惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Security Archives - TechRepublic
Security Archives - TechRepublic
N
News and Events Feed by Topic
Last Week in AI
Last Week in AI
博客园 - 司徒正美
The GitHub Blog
The GitHub Blog
O
OpenAI News
The Last Watchdog
The Last Watchdog
T
The Blog of Author Tim Ferriss
M
MIT News - Artificial intelligence
P
Proofpoint News Feed
Forbes - Security
Forbes - Security
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
有赞技术团队
有赞技术团队
Jina AI
Jina AI
GbyAI
GbyAI
V
Vulnerabilities – Threatpost
L
LangChain Blog
Vercel News
Vercel News
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
AI
AI
博客园 - 聂微东
W
WeLiveSecurity
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Scott Helme
Scott Helme
罗磊的独立博客
Martin Fowler
Martin Fowler
S
Security Affairs
T
Tor Project blog
Recent Announcements
Recent Announcements
F
Fortinet All Blogs
美团技术团队
C
Cisco Blogs
PCI Perspectives
PCI Perspectives
Recent Commits to openclaw:main
Recent Commits to openclaw:main
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
A
About on SuperTechFans
Cisco Talos Blog
Cisco Talos Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
I
Intezer
B
Blog
WordPress大学
WordPress大学
I
InfoQ
G
Google Developers Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
V
V2EX
P
Privacy & Cybersecurity Law Blog
雷峰网
雷峰网

Consumer Insights

The ransomware negotiator who was working for the other side After years on the run, alleged Ryuk ransomware operator pleads guilty INTERPOL crackdown shows scammers shifting to social media Meta lets strangers remix your public Instagram photos with AI—here’s how to opt out Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud India pauses WhatsApp username feature over security concerns Alleged teen ransomware hustler faces US charges after arrest in Finland WhatsApp usernames explained: how to reserve yours and stay safe Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year WhatsApp tests new safety prompt before you chat with strangers Social media is worth celebrating. It's also worth protecting. Polish police dismantle SIM-swap gang accused of crypto theft Operation Endgame deals fresh blow to StealC and Amadey malware networks Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Cybercrime now rivals traditional crime across parts of Asia Apple's Hide My Email tweak leaves privacy fans fuming Americans lost $3.5 billion to imposter scams last year — and the scams are getting harder to spot Scammers have killed the physical Steam Gift cards Crypto investment scam sends couriers to collect victims' cash, FBI warns Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Why schools remain one of cybercriminals' favourite targets WhatsApp detects new spyware activity from Israel’s NSO Group despite court order Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Europol cracks down on illegal streaming globally Hackers didn't hack Instagram; they just asked Meta AI FBI Warns Fans About FIFA Scams Ahead of 2026 World Cup Virtual knife, real lawsuit: Counter-Strike skin dispute ends in court As Deepfakes Spread, YouTube Makes AI Labels Harder to Miss Carnival breach exposes data of nearly 6 million people Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached FBI warns criminals impersonating IT support to breach law firms FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Telecom Executives Plead Guilty to Tech Support Fraud 7-Eleven data breach exposes data of 185,000 people ASIC Warns Australians About Crypto Trading Scams Google Search AI Mode brings a major overhaul Deleted Google API keys may remain active for 23 minutes Ukrainian police identify perp in $721k infostealer scheme Steam removes horror game after malware steals player data FBI: Crypto ATM Scams Keep Growing as Americans Lose Millions FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Scam Centers Under Pressure as INTERPOL Makes More Arrests FBI Warns Older Adults Lost Billions to Scammers Burst Statistics WordPress flaw under attack Android 17 Will Let Users Verify Whether Their OS Is Legit Suspected Dream Market kingpin arrested after gold bars sent to his home address BitLocker zero-day exposes Windows drives as PoC goes public Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones Football Ticket Scams Are Rising Fast, Lloyds Bank Warns When ransomware gets physical: cybercriminals turn to threats of violence iPhone-to-Android Texts Are Now Encrypted (RCS Messaging) UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years Instagram Drops Encrypted DMs — What This Means for You New fear: Man films woman with smart glasses, seeks money to take video down ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia Inside Department 4: Russia's secret school for hackers Ubuntu’s new AI dreams attracted a very old-fashioned crypto scam on X Chrome 4GB AI model: What weights.bin does Sri Lanka makes 37 arrests as it raids another scam centre DAEMON Tools Lite breach prompts urgent update after malware-laced installer Brits Lost £102 Million to Romance Scams Last Year The Online Safety Act Is Changing the Internet for Kids World Password Day 2026 How Hackers Stole and Sold Roblox Accounts for $250,000 Before Getting Caught Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition 276 Arrested in Crypto Scam Crackdown Popular WordPress redirect plugin found with years-old backdoor Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Alleged Silk Typhoon hacker extradited to the United States to face charges FTC: Social Media Scams Cost Americans $2.1 Billion in 2025 French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches iOS Flaw Exposed ‘Deleted’ Signal Messages Sony Starts Enforcing PlayStation Age Verification; UK and Ireland Are First Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers You’ve Got Mail and It’s Tracking Your Warship Crypto Investment Scam Costs Woman in Hong Kong Nearly $1 Million Operation PowerOFF warns 75,000 DDoS users Singer loses life savings to fake wallet downloaded from the Apple App Store AgingFly malware targets Ukraine government, hospitals 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data FBI: Cybercrime Losses Hit $21 Billion in 2025, Fueled by AI Life imprisonment for Cambodian scam compound operators - but will it make a difference? Fake Claude Code leak on GitHub spreads Vidar malware Apple Expands ‘DarkSword’ Patch to More iPhones and iPads Nigerian romance scammer jailed after being caught out by fellow fraudster Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns Fake CERT-UA emails spread AGEWHEEZE in ukraine Alleged RedLine malware developer extradited to United States The Scam That Tricks You Into Infecting Your Own Mac Don't Ignore This Security Alert Apple Sent to iPhone Lock Screens Meta and YouTube Designed Addictive Platforms, Jury Finds TikTok Business phishing campaign targets advertisers Lapsus$ claims AstraZeneca breach exposes code and credentials How one man used 10,000 bots to steal $8,000,000 from music artists
Iranian hackers breach FBI director's personal email, and post his CV and photos online
2026-03-31 · via Consumer Insights

