Iran's hackers are on the offensive against the US and Israel Tehran hopes to stoke fear and extract intel in a series of cyber attacks.

Iran's hackers are on the offensive against the US and Israel #Technology #Cybersecurity #IranHackers #CyberThreats #USIsraelRelations

arstechnica.com/security/2026/03/irans-h...

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement

iT4iNT SERVER Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack VDS VPS Cloud #CyberSecurity #IranHackers #FBIBreach #DataLeak #WiperAttack

Iran-Linked Hackers Breach FBI Director Email, Cyber Tensions Foray War Front Iran linked hackers breach FBI director Kash Patel email and leak photos online

🕵️ Hackers linked to Iran claim a major breach of a top US official.

FBI Director Kash Patel’s personal email was accessed, with photos and hundreds of emails leaked online.

Read: 🔗 www.ibtimes.sg/iran-linked-...

#CyberSecurity #IranHackers #KashPatel #DataBreach

FBI Director Kash Patel Hacked by Iran-Linked Group Handala Hack Team claimed access to Kash Patel's personal email on Mar 27, 2026 (Al Jazeera); this raises exposure and regulatory risk for cyber vendors and federal contractors.

FBI Director Kash Patel Hacked by Iran-Linked Group: Handala Hack Team claimed access to Kash Patel's personal email on Mar 27, 2026 (Al Jazeera); this raises exposure and regulatory risk for cyber vendors and federal… 👈 Read full analysis #CyberSecurity #DataBreach #IranHackers #FBI #KashPatel

Iran-linked hackers breach personal email account of FBI director Kash Patel - SiliconANGLE Iran-linked hackers breach personal email account of FBI director Kash Patel - SiliconANGLE

Iran-linked hackers breach personal email account of FBI director Kash Patel #Technology #Cybersecurity #IranHackers #FBI #CyberBreach

siliconangle.com/2026/03/27/iran-linked-h...

#KashPatel #FBI #Hacked #IranHackers #Handala #Gmail #CyberSecurity #FiredTheExperts #PersonalEmail #GodHelpUsAll

FBI Director Kash Patel’s Gmail Hacked by Iran-Linked Handala Group, Photos and Personal Emails Leaked.

👉 Read the full story at NewsLink7.com

#KashPatel #FBI #IranHackers #CyberAttack #EmailHack #News #WorldNews #Noticias

Ok, cool, so what did they find?

#DOJ #KashPatel #IranHackers

Iran-linked hackers breach FBI director's personal email, publish excerpts online Iran-linked ​hackers have publicly claimed the breach of FBI ‌Director Kash Patel's personal inbox, publishing photographs of the director and other documents to the internet.

Iran-linked hackers breach FBI director's personal email, publish excerpts online: They have published photographs of the director and other documents to the internet. 🫠
www.reuters.com/world/us/ira... #KashPatel #Iran #IranHackers

Iran-linked hackers reportedly targeted Albanian parliament email system The email system of the Albanian parliament has been targeted by a cyberattack allegedly carried out by a hacking group linked to Iran, according to Albania’s National Cyber Security Authority.

The email system of the Albanian parliament has been targeted by a cyberattack allegedly carried out by a hacking group linked to Iran, according to Albania’s National Cyber Security Authority. Bne IntelliNews #Cybersecurity #IranHackers #Albania #CyberAttack #Hackers

