A Swiss E-Voting Mystery: USB Glitch or Sabotage? A Swiss E-Voting Mystery: USB Glitch or Sabotage? Imagine that you're a member of an electoral board, and the cryptographic materials requ...

www.reversemode.com/2026/04/a-sw...

Inside ZionSiphon: Darktrace’s Analysis of OT Malware Targeting Israeli Water Systems Darktrace analysis reveals ZionSiphon, an OT‑focused malware targeting Israeli water treatment and desalination systems. Read the blog to learn more

This malware looks more like bait rather than a serious attempt to target Israeli water treatment systems.
www.darktrace.com/blog/inside-...

In a video published just hours ago, Netanyahu directly threatens Spain with “paying an immediate price”.

The assessment is that this fascist war criminal found 5 minutes between planning how to massacre women and children to record a video.

thehill.com/policy/inter...

Being a greedy, mercenary piece of shit is a personal choice, depression is not.

Are Rockwell PLCs being actively targeted by Iran? There may be something interesting going on. US CISA has recently added two older CVEs to the Known Exploited Vulnerabilities catalog… | Ruben Santa... Are Rockwell PLCs being actively targeted by Iran? There may be something interesting going on. US CISA has recently added two older CVEs to the Known Exploited Vulnerabilities catalog https://lnkd.i...

The exploitation of Rockwell PLCs has been known for more than a month. I wrote about it weeks ago www.linkedin.com/posts/rubens... The fact that this joint advisory by the FBI, NSA… comes out just hours before the deadline seems to accommodate a narrative for what may be unfolding today.

Trump: “An entire civilization will die tonight.” I cannot even express in words the repugnance this psychopath makes me feel. The US and Israel on the brink of plunging the world into chaos.

Top Brussels official urges Europeans to work from home and drive less Energy commissioner says the oil crisis triggered by Iran war will bring lengthy upheaval, in a speech reminiscent of the Covid pandemic.

www.politico.eu/article/euro...

BPFdoor in Telecom Networks: Sleeper Cells in the backbone A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor placing stealthy digital sleeper cells in telecommunications networks, in order to carry out h...

www.rapid7.com/blog/post/tr...

UPDATE ON THE HORMUZ COALITION (Mon, March 16):

🇫🇷 France: REJECTED
🇬🇧 UK: REJECTED
🇮🇹 Italy: REJECTED
🇪🇸 Spain: REJECTED
🇯🇵 Japan: REJECTED
🇳🇴 Norway: REJECTED
🇨🇦 Canada: REJECTED
🇦🇺 Australia: REJECTED
🇩🇪 Germany: REJECTED
🇨🇳 China: NO RESPONSE
🇳🇱 Netherlands: NO RESPONSE
🇰🇷 South Korea: NO CONFIRMATION

The hackers say they targeted Stryker in retaliation for the bombing of the all-girls school in Iran and that they have wiped more that 200,000 Stryker systems, servers, and mobile devices and stolen 50 terabytes of critical data, forcing Stryker offices in 79 countries to shut down

The mystery of a globetrotting iPhone-hacking toolkit Tools used in a series of hacking campaigns by hackers in Russia, Ukraine, and China may have originated inside U.S. government contractor L3Harris, TechCrunch has learned.

SCOOP: The iPhone mass hacking toolkit used by Russian spies was developed at U.S. military contractor L3Harris, former employees said.

The Coruna toolkit was used against Ukrainians and by Chinese cybercriminals, according to Google. But the toolkit was initially developed for Western governments.

Exclusive: US investigation points to likely US responsibility in Iran school strike, sources say U.S. military investigators believe it is likely that U.S. forces were responsible for an apparent ​strike on an Iranian girls' school that killed scores of children on Saturday but have not yet reach...

www.reuters.com/world/middle...

Glad that Spain made a stand against this nonsense. The moment of truth for the EU. Let’s see if there is any sovereignty left, or if the only way forward is being a bunch of pathetic US vassals.

Cyber-Physical Attacks on Nuclear Safeguards (II) | Ruben Santamarta In the first part, I provided an introduction and context on the cyber-physical aspects of mechanisms to detect and deter nuclear proliferation. In this second part, I will continue introducing the ph...

www.linkedin.com/posts/rubens...

