Reposted by 🇬🇱
Exclusive: A cyberattack targeting Poland's energy infrastructure in December used wiper malware that would have erased grid computers and rendered them inoperable had it not been thwarted, a researcher at @ESET told me. The researcher calls the attack "unprecedented" for Poland and "substantial"
Cyberattack Targeting Poland’s Energy Grid Used a Wiper
A cyberattack that targeted power plants and other energy producers in Poland at the end of December used malware known as a “wiper” that was intended to erase computers and cause a power outage and o...
www.zetter-zeroday.com
January 23, 2026 at 4:33 PM
Exclusive: A cyberattack targeting Poland's energy infrastructure in December used wiper malware that would have erased grid computers and rendered them inoperable had it not been thwarted, a researcher at @ESET told me. The researcher calls the attack "unprecedented" for Poland and "substantial"
The cyberattack targeting Poland's Distributed Energy Resources (DER) was a sophisticated operation, showing patterns consistent with the infamous Industroyer malware family. Of the possible scenarios, I believe this is the worst.
www.linkedin.com/posts/rubens...
www.linkedin.com/posts/rubens...
January 21, 2026 at 10:25 AM
The cyberattack targeting Poland's Distributed Energy Resources (DER) was a sophisticated operation, showing patterns consistent with the infamous Industroyer malware family. Of the possible scenarios, I believe this is the worst.
www.linkedin.com/posts/rubens...
www.linkedin.com/posts/rubens...
I've just published "Signal's Censorship Circumvention is susceptible to AiTM attacks".
It is possible to carry out Adversary-in-The-Middle (AiTM) attacks against Signal when Censorship Circumvention is enabled, but E2EE layer is not affected. www.reversemode.com/2026/01/sign...
It is possible to carry out Adversary-in-The-Middle (AiTM) attacks against Signal when Censorship Circumvention is enabled, but E2EE layer is not affected. www.reversemode.com/2026/01/sign...
Signal’s Censorship Circumvention is susceptible to AiTM attacks
TL;DR This post describes the conditions and technical details that enable Adversary-in-The-Middle (AiTM) attacks against Signal when Cens...
www.reversemode.com
January 14, 2026 at 10:31 AM
I've just published "Signal's Censorship Circumvention is susceptible to AiTM attacks".
It is possible to carry out Adversary-in-The-Middle (AiTM) attacks against Signal when Censorship Circumvention is enabled, but E2EE layer is not affected. www.reversemode.com/2026/01/sign...
It is possible to carry out Adversary-in-The-Middle (AiTM) attacks against Signal when Censorship Circumvention is enabled, but E2EE layer is not affected. www.reversemode.com/2026/01/sign...
“The failed attack aimed to disrupt the communication between renewable installations and the power distribution operators”
Massive cyberattack on Polish power system in December failed, minister says www.reuters.com/sustainabili...
www.reuters.com
January 13, 2026 at 5:05 PM
“The failed attack aimed to disrupt the communication between renewable installations and the power distribution operators”
For anyone who might be interested, in this post I’ll share my updated approach to cyber-physical security research for this year (and likely for the years ahead), from the perspective of a European citizen and independent researcher. www.linkedin.com/pulse/2026-t...
2026: Time to Update our Threat Model
Capabilities remain, but intentions can shift overnight…the significance of this basic idea behind any defense strategy has become very real in recent days. For anyone who might be interested, in this...
www.linkedin.com
January 8, 2026 at 3:10 PM
For anyone who might be interested, in this post I’ll share my updated approach to cyber-physical security research for this year (and likely for the years ahead), from the perspective of a European citizen and independent researcher. www.linkedin.com/pulse/2026-t...
Fucking fascists
TAPPER: Can you rule out the US is going to take Greenland by force?
MILLER: Greenland should be part of the US. By what right does Denmark assert control over Greenland? The US is the power of NATO
T: So force is on the table?
M: Nobody is gonna fight the US militarily over future of Greenland
MILLER: Greenland should be part of the US. By what right does Denmark assert control over Greenland? The US is the power of NATO
T: So force is on the table?
