{"id":193550,"date":"2026-03-06T23:12:00","date_gmt":"2026-03-07T04:12:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/cyberattacks-surge-amid-middle-east-escalation-leaked-iphone-spyware-and-other-cybersecurity-news\/"},"modified":"2026-03-07T00:15:17","modified_gmt":"2026-03-07T05:15:17","slug":"cyberattacks-surge-amid-middle-east-escalation-leaked-iphone-spyware-and-other-cybersecurity-news","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/cyberattacks-surge-amid-middle-east-escalation-leaked-iphone-spyware-and-other-cybersecurity-news\/","title":{"rendered":"Cyberattacks surge amid Middle East escalation, leaked iPhone spyware, and other cybersecurity news"},"content":{"rendered":"

Cyberattacks surge amid Middle East escalation, leaked iPhone spyware, and other cybersecurity news<\/a><\/p>\n

https:\/\/forklog.com\/en\/cyberattacks-surge-amid-middle-east-escalation-leaked-iphone-spyware-and-other-cybersecurity-news\/<\/a><\/p>\n

Publish Date: 2026-03-06 23:12:00<\/a><\/p>\n

Source Domain: forklog.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Weekly digest: Middle East cyberattacks, iPhone spyware leak, FBI forum takedown.<\/p>\n

\t\t\t We gathered the week\u2019s most consequential cybersecurity news.<\/p>\n

The Middle East conflict sparked cyberattacks across 16 countries.
\nKazakhstan suspects a group of laundering $4.7 million via cryptocurrency.
\nResearchers uncovered spyware tools for hacking iPhones.
\nThe FBI shut down a cyber forum with data on 142,000 members.<\/p>\n

Middle East conflict sparked cyberattacks across 16 countries
\nCybersecurity researchers at Radware warned of a spike in hacker activity following a coordinated military campaign by the US and Israel against Iran.
\nThe first DDoS attacks were recorded on 28 February. Analysts said the operation was carried out by Hider Nex (also known as Tunisian Maskers Cyber Force), a Tunisian hacktivist group. It uses a \u201chack-and-leak\u201d strategy, combining deliberate network overloads with data theft to push its agenda.
\nAccording to Radware, between 28 February and 2 March there were 149 claims of denial-of-service attacks targeting 110 organisations in 16 countries. Twelve different groups took part, with Keymous+ and DieNet accounting for roughly 70% of all activity.
\nSource: Radware.
\nAttack statistics:<\/p>\n

the vast majority of attacks (107) were concentrated in the Middle East. Europe accounted for 22.8% of global activity;
\nalmost 47.8% of affected organisations were in the public sector, followed by finance (11.9%) and telecommunications (6.7%);
\nwithin the Middle East, attacks hit Kuwait (28%), Israel (27.1%) and Jordan (21.5%).<\/p>\n

Other groups involved included Nation of Saviors, Conquerors Electronic Army, Sylhet Gang, 313 Team, Handala Hack, APT Iran and others.
\nAccording to The Hacker News, the current wave of cyberattacks includes:<\/p>\n

breaches of military networks. Pro-Russian Cardinal and Russian Legion claimed to have hacked Israeli military networks, including the \u201cIron Dome\u201d air-defence system;
\nSMS phishing. One target was the RedAlert app \u2014 the mobile version of the \u201cTzeva Adom\u201d (\u201cRed Color\u201d) early-warning system. The attackers likely exploited vulnerabilities to implant spyware on devices;
\nthe revival of old threats. The Cotton Sandstorm (Haywire Kitten) group resurfaced as Altoufan Team, attacking websites in Bahrain.<\/p>\n