If that wasn’t the case before, at this point in history you have to be medically stupid to believe any kind of rhetoric coming from the U.S. government.

Cyberattack Targeting Poland’s Energy Grid Used a Wiper A cyberattack that targeted power plants and other energy producers in Poland at the end of December used malware known as a “wiper” that was intended to erase computers and cause a power outage and o...

Exclusive: A cyberattack targeting Poland's energy infrastructure in December used wiper malware that would have erased grid computers and rendered them inoperable had it not been thwarted, a researcher at @ESET told me. The researcher calls the attack "unprecedented" for Poland and "substantial"

The cyberattack targeting Poland's Distributed Energy Resources (DER) was a sophisticated operation, showing patterns consistent with the infamous Industroyer malware family. Of the possible scenarios, I believe this is the worst.

www.linkedin.com/posts/rubens...

What happened in Poland? Part II Based on additional details I've been collecting, it appears the cyberattack was indeed real, probably more sophisticated than expected, and, to be honest, both interesting and concerning. Introductio...

www.linkedin.com/pulse/what-h...

What happened in Poland? (Part I) | Ruben Santamarta The Polish government announced that Russia is behind a "first-of-its-kind" cyberattack on Poland's Distributed Energy Resources (DERs). If you're a regular reader, that will probably ring a bell abou...

www.linkedin.com/posts/rubens...

Signal’s Censorship Circumvention is susceptible to AiTM attacks TL;DR This post describes the conditions and technical details that enable Adversary-in-The-Middle (AiTM) attacks against Signal when Cens...

I've just published "Signal's Censorship Circumvention is susceptible to AiTM attacks".
It is possible to carry out Adversary-in-The-Middle (AiTM) attacks against Signal when Censorship Circumvention is enabled, but E2EE layer is not affected. www.reversemode.com/2026/01/sign...

“The failed attack aimed to disrupt the communication between renewable installations and the power distribution operators”

2026: Time to Update our Threat Model Capabilities remain, but intentions can shift overnight…the significance of this basic idea behind any defense strategy has become very real in recent days. For anyone who might be interested, in this...

For anyone who might be interested, in this post I’ll share my updated approach to cyber-physical security research for this year (and likely for the years ahead), from the perspective of a European citizen and independent researcher. www.linkedin.com/pulse/2026-t...

Fucking fascists

Hacktivist deletes white supremacist websites live on stage during hacker conference | TechCrunch A hacker known as Martha Root broke in and deleted three white supremacists websites at the end of a talk during the annual hacker conference Chaos Communication Congress in Germany.

NEW: A hacktivist dressed as Pink Ranger from the Power Rangers wiped three white supremacist websites on stage at the end of a talk at a hacker conference.

The hacker also published users’ data on the website okstupid.lol.

The three sites are still down, a week after the live hack.

defrag.exe

Un navire infecté par un logiciel-espion au cœur d’une mystérieuse enquête pour espionnage en France EXCLUSIF. Un ressortissant letton a été mis en examen et écroué dimanche à Paris dans le cadre d’une inquiétante enquête pilotée par la DGSI

Yesterday, French newspaper LeParisien published an interesting story "A ship infected with spyware is at the heart of a mysterious espionage investigation in France." www.leparisien.fr/faits-divers...

So, in case you haven’t heard, a recent upset of an A320:
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete

Cyber-Physical Attacks on Nuclear Safeguards (I) | Ruben Santamarta In these series of posts, I will explore the cyber-physical perspective of nuclear safeguards and detail some real-world vulnerabilities I identified during my research.

www.linkedin.com/posts/rubens...

Exclusive: Apple alerts exploit developer that his iPhone was targeted with government spyware A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spy...

SCOOP: A man who worked on developing hacking and surveillance tools for defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.

The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.

What happened at Iberdrola's 'Núñez de Balboa' PV Power Plant? The "mystery" of what happened at the "Núñez de Balboa" photovoltaic power plant is, to this day, one of the most significant unresolved q...

www.reversemode.com/2025/10/what...