M: Nobody is gonna fight the US militarily over future of Greenland
January 6, 2026 at 12:45 AM
Fucking fascists
Reposted by 🇬🇱
NEW: A hacktivist dressed as Pink Ranger from the Power Rangers wiped three white supremacist websites on stage at the end of a talk at a hacker conference.
The hacker also published users’ data on the website okstupid.lol.
The three sites are still down, a week after the live hack.
The hacker also published users’ data on the website okstupid.lol.
The three sites are still down, a week after the live hack.
Hacktivist deletes white supremacist websites live on stage during hacker conference | TechCrunch
A hacker known as Martha Root broke in and deleted three white supremacists websites at the end of a talk during the annual hacker conference Chaos Communication Congress in Germany.
techcrunch.com
January 5, 2026 at 6:58 PM
NEW: A hacktivist dressed as Pink Ranger from the Power Rangers wiped three white supremacist websites on stage at the end of a talk at a hacker conference.
The hacker also published users’ data on the website okstupid.lol.
The three sites are still down, a week after the live hack.
The hacker also published users’ data on the website okstupid.lol.
The three sites are still down, a week after the live hack.
defrag.exe
Here's a quilt of Volume 4 of the Epstein document dump. Gives you a 10,000 foot view of the redactions. that's 2,704 docs.
December 19, 2025 at 10:34 PM
defrag.exe
Yesterday, French newspaper LeParisien published an interesting story "A ship infected with spyware is at the heart of a mysterious espionage investigation in France." www.leparisien.fr/faits-divers...
Un navire infecté par un logiciel-espion au cœur d’une mystérieuse enquête pour espionnage en France
EXCLUSIF. Un ressortissant letton a été mis en examen et écroué dimanche à Paris dans le cadre d’une inquiétante enquête pilotée par la DGSI
www.leparisien.fr
December 17, 2025 at 11:31 AM
Yesterday, French newspaper LeParisien published an interesting story "A ship infected with spyware is at the heart of a mysterious espionage investigation in France." www.leparisien.fr/faits-divers...
Reposted by 🇬🇱
So, in case you haven’t heard, a recent upset of an A320:
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete
November 28, 2025 at 11:11 PM
So, in case you haven’t heard, a recent upset of an A320:
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete
Reposted by 🇬🇱
SCOOP: A man who worked on developing hacking and surveillance tools for defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.
The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.
The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.
Exclusive: Apple alerts exploit developer that his iPhone was targeted with government spyware
A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spy...
techcrunch.com
October 21, 2025 at 2:54 PM
SCOOP: A man who worked on developing hacking and surveillance tools for defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.
The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.
The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.
The US Secret Service just saved the world from 80 millions of Antifa SIMs that were about to turn unvaccinated people trans via 5G.
September 24, 2025 at 12:34 PM
The US Secret Service just saved the world from 80 millions of Antifa SIMs that were about to turn unvaccinated people trans via 5G.
I’ve been talking about Paragon and ICE with @france24.com www.france24.com/fr/%C3%A9co-... (french)
États-Unis : quand la lutte antimigrants s'arme de logiciels espions
Un contrat de deux millions de dollars a été conclu entre l'ICE, l’agence américaine de contrôle de l’immigration, et Paragon, éditeur sulfureux de logiciels espions ultraperfectionnés. Le bras armé…
www.france24.com
September 4, 2025 at 7:12 PM
I’ve been talking about Paragon and ICE with @france24.com www.france24.com/fr/%C3%A9co-... (french)
Was Von Der Leyen’s Plane the Target of a GPS Jamming Attack? I spoke with some of them to gain a clearer understanding of the incident…
www.linkedin.com/pulse/von-de...
www.linkedin.com/pulse/von-de...
Was Von Der Leyen’s Plane the Target of a GPS Jamming Attack?
Yesterday, the Financial Times reported that the EU Chief's plane had been the target of a GPS jamming attack while approaching Plovdiv Airport in Bulgaria. However, certain technical details continue...
www.linkedin.com
September 2, 2025 at 4:19 PM
Was Von Der Leyen’s Plane the Target of a GPS Jamming Attack? I spoke with some of them to gain a clearer understanding of the incident…
www.linkedin.com/pulse/von-de...
www.linkedin.com/pulse/von-de...
