By rssfeeds-admin 
By infiltrating a third-party vendor deeply embedded in the IDF supply chain, Handala effectively bypassed direct military network perimeters, a hallmark tactic of sophisticated nation-state intrusions.
According to reports from threat intelligence researchers, Handala launched a sophisticated cyberattack against PSK Wind Technologies and claimed to have gained full access to the company’s sensitive internal data.
The volume of stolen data is described as massive, indicating a deep and sustained intrusion into the contractor’s network that extended well beyond a surface-level compromise.
Compromised Operational Data Publicly Released
The scope of the leaked materials represents an unprecedented exposure of Israeli military operational security.
Handala published photographs showing the interior of active IDF command and control centers, the facilities where Israel plans and executes its military missions.
Exposing the physical layout of these classified facilities creates immediate and tangible risks to both personnel safety and operational continuity.
Alongside facility imagery, the data dump contains internal documents detailing the daily operations and strategic communications of the defense contractor.
Most critically, the threat actors released deep technical schematics, including internal engineering drawings of advanced communications hardware, photographs of physical communication devices, and detailed product manuals.
By releasing this documentation, the hackers have effectively provided hostile intelligence services with a comprehensive technical manual on how IDF communication systems are designed, installed, and operated.
In a particularly alarming disclosure, Handala stated that the intelligence obtained during the operation had been transferred to missile units within the Axis of Resistance, elevating the breach beyond mere espionage into a potential kinetic threat enabler.
Handala, also tracked by threat intelligence firms as Void Manticore, BANISHED KITTEN, and Red Sandstorm, is an advanced persistent threat (APT) group operating under the direction of Iran’s MOIS.
The group blends traditional “hack-and-leak” operations with destructive wiper attacks, psychological warfare, and targeted disinformation campaigns.
The group has dramatically escalated its operational tempo and capabilities in 2026. In March 2026, Handala leveraged hijacked Microsoft Intune credentials to remotely wipe over 200,000 enterprise devices across 79 countries in a devastating attack on medical technology giant Stryker.
The group also claimed responsibility for breaching FBI Director Kash Patel’s personal email, targeting Jordan’s fuel systems, and doxxing nearly 30 Lockheed Martin engineers stationed in Israel.
Researchers from Check Point, Palo Alto Unit 42, and Deepwatch have confirmed the group is now capable of enterprise-scale destructive operations using cloud administration platforms as weapons.
BREAKING: Iranian nation-state threat actor Handala has breached Israeli defense contractor PSK Wind Technologies.
They’ve released confidential files showcasing top secret communications systems, internal documents, location photos and more. pic.twitter.com/w2Li9P1ZLp
— International Cyber Digest (@IntCyberDigest) April 2, 2026
The PSK Wind Technologies breach underscores the accelerating danger of supply chain attacks targeting defense sectors.
By focusing on a private contractor rather than a hardened military network, Handala exploited the inherently weaker cybersecurity posture of a commercial entity to reach classified government assets.
This mirrors an established pattern in which nation-state actors exploit trusted third-party relationships to penetrate otherwise impenetrable targets.
Cybersecurity analysts note that Handala’s operational goals are not primarily financial the group’s strategic objectives center on psychological warfare, intelligence collection for kinetic operations, and the long-term destabilization of Israeli and Western critical infrastructure.
The PSK Wind Technologies breach, if validated, would represent one of the most significant defense supply chain compromises attributed to an Iranian actor in the current conflict cycle.
Security teams across Israeli defense, government, and critical infrastructure sectors are urged to immediately audit third-party vendor access, review supply chain security protocols, and implement enhanced monitoring for lateral movement within contractor networks.
The full extent of the leaked data and its long-term impact on IDF operational security continues to be assessed by cybersecurity researchers and intelligence agencies.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Iranian Hacker Group Handala Claims Breach of Israeli Defense Contractor appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.