowledge of the investigation confirmed that the event in May did happen, but it was not tied to any specific claim of Venezuelan interference, nor was the scope of the investigation specific to foreign interference.  However, there was evidence of foreign involvement discovered, but no country was pointed out specifically by our source.

Keep reading

Congressional Budget Office Plagued by ‘Ongoing’ Cybersecurity Breach

When the agency that crunches Washington’s numbers can’t even secure its own, it’s hard not to see a metaphor in the math.

The Congressional Budget Office confirmed this week that it’s battling an “ongoing” cybersecurity incident — one that, by all accounts, has stretched on for days and remains unresolved.

Politico first reported the breach, noting that CBO officials are still assessing the full scope of the intrusion and what data, if any, may have been compromised.

The nonpartisan agency, which provides cost estimates and fiscal analyses to Congress, said it has added new monitoring systems and security controls while a full investigation continues.

The CBO has not said whether sensitive information was stolen or who might be behind the attack, the Associated Press reported. Officials also declined to specify how long the agency’s systems have been affected.

Reuters added that Senate offices were warned by the chamber’s Sergeant at Arms that email communications with the CBO might have been exposed, potentially giving hackers a chance to spoof messages or launch phishing attempts.

That advisory urged congressional staff to treat any CBO-related email traffic with extra caution until the incident is fully contained.

While the agency insists its work for lawmakers continues uninterrupted, the breach’s duration has sparked questions about whether the CBO’s analytical models and data pipelines could have been tampered with.

Experts told the Associated Press that a breach described as “ongoing” suggests investigators are still chasing active threats within the network rather than cleaning up a finished intrusion.

The incident comes at a sensitive time for Congress, with fiscal debates, spending fights, and shutdown negotiations all relying on the CBO’s projections to guide votes and policy.

Reuters noted that the longer such breaches persist, the greater the risk that attackers can map internal systems, gather intelligence, or establish backdoors for later use.

The Washington Post reported that early assessments point to a possible foreign actor, though officials have not publicly attributed the breach to any specific nation or group.

In a statement, the CBO said it “continually monitors” for cyber threats and had taken “immediate action” to safeguard its systems once the incident was detected.

Still, the episode has renewed scrutiny of cybersecurity readiness across federal agencies — particularly those, like the CBO, that don’t handle classified data but remain critical to day-to-day government operations.

Keep reading

Hollywood Producer Buys Israeli NSO Spyware Maker, Hires David Friedman to Sell Hacking Tools to U.S.

Hollywood producer Robert Simonds has purchased the Israeli spyware maker NSO Group to bring it under “American” control and hired Trump’s former Ambassador to Israel, David Friedman, to lobby the president to remove sanctions on the firm so they can sell their hacking tools to US law enforcement.

Though the company was sold to a consortium of alleged “Americans” led by Simonds, the NSO Group “said Sunday that it would continue to operate from Israel under the full regulatory authority of the Defense Ministry, as it expands its global footprint and seeks to resume operations in the US,” the Times of Israel reports.

From The Wall Street Journal, “Israeli Spyware Maker NSO Gets New Owners, Leadership and Seeks to Mend Reputation”:

TEL AVIV—NSO Group, the Israeli company behind Pegasus spyware, says a group of investors led by Hollywood producer Robert Simonds has acquired a controlling stake in the firm, which has named a former Trump official to lead an effort to restore its battered reputation.

The company, which has faced lawsuits and U.S. government sanctions since revelations that its technology was used to spy on political dissidents, human-rights advocates, journalists and American officials, declined to disclose the purchase price.

NSO’s new executive chairman, David Friedman, a former U.S. ambassador to Israel and onetime bankruptcy lawyer for President Trump, said he wants to use his ties to the Trump administration to help rebuild the company’s spyware business in the U.S.

“If the administration, as I expect they’ll be, is receptive to considering any opportunity that might keep Americans safer, it will consider us,” said Friedman, who splits his time between Florida and Israel.

This is naked influence peddling.

Keep reading

CISA Orders Federal Agencies to Patch F5 Devices After Nation-State Hack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive compelling federal agencies to address major security flaws in software management devices made by F5, a technology company. The order follows a security breach where nation-state-affiliated hackers reportedly accessed F5’s internal systems, stealing source code and customer data.

In the directive released on October 15, CISA warned that a foreign government-affiliated group compromised F5’s networks and exfiltrated sensitive files. This stolen data included parts of the source code for BIG-IP, F5’s flagship product, along with information about known vulnerabilities.

CISA stated that this access gives the hackers a significant advantage, allowing them to analyze the code for undiscovered flaws, or “zero-day vulnerabilities,” and develop targeted attacks against F5 devices and software.

Imminent Threat to Federal Networks

According to the directive, this cyber threat actor poses an “imminent threat” to all federal networks that use F5 products. If hackers successfully exploit the vulnerabilities, they could gain access to embedded login details and API keys, which would allow them to move undetected within a network, steal data, and establish long-term access. CISA warns this could lead to a “full compromise” of an organization’s information systems.

Due to what it calls an “unacceptable risk,” CISA has mandated immediate action for agencies using a range of F5 products.

Affected F5 Products:

The directive applies to the following hardware and software:

  • Hardware: BIG-IP iSeries, rSeries, and any other F5 devices that are no longer supported by the company.
  • Software: All devices running BIG-IP (F5OS and TMOS), Virtual Edition (VE), BIG-IP Next, BIG-IQ, and BIG-IP Next for Kubernetes (BNK)/Cloud-Native Network Functions (CNF).