Iran-Linked Hackers Target Human Rights Groups in Redkitten Malware Campaign A Farsi-speaking threat actor believed to be aligned with Iranian state interests is suspected of carrying out a new cyber campaign targeting non-governmental organizations and individuals documenting recent human rights abuses in Iran, according to a report by HarfangLab.  The activity, tracked in January 2026 and codenamed RedKitten, appears to coincide with nationwide unrest that erupted in Iran in late 2025 over soaring inflation, rising food prices, and currency depreciation. The protests were followed by a severe security crackdown, mass casualties, and an internet blackout.  “The malware relies on GitHub and Google Drive for configuration and modular payload retrieval, and uses Telegram for command-and-control,” HarfangLab said.  Researchers said the campaign is notable for its apparent use of large language models to help develop and coordinate its tooling. The attack chain begins with a 7-Zip archive bearing a Farsi filename, which contains malicious Microsoft Excel files embedded with macros.  The XLSM spreadsheets purport to list details of protesters who died in Tehran between Dec. 22, 2025, and Jan. 20, 2026. Instead, the files deploy a malicious VBA macro that acts as a dropper for a C# implant known as AppVStreamingUX_Multi_User.dll using a technique called AppDomainManager injection. HarfangLab said the VBA code itself shows signs of being generated by an LLM, citing its structure, variable naming patterns, and comments such as “PART 5: Report the result and schedule if successful.”  Investigators believe the campaign exploits the emotional distress of people searching for information about missing or deceased protesters. Analysis of the spreadsheet data found inconsistencies such as mismatched ages and birthdates, suggesting the content was fabricated. The implanted backdoor, dubbed SloppyMIO, uses GitHub as a dead drop resolver to obtain Google Drive links hosting images that conceal configuration data using steganography. This data includes Telegram bot tokens, chat IDs, and links to additional modules.  The malware supports multiple modules that allow attackers to run commands, collect and exfiltrate files, establish persistence through scheduled tasks, and launch processes on infected systems. “The malware can fetch and cache multiple modules from remote storage, run arbitrary commands, collect and exfiltrate files and deploy further malware with persistence via scheduled tasks,” HarfangLab said. “SloppyMIO beacons status messages, polls for commands and sends exfiltrated files over to a specified operator leveraging the Telegram Bot API for command-and-control.”  Attribution to Iranian-linked actors is based on the use of Farsi-language artifacts, protest-themed lures, and tactical overlaps with earlier operations, including campaigns associated with Tortoiseshell, which previously used malicious Excel documents and AppDomainManager injection techniques. The use of GitHub as part of the command infrastructure mirrors earlier Iranian-linked operations. In 2022, Secureworks, now part of Sophos, documented a campaign by a sub-group of Nemesis Kitten that also leveraged GitHub to distribute malware.  HarfangLab noted that reliance on widely used platforms such as GitHub, Google Drive, and Telegram complicates traditional infrastructure-based attribution but can also expose operational metadata that poses risks to the attackers themselves. The findings follow recent disclosures by U.K.-based Iranian activist and cyber investigator Nariman Gharib, who detailed a separate phishing campaign using a fake WhatsApp Web login page to hijack victims’ accounts.  “The page polls the attacker’s server every second,” Gharib said. “This lets the attacker serve a live QR code from their own WhatsApp Web session directly to the victim.” That phishing infrastructure was also designed to request access to a victim’s camera, microphone, and location, effectively turning the page into a surveillance tool. The identity and motive of the operators behind that campaign remain unclear.  Separately, TechCrunch reporter Zack Whittaker reported that related activity also targeted Gmail credentials using fake login pages, impacting around 50 victims across the Kurdish community, academia, government, and business sectors. The disclosures come amid growing scrutiny of Iranian-linked cyber groups following a major data leak affecting Charming Kitten, which exposed details about its operations and a surveillance platform known as Kashef. Gharib has also highlighted leaked records tied to Ravin Academy, a cybersecurity school linked to Iran’s Ministry of Intelligence and Security, which was sanctioned by the United States in 2022.

Iran-Linked Hackers Target Human Rights Groups in Redkitten Malware Campaign #Campaign #Iranhackers #Iranianstate

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt military objectives read more about Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt reconbee.com/iran-linked-...

#iran #iranhackers #hackers #AISdata #missile #cyberattack #hacking

Iran’s not just stirring trouble on the ground- they’re going digital. Hitting hospitals, power grids, and gov systems isn’t just hacking, it’s hybrid warfare. And it’s ramping up fast. #CyberSecurity #IranHackers #Infrastructure #Geopolitics informationsecuritybuzz.com/iranian-cybe...

Image from image_1.jpg

Hackers linked to Iran threatened to release 100 GB of emails from Trump’s administration, claiming to sell them. CISA dismissed the threat as a tactic to harm Trump's credibility amid rising US-Iran tensions related to nuclear issues.

#IranHackers #CyberThreats #ElectionInterference

Iranian Hackers Threaten to Leak 100GB of Stolen Trump Team Emails
#CyberAttack #IranHackers #TrumpEmails
www.youtube.com/watch?v=vhs9...

#trends today for 'meghan markle' 'court approval' & 'iran hackers'

Click/Tap below:

www.newsmason.com?query=%22meg...

www.newsmason.com?query=%22cou...

www.newsmason.com?query=%22ira...

#meghanmarkle #courtapproval #iranhackers

Iran-linked hackers threaten to release Trump aides' emails Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election.

I hate to say this, but in the here and now, I'd like to browse these communications.
#IranHackers
#AideEmailsHacked
#TrumpIsADisgrace

Iran-linked hackers threaten to release Trump aides' emails.

www.reuters.com/legal/govern...