Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ministry of Justice and Legal Affairs of Oman hit by network compromise

Incident
First reported
Last updated
Happening score
H score 24
1 unique sources, 1 articles

Summary

Hide ▲

The Ministry of Justice and Legal Affairs of Oman suffered an active intrusion that exposed session logs and more than 26,000 user records, raising risk to judicial and registry data. An open directory on 172.86.76[.]127 contained live compromise artifacts, including a toolkit and C2 code. The exposed material included judicial case data, committee decisions, and SAM and SYSTEM registry hives.

Related Happenings

Sefirah infostealer delivered through a malicious Hugging Face repository

Malware Activity
First: 09.05.2026 17:26 Last: 09.05.2026 17:26 Sources 1

About this happening: A malicious **Hugging Face** repository impersonated **OpenAI’s Privacy Filter** and delivered **sefirah**, a **Rust-based infostealer**, to **Windows** users, creating credential...

Open Happening

MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy

Campaign
First: 06.05.2026 16:02 Last: 06.05.2026 16:02 Sources 1

About this happening: The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...

Open Happening

Storm-1175 high-tempo Medusa ransomware campaign

Campaign
First: 07.04.2026 13:02 Last: 07.04.2026 13:02 Sources 1

About this happening: **Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...

Open Happening

CL-UNK-1068 years-long espionage campaign targeting Asian organizations

Campaign
First: 09.03.2026 09:21 Last: 09.03.2026 09:21 Sources 1

About this happening: A **Chinese threat actor** is linked to a **years-long espionage campaign** against **high-value organizations in South, Southeast, and East Asia**, creating persistent risk for c...

Open Happening

Velvet Tempest ClickFix malvertising campaign

Campaign
First: 07.03.2026 18:14 Last: 07.03.2026 18:14 Sources 1

About this happening: **Velvet Tempest** ran a **malvertising**-driven **ClickFix** operation that used obfuscated Windows commands to gain access and stage payloads, making the intrusion chain more ef...

Open Happening

Timeline

  1. 06.05.2026 16:00 2 articles · 21d ago

    Omani justice ministry intrusion campaign exposed

    Initial Disclosure

    Hunt.io exposed an active intrusion campaign against the Ministry of Justice and Legal Affairs of Oman after finding an open directory on 172.86.76[.]127, a RouterHosting VPS in the United Arab Emirates, with toolkit files, C2 code, session logs, and exfiltrated data left in plain sight. The exposed material linked the compromise to more than 26,000 Ministry of Justice user records plus judicial case data, committee decisions, and SAM and SYSTEM registry hives.

    Show sources
    Open in new tab