The QILIN attack group has claimed responsibility for a cyberattack on Shamir Hospital (Assaf Harofe), threatening to release approximately 8 TB of sensitive medical information if a ransom is not paid within 72 hours. The group made this claim and threat between 5:38 PM and 6:08 PM UTC on October 2nd, 2025, according to reports from חדשות סייבר - ארז דסה. The attackers stated that while they had expected to encrypt the data, the process appears to have been halted prematurely, with ongoing hospital operations continuing. However, they also assert that sensitive information has been exfiltrated and is in their possession. The full extent of the data leak and the veracity of the 8 TB claim remain to be confirmed as more information becomes available in the coming days. Previous reports from October 2nd, 2025, detailed other regional military and cyber activities. This included Iranian Defense Minister comments on foreign military activity, Israeli forces eliminating three Hezbollah operatives, and the expansion of Israel's RA-01 stealth UAV program at Ramon Air Base. The U.S. Army was also reportedly increasing its THAAD ballistic missile defense sites in Israel. Separately, KittenBusters began doxxing the Iranian APT Charming Kitten on October 1st, 2025, revealing its affiliation with the IRGC-IO's Counterintelligence Division.
