Recap dyal l-osbou3: Sleeper Cells f l-itissalat, Jailbreaks dyal l-LLM, w istighlal kbir l-Citrix
Recap dyal l-osbou3: Sleeper Cells f l-itissalat, Jailbreaks dyal l-LLM, w istighlal kbir l-Citrix
TL;DR: Had l-osbou3 f l-amn l-siberani, kayn istighlal kbir l-thoghrat f Citrix NetScaler w Fortinet. F nefss l-weqt, majmou3at "Red Menshen" l-tabi3a l-Chinoua dakhlat "sleeper cells" (khlaya na2ima) f l-infrastructure dyal l-itissalat l-3alamiya. L-FBI akkhdat beli l-email l-khass dyal l-modeer Kash Patel t-hacker, w Apple bdat kadiyr t-haqquq mn l-sin (age verification) b l-bezzef 3la l-mostakhdimin f l-UK.
Tahdid l-osbou3: Thoghra khatira f Citrix taht l-houjoum
Wahd l-thoghra amniya khatira f Citrix NetScaler ADC w NetScaler Gateway (CVE-2026-3055, score CVSS: 9.3) bdat kat-staghal rsemiyan f lekher dyal l-mars 2026.
Had l-mochkil jay mn mouchkil f l-validation dyal l-input li khlla l-memory t-tqra kytar mn l-qiyas (memory overread). Ila t-staghlat had l-thoghra, l-hackers iqdru iserbou m3loumat hassasa. L-charikat li fihom l-khatar homa li m-configurin l-ajhiza dyalhom k-SAML Identity Provider (SAML IDP).
l-Istikhbarat w l-Jassoussiya dyal l-Dowal
"Sleeper Cells" dyal Red Menshen f l-itissalat
Majmou3a dyal l-hackers m-liyya m3a l-Chinoua, smitha Red Menshen, t-kchfat katzre3 "BPFdoor" (implants f l-kernel) f l-infrastructure l-asassiya dyal l-itissalat l-3alamiya. Had l-implants khdamine bhal sleeper cells dijital—kaybqaw na3sin w mkhbyin f l-environment, w mayt-activaw hta iwasalhom wahd l-"magic packet". Hit homa kayssemlou ghi l-monitorage dyal traffic bla ma ihellou connections bayna, l-detectage dyalhom s3ib bezzaf.
t-Hacka l-email l-khass dyal Modeer l-FBI
L-FBI akkhdat beli hackers dkhlou l-email l-khass dyal l-Modeer Kash Patel. Wakha l-hokouma gat beli makayn hta m3loumat sseriya t-sarbat, l-majmou3a l-Iraniya Handala t-bennat l-3amaliya w necherat sowar w wata2iq gat beli mn l-inbox dyalo. l-Marikan dayra daba 10 melyoun dollar lli i3ti m3loumat 3la Handala.
Meta kat-habess 3amaliyat t-at-tir l-Iraniya
Meta hiyydat wahd l-chabaka "m-tewwra" dyal l-itissalat l-Iraniya f Instagram. Had l-chabaka kant katssta3mel hssabat f-itish—dayrin rashom sahafiyyin aw mowatinin 3adiyyin—bach ibniw mowaqi3 m3a l-mostakhdimin f l-Marikan w mn b3d ibdaw iserbou lihom narratives siyasiya m-nssqa.
Malware w akher l-hamalat
GlassWorm w l-C2 f l-Blockchain
L-hamla dyal GlassWorm t-tewwrat، daba wallat katssta3mel packages f npm w PyPI bach t-installi extension dyal Chrome li katsreq l-data. L-haja li jdida hiya had l-malware kakhbi l-awamir dyal Command-and-Control (C2) dyalo f Solana blockchain memos bach i-evadi l-detection l-3adiya.
"Android God Mode"
Wahd l-malware jdid kistahdef l-mostakhdimin f l-Hind, smito Android God Mode, kitcher f WhatsApp. Ky-abusé l-khidamat dyal l-accessibility f Android bach ikhoud "tahakkoum kamil" f l-ajhiza، it-fowardi l-makalimat، isreq l-SMS، w issower bl-cam.
Houjoum ClickFix kistahdef macOS
Apple dkhlat miza amniya jdida f macOS 26.4 bach thareb houjoum "ClickFix". L-OS daba kyi3ti ndar l-mostakhdimin ila hawalou idirou "paste" l-awamir khatira f l-Terminal—tariqa kista3mloha l-nessaba bach i-installiw malware f-hal Infiniti Stealer w EtherRAT.
l-Qawanin w l-Ijrā’āt l-Qānūniya
- Men3 dyal l-FCC l-Routers: l-Lajna l-Federaliya dyal l-Itissalat f l-Marikan (FCC) men3at l-istirad dyal routers jdad mssowbin f l-kharij, b ssebaba dyal makhawif mn l-amn l-qawmi.
- t-Haqquq mn l-Sin dyal Apple f l-UK: iOS 26.4 daba kytleb mn l-mostakhdimin f l-UK l-carte dyal l-credit aw l-ID bach i-verifiw l-sin dyalhom qbel ma i-telechargiw chi apps aw ibadlou des settings hassasa.
- Hukm f qadiyat Ransomware: Ilya Angelov، roussi m-li m3a majmou3at TA551, t-hkam 3lih b 3amayn dyal l-habs hit kan kisseyer botnet t-sta3mel f houjoumat ransomware f l-Marikan.
- Tesslim l-mousstaghil dyal RedLine: Wahd l-Armeni, Hambardzum Minasyan, t-sallem l l-Marikan hit m-tourret f t-ssyir dyal l-infrastructure dyal malware l-marouf RedLine Stealer.
Thoghrat khatira khassha t-patcha (Trending CVEs)
L-weqt bin l-iktichaf dyal l-thoghra w l-istighlal dyalha ghadi w kikssr. Khass l-faric l-amni i-prioritiser hado:
- Citrix: CVE-2026-3055 (NetScaler ADC/Gateway)
- Fortinet: CVE-2026-21643 (FortiClient EMS SQL Injection)
- Oracle: CVE-2026-21962 (WebLogic Server - CVSS 10.0)
- Okhra: Kayn updates kaman l-QNAP, Google Chrome, Node.js, w TP-Link.
Khoulassa
Had l-osbou3 ky-beyyen ana l-hackers wallat 3andhom "l-khatr". Swa f l-bqā’ dyal Red Menshen l-moda twila f chabakat l-itissalat aw l-isti3mal dyal blockchain f l-C2 mn tref GlassWorm. Wakha l-amn dar chi injazat—f-hal l-hukm 3la l-a3da2 dyal TA551—walakin l-istighlal s-sari3 dyal l-thoghrat f Citrix w Oracle kiy-idd ana l-modafi3in khasshom ibqaw dima f-yiqin.
L-masdar: The Hacker News