It's not every day that you read that the head of America's top law enforcement agency has been hacked, but then - these aren't ordinary times.

The FBI has confirmed that Iran-linked hackers have broken into the personal email inbox of FBI Director Kash Patel, and published photos of him as well as other stolen documents.

The Handala hacking group, a pro-Iranian, pro-Palestinian hacktivist operation, has published on its website a series of personal photographs of Kash Patel :sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum." The hackers also posted what appears to be the FBI director's CV.

A sample of the material uploaded by the hackers and reviewed by Reuters appears to show a mix of personal and work correspondence dating between 2010 and 2019.

Reporters at TechCrunch have confirmed that at least some of the leaked emails did originate from Patel's Gmail account by verifying the message headers. The most recent files in the leak appear to date from about 2019.

In a statement the FBI said that it was "aware of malicious actors targeting Director Patel's personal email information," and that it had "taken all necessary steps to mitigate potential risks associated with this activity."

According to the FBI, no classified or government systems have been accessed. The hack appears to have been limited to Patel's private Gmail account, rather than any FBI infrastructure. Although that is, perhaps, not much comfort for the director of the world's most famous law enforcement agency.

To add to Kash Patel's embarrassment, this isn’t even the first time he has been targeted by Iranian hackers. His personal messages were previously hacked in December 2024, before he was appointed FBI director.

The Handala hacking group's activity has escalated recently in response to the United States and Israel launching an attack on Iran. Handala has claimed responsibility in recent weeks for hacks against Stryker and Lockheed Martin in response to the war on Iran.

The Stryker attack saw Handala claim credit for crippling the network of the medical device provider by deleting huge amounts of company data and wiping thousands of employee devices.

Earlier this month, the DOJ seized and took down four websites linked to the Handala group, making the Kash Patel leak look very much like a direct act of retaliation.

The FBI has announced that a US $10 million reward is on offer for information related to the Handala hackers.

The attack on Kash Patel's inbox is more embarrassing than catastrophic. Old personal emails and photos of Patel puffing on cigars are unlikely to compromise national security. But it is clear that Iranian hackers are becoming increasingly destructive and brazen in their attacks, especially against those allied to those who Iran considers to be a threat to its own security.

Private businesses are potentially just at much at risk of having their services disrupted, information stolem, or data erased as those organisations working alongside the US and Israeli government and military.

And clearly senior officials, in government and business, remain high-value targets for state-backed hackers. A personal Gmail account linked to the FBI director can never be considered a low-profile target.

Using strong, unique passwords and enabling multi-factor authentication on personal accounts isn't just good advice for regular users. It's essential hygiene for anyone whose inbox might one day end up being plastered across an Iranian hacking group's website.