Kazakhstan suspects group of laundering $4.7m via cryptocurrency\u00a0
\nKazakh law enforcement detained suspects accused of illegal activity and money laundering using cryptocurrency, the press service of the AFM reported.
\nInvestigators said the organiser ran a scheme to profit from transactions in digital assets. Participants recruited \u201cdroppers,\u201d registered bank cards and exchange accounts in their names, conducted financial operations and then cashed out the proceeds.
\nMoney sent to bank cards of more than 150 intermediaries was transferred to their crypto wallets on the ATAIX exchange. The criminals provided fake loan agreements between account holders and an affiliated legal entity, after which the funds were converted into digital assets and sent to OKX addresses.
\nFor conversion and withdrawal, a controlled exchange point was used to move funds into foreign currency. The total value of transactions exceeded 3.5 billion tenge (about $4.7 million at the time of writing).
\nDuring searches, officers seized 46 mobile phones, 92 bank cards and 25,463 USDT.
\nResearchers uncovered spyware tools to hack iPhones\u00a0
\nCybersecurity researchers at Google Threat Intelligence Group (GTIG) found a powerful toolkit for hacking iPhones running older iOS versions. They believe criminals obtained the spyware following a leak from a government customer.
\nThe exploit bundle, dubbed Coruna, was first detected by Google in February 2025 during an attempt by a surveillance-technology vendor to hack a phone with spyware on behalf of a government agency.
\nMonths later, the malware was spotted in a large-scale campaign by a Russian espionage group against Ukrainian users, and later with a hacker in China.
\nGoogle researchers warned of an emerging market for \u201csecond-hand\u201d exploits, resold to hackers seeking to maximise returns on vulnerabilities.
\nMobile-security firm iVerify reverse-engineered the tools. Its specialists linked the Coruna package to the US government, based on similarities to software previously attributed to the United States.
\nAccording to Google\u2019s experts, Coruna is highly dangerous: it can bypass iPhone protections via a simple visit to a malicious website (for example, by following a link), a technique known as a \u201cwatering hole\u201d attack. The package can compromise a handset in five different ways, chaining 23 distinct vulnerabilities. Devices running iOS versions from 13 through 17.2.1 remain at risk.
\nFBI shut down cyber forum with data on 142,000 members
\nIn a Europol-led operation, the FBI seized a major online platform used by hackers to trade intrusion tools and stolen data.\u00a0
\nOn 3\u20134 March, law enforcement blocked two LeakBase domains and warned users that evidence was being collected. Simultaneously, searches, arrests and interviews took place in the US, Australia, Belgium, Poland, Portugal, Romania, Spain and the UK.
\nLeakBase had operated since 2021 and was initially backed by the ARES hacking group. It grew substantially after the Breached forum was shut down \u2014 its audience exceeded 142,000 members.
\nRegistration was free. The forum offered access to databases, a marketplace for leaks and exploits, an escrow payment system, and sections on programming, social engineering and cryptography.
\nAlabama resident blackmailed hundreds of women after hacking their accounts
\nA 22-year-old Alabama man pleaded guilty to extortion, cyberstalking and fraud after hacking the social-media accounts of hundreds of women, the US Department of Justice said.
\nFrom April 2022 to May 2025, Jamarcus Mosley posed as victims\u2019 friends and used other manipulation tactics to trick women into handing over recovery codes and passwords. He then seized control of their Snapchat, Instagram and other social-media accounts.
\nAfter the hacks, he threatened to publish private intimate photos and videos or permanently block access unless his demands were met:<\/p>\n

granting full access to additional accounts;
\nsending new sexualised content;
\npaying various sums of money.<\/p>\n

Prosecutors said that in one case Mosley used a hacked account belonging to a 17-year-old victim to contact her 13-year-old sister. He sent her a Snapchat map screenshot, implying he knew where she lived. In another case he posted stolen images of a victim online.
\nAlso on ForkLog:<\/p>\n

A hacker withdrew $2.7m from Solv Protocol amid an unexpected token surge.
\nUS authorities arrested a suspect in the theft of $46m from a government wallet.
\nMicrosoft and Coinbase helped shut down the Tycoon phishing service.
\nHackers targeted crypto specialists while posing as venture investors.
\nAn app appeared online to detect smart glasses.
\nErrors were found in OpenAI\u2019s AI benchmark for auditing blockchains.
\nA court dismissed fraud claims against Uniswap.
\nCrypto-market losses from hacks fell to an 11-month low.
\nTether has frozen $4.2bn in illicit funds to date.<\/p>\n

What to read this weekend?
\nIn a new ForkLog feature, Krzysztof Szpak examines how AI street-surveillance systems work in big cities and why governments rushed to roll them out everywhere.<\/p>\n

\t\t\t\t\u041f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0439\u0442\u0435\u0441\u044c \u043d\u0430 ForkLog \u0432 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445<\/p>\n

Found a mistake? Select it and press CTRL+ENTER<\/p>\n

\t\t\t\t\u0420\u0430\u0441\u0441\u044b\u043b\u043a\u0438 ForkLog: \u0434\u0435\u0440\u0436\u0438\u0442\u0435 \u0440\u0443\u043a\u0443 \u043d\u0430 \u043f\u0443\u043b\u044c\u0441\u0435 \u0431\u0438\u0442\u043a\u043e\u0438\u043d-\u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438!<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Cyberattacks surge amid Middle East escalation, leaked iPhone spyware, and other cybersecurity news https:\/\/forklog.com\/en\/cyberattacks-surge-amid-middle-east-escalation-leaked-iphone-spyware-and-other-cybersecurity-news\/ Publish…<\/p>\n","protected":false},"author":1,"featured_media":193551,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/forklog.com\/wp-content\/uploads\/img-b5d7b9875a5427f0-4082029324633328.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,35,32,25],"class_list":["post-193550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-hacker","tag-malware","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193550"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=193550"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193550\/revisions"}],"predecessor-version":[{"id":193552,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193550\/revisions\/193552"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/193551"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=193550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=193550"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=193550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}