The directive’s requirements are designed to address the immediate risk and help agencies defend against anticipated attacks targeting these systems.

Keep reading

China accuses US of major cyber-attack

China has accused the US National Security Agency (NSA) of waging a “major” multi-year cyberattack on the Chinese agency responsible for keeping national time.

In a statement posted on its official social media account on Sunday, the Ministry of State Security (MSS) said it had “obtained irrefutable evidence” that the NSA infiltrated the National Time Service Center. The covert operation allegedly began in March 2022, aiming to steal state secrets and conduct acts of cyber sabotage.

The center serves as China’s official time authority, issuing and broadcasting ‘Beijing Time’ to key sectors including finance, energy, transport, and defense. A disruption to this critical piece of infrastructure could have caused widespread instability in financial markets, logistics and power supply, according to the MSS.

According to the MSS, the NSA first exploited a vulnerability in the foreign-made mobile phones of several staff members at the center, gaining access to sensitive data.

Keep reading

Microsoft: Sharp Increase in Ai-Aided Cyberattacks From Russia, China

Foreign adversaries are increasingly using artificial intelligence (AI) in their cyber influence campaigns, with operations picking up “aggressively” this year, Microsoft said on Oct. 16.

In July, Microsoft identified more than 200 instances of AI-generated content from nation-state adversaries, more than four times the number in July 2024, and more than 10 times the number in July 2023, the company’s annual Digital Defense Report shows.

AI can create increasingly convincing emails and generate digital clones of senior government officials or news anchors, according to the report. The sophistication of AI tools has made the operations “easier to scale, more effective, and harder to trace,” and it is becoming increasingly difficult to differentiate state- and non-state actors, the report stated.

For scammers, AI is making it easier to quickly create more convincing websites, profiles, emails, and IDs, the report said. Microsoft said it blocked 1.6 million fake account creation attempts per hour on the company’s platforms.

“Everyone—from industry to government—must be proactive to keep pace with increasingly sophisticated attackers and to ensure that defenders keep ahead of adversaries,” said Amy Hogan-Burney, Microsoft’s vice president for customer security and trust, who oversaw the report.

Keep reading

China Escalates Cyberattacks That Are Increasingly Hard To Detect

AChinese hacking group is reportedly behind a significant espionage campaign targeting U.S. technology firms and legal services, highlighting a worrisome escalation in China’s cyber “Cold War” with the United States.

Since March 2025, Google’s Threat Intelligence Group and its cybersecurity subsidiary, Mandiant, have tracked suspicious activities, delivered over a backdoor malware known as “BRICKSTORM.” This sophisticated campaign is targeting a variety of sectors, including law firms, software-as-a-service providers, and other technology companies. Following extensive monitoring and analysis, Google has linked these hacking efforts to UNC5221, a long-suspected Chinese Advanced Persistent Threat (APT) actor, alongside other “threat clusters” associated with China.

The BRICKSTORM campaign is especially disturbing for two primary reasons. Firstly, it was crafted to ensure “long-term stealthy access” by embedding backdoors into targeted systems, enabling hackers to dodge conventional detection and response methods. The stealth campaign has proven so adept that, on average, these intruders remain undetected in targeted systems for nearly 400 days, as revealed by a Google report.

Secondly, the motivations behind these cyberattacks transcend the theft of trade secrets and national security data. Google suspects that these hackers are also probing for “zero-day vulnerabilities targeting network appliances,” as well as “establishing pivot points for broader access” to additional victims. This indicates a strategy to gather intelligence that could be pivotal to the Chinese military should tensions escalate between the U.S. and China.

Xi Jinping, the leader of Communist China, has consistently expressed his ambition for the nation to become a “cyber superpower.” With this goal in mind, the Chinese government has invested significant resources in building a formidable cyber army.

The People’s Liberation Army (PLA) considers cyber warfare to be a crucial aspect of both its defensive and offensive strategies, alongside traditional military forces. Cyberattacks are viewed as a cost-effective means to undermine an opponent’s will to fight by targeting its economic, political, scientific, and technological systems.

Thus, the PLA reportedly employs as many as 60,000 cyber personnel, ten times larger than the U.S. Cyber Command’s Cyber Mission Force. Additionally, a higher proportion of the PLA’s cyber force is dedicated to offensive operations compared to the United States (18.2 percent versus 2.8 percent).

Alongside China’s official cyber force, the Ministry of State Security and the Ministry of Public Security have adopted a “pseudo-private” contractor model that allows them to hire civilian hackers to conduct cyber espionage abroad while obscuring the Chinese government’s involvement.

Over time, the Communist regime has also significantly advanced its cyber operation capabilities. Today, China’s cyber operations are increasingly sophisticated, utilizing advanced tactics, techniques, and procedures to infiltrate victim networks, according to a U.S. government report.

The BRICKSTORM attack is part of a long series of high-profile cyberattacks originating from China in recent years. Between 2023 and 2024, Salt Typhoon, a Chinese hacking group linked to the Ministry of State Security accessed U.S. wireless networks operated by companies such as AT&T and Verizon, “as well as systems used for court-appointed surveillance.” This breach resulted in the compromise of telecommunication data for over a million American users, including individuals involved in both Trump’s and then-Vice President Kamala Harris’s presidential campaigns.

Keep reading