Two years ago, Capita told investors it would save billions due to implementing GenAI into every part of its business.
Yesterday, they informed investors GenAI was going very well for them, in a annual results statement which said everything was amazing! Sadly, the investors read the actual numbers, and did this:
The problem with fountain pens is once you get used to writing with them, all other pens feel TERRIBLE.
Handala appear to have fully wiped a company called Stryker, a global healthcare company.
Not in the link but they've got into AD, and wiped all the devices with Intune etc etc.
https://www.irishmirror.ie/news/irish-news/stryker-cyber-attack-thousands-irish-36850017
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
So @xaitax has cracked Microsoft Recall, he's got access to the encrypted database and has automated dumping of screenshots and all text from screenshots.
I've looked at most recent Recall and yep, you can just read the database as a user process. The database also contains all manner of fields which aren't publicly disclosed for tracking the user's activity.
No AV or EDR alerts triggered, world's #1 in infostealer 😅
* you can just read it in plain text
Well this changes the tone