Cyberattack against Iranian Vessels' SATCOM systems www.linkedin.com/pulse/cybera...
Cyberattack against Iranian Vessels' SATCOM systems
Lab Dookhtegan, a self-proclaimed 'hacktivist' group, has conducted a destructive attack against the SATCOM terminals of numerous Iranian vessels, disabling this critical communication link on 39 tank...
www.linkedin.com
August 27, 2025 at 10:45 AM
Cyberattack against Iranian Vessels' SATCOM systems www.linkedin.com/pulse/cybera...
Coincidentally, Romania’s Cernavoda Nuclear Power Plant suffered an automatic shutdown that infamous day. One year later, that remains the only Cernavoda reactor trip event in recent years for which the operator has never published a root cause.
On the one-year anniversary of CrowdStrike's disastrous crashes that took down millions of computers worldwide, a new study finds 750-plus hospital networks in the US were disrupted, and 200-plus appear to have had outages of patient medical services. www.wired.com/story/at-lea...
At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds
Of those, more than 200 appear to have had outages of services related to patient care following CrowdStrike’s disastrous crash, researchers have revealed.
www.wired.com
July 19, 2025 at 4:45 PM
Coincidentally, Romania’s Cernavoda Nuclear Power Plant suffered an automatic shutdown that infamous day. One year later, that remains the only Cernavoda reactor trip event in recent years for which the operator has never published a root cause.
Wild story. It feels like the hacker didn’t hack their way in, but rather paid their way in.
Circa 2018, as the FBI was working on the El Chapo case, the Sinaloa cartel hired a hacker to track the movements of a senior FBI official around Mexico City, a newly released DOJ audit says. The cartel then user the info to kill potential FBI informants: www.cnn.com/2025/06/28/p...
Mexican drug cartel used hacker to track FBI official, then killed potential FBI informants, government audit says | CNN Politics
The stunning new details offer a rare look at how technology can be exploited in the high-stakes battle between US law enforcement and the violent Mexican cartels that control illicit drug trade.
www.cnn.com
June 29, 2025 at 4:13 PM
Wild story. It feels like the hacker didn’t hack their way in, but rather paid their way in.
Just a few days ago, a reliable but anonymous source shared with me telemetry data from the day of the blackout, covering thousands of solar inverters deployed across Spain. www.reversemode.com/2025/06/a-ne...
A new Cyber-Physical Angle in Spain’s Blackout
Just a few days ago, a reliable but anonymous source shared with me telemetry data from the day of the blackout, covering thousands of solar...
www.reversemode.com
June 18, 2025 at 10:17 AM
Just a few days ago, a reliable but anonymous source shared with me telemetry data from the day of the blackout, covering thousands of solar inverters deployed across Spain. www.reversemode.com/2025/06/a-ne...
Reposted by 🇬🇱
"Because the initial email from [General] Al Rashidi to Hay came from a Hotmail address with the numbers '69' after the general’s name, one worker says they weren’t sure whether the outreach was legitimate.“
New: UAE is trying to recruit Pentagon workers displaced by DOGE to move to Abu Dhabi to work on AI for UAE military. A UAE brigadier general met last month with two former staffers of Defense Digital Service who have worked on US classified projects and tried to recruit them and the entire DDS team
UAE Recruiting US Personnel Displaced by DOGE to Work on AI for its Military
A UAE brigadier general received permission from the Pentagon to recruit former members of the Defense Digital Service to work on artificial intelligence for the UAE military — despite past warnings f...
www.zetter-zeroday.com
May 20, 2025 at 1:49 PM
"Because the initial email from [General] Al Rashidi to Hay came from a Hotmail address with the numbers '69' after the general’s name, one worker says they weren’t sure whether the outreach was legitimate.“
For those interested, I’m covering Spain’s blackout investigation from a technical and cyber-physical systems perspective. www.linkedin.com/newsletters/...
NeutronMode | LinkedIn
Ruben Santamarta | The latest in nuclear cybersecurity: original content, technical analysis and news.
www.linkedin.com
May 15, 2025 at 4:59 PM
For those interested, I’m covering Spain’s blackout investigation from a technical and cyber-physical systems perspective. www.linkedin.com/newsletters/...