HomeIntelligenceBrief
🔓 BREACH BRIEF🔴 Critical🔓 Breach

Pro‑Iran Handala Group Breaches Israeli Defence Contractor PSK Wind, Leaks Command‑and‑Control Designs

Handala, a pro‑Iran hacktivist outfit linked to Iran‑backed Void Manticore, claimed on 2 April 2026 to have breached PSK Wind Technologies, an Israeli defence‑systems integrator. The group published internal command‑and‑control schematics and related documents, exposing critical military technology and raising supply‑chain risk for allied organisations.

🛡️ LiveThreat™ Intelligence · 📅 April 03, 2026· 📰 securityaffairs.com
🔴
Severity
Critical
🔓
Type
Breach
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
securityaffairs.com

Pro‑Iran Handala Group Breaches Israeli Defense Contractor PSK Wind, Exposes Command‑and‑Control Documents

What Happened – On 2 April 2026 the pro‑Iran hacktivist group Handala announced it had infiltrated PSK Wind Technologies, an Israeli firm that designs command‑and‑control (C2) systems for air‑defence and critical communications. The attackers released internal design documents, architecture diagrams, location photos and other classified material, claiming the data was forwarded to “Axis of Resistance” missile units.

Why It Matters for TPRM

  • Sensitive C2 schematics of a nation‑state defence supplier have been publicly disclosed, raising the risk of weaponisation or sabotage of allied defence assets.
  • The breach demonstrates a supply‑chain foothold that could be leveraged to compromise downstream customers (e.g., foreign militaries, OEMs, integrators).
  • Handala’s pattern of phishing‑driven intrusions and destructive wiper attacks signals a high likelihood of follow‑on extortion or sabotage campaigns.

Who Is Affected – Defence and aerospace manufacturers, government defence ministries, critical‑communications providers, and any third‑party that integrates PSK Wind’s C2 solutions.

Recommended Actions

  • Review contracts and security clauses with PSK Wind or any subcontractor that uses its C2 platforms.
  • Verify that all data‑in‑transit and at‑rest encryption, segmentation, and least‑privilege controls are enforced for any shared artefacts.
  • Conduct threat‑intel monitoring for indicators of compromise (IOCs) linked to Handala/Void Manticore activity.
  • Update incident‑response playbooks to include potential supply‑chain sabotage scenarios.

Technical Notes – The group is believed to have used spear‑phishing emails to obtain privileged credentials, then exfiltrated design files via encrypted channels. No specific CVE was cited; the attack leveraged human‑factor weaknesses rather than software bugs. Data types disclosed include system architecture diagrams, source code snippets, and internal communications. Source: SecurityAffairs

📰 Original Source
https://securityaffairs.com/190319/data-breach/pro-iran-handala-group-breached-israeli-defence-contractor-psk-wind-technologies.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

🛡️

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →