{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreig2b7ltiilskkakbirhp6zrc4kltfsj4fpkbvnnphxmr4j52dxgei",
    "uri": "at://did:plc:wnd7xrumusq5uayjfi2pgfno/app.bsky.feed.post/3mh6mkuzy7kq2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreia2dxg762mctcizecybbrvxxhszkrdcbw3gbkldpk4cik7tqbllb4"
    },
    "mimeType": "binary/octet-stream",
    "size": 602523
  },
  "description": "TL;DR\n\n * Payload Ransomware claims 110 GB data breach of Royal Bahrain Hospital, threatens release by March 23\n * Microsoft KB5079473 update causes Windows 11 BSODs and C: drive access denials on Samsung Galaxy Book models\n * Meta to shut down Instagram end-to-end encryption for direct messages by May 8, 2026, citing under 1M active users\n\n\n💥 110 GB Gulf Hospital Hack: ChaCha20 Ransom Hits 70-Bed Bahrain\n\n110 GB of Gulf medical records just got ChaCha20-twirled by “Bharna20” 🕺—that’s 2.5M X-r",
  "path": "/2026-03-16-115097038890468402797489594858255646891/",
  "publishedAt": "2026-03-16T13:59:44.000Z",
  "site": "https://espresso.cafecito.tech",
  "textContent": "### TL;DR\n\n  * Payload Ransomware claims 110 GB data breach of Royal Bahrain Hospital, threatens release by March 23\n  * Microsoft KB5079473 update causes Windows 11 BSODs and C: drive access denials on Samsung Galaxy Book models\n  * Meta to shut down Instagram end-to-end encryption for direct messages by May 8, 2026, citing under 1M active users\n\n\n\n* * *\n\n## 💥 110 GB Gulf Hospital Hack: ChaCha20 Ransom Hits 70-Bed Bahrain\n\n> 110 GB of Gulf medical records just got ChaCha20-twirled by “Bharna20” 🕺—that’s 2.5M X-rays for sale on Tor! RBH’s 70 beds now a 0-day hostel. Patients? Sitting ducks. GCC suits, your move: pay the ransom or leak like a BP well?\n\nRoyal Bahrain Hospital got curb-stomped by Payload ransomware: 70 beds, five Gulf nations’ worth of VIP organs, and zero adult supervision. The crooks ChaCha20-encrypted the whole trove, slapped it on a Tor site like cheap NFTs, and set a ransom timer: 23 Mar 2026—seven days to cough up or the world downloads your colonoscopy in 4K.\n\n### How the heist rolled\n\n  * Curve25519 key swap in under 60 s—faster than the hospital’s Wi-Fi login page.\n  * 130 GB vacuumed, 110 GB curated for maximum shame; the rest kept as encore leverage.\n  * One-week extortion cycle—new regional norm, because who needs patience when panic is free?\n\n\n\n### Impacts—feel the burn\n\n  * **Privacy** : >1 million patient records → phishing buffet, black-market VIP list.\n  * **Clinical** : EHR frozen → surgeons back to paper, scalpel in one hand, fax in the other.\n  * **Reputation** : GCC “medical tourism” brand → instant meme, #BahrainLeak trending hotter than desert asphalt.\n  * **Wallet** : ransomware payout + Bahraini fines up to $250 k per GDPR-style clause → budget hemorrhage worse than any gunshot wound.\n\n\n\n### What now? (a.k.a. the cheap & angry playbook)\n\n  * Air-gap the LAN—yes, yank the purple cable with your teeth if necessary.\n  * Boot Kali from a $5 USB, grep the Curve25519 pub-key, pass it to cops—maybe they can brute-force before your hair turns white.\n  * MFA everything; passwords like “Password123” now qualify as medical malpractice.\n  * GCC-CERT bat-signal: share IoCs faster than TikTok dances.\n  * Print this on the CEO’s forehead: “Backups, tested, offline—no, your nephew’s Dropbox doesn’t count.”\n\n\n\n### Timeline of impending doom\n\n  * **T-minus 6 days** : negotiators cry, partial dump drops, stock photos of your appendix hit Telegram.\n  * **Q2 2026** : regional hospitals finally ditch Windows XP—progress, baby!\n  * **2027** : Bahrain mandates ransomware drills, budgets for AES-256-GCM, still cheaper than paying Moldovan teens.\n\n\n\n### Bottom line\n\nIf a 70-bed sandbox can lose 110 GB in 60 seconds, your shiny “digital transformation” is a glittery toe tag. Patch like your life depends on it—because someone’s organ donor list just became public domain.\n\n* * *\n\n## 😂 8 Mln Samsung Galaxy Books Locked Out After Patch Tuesday ACL Chaos\n\n> 💥 8 MILLION Samsung laptops just got told “C:\\ is not accessible” by a phone-sync app—while Windows was busy patching 12 CVEs! 😂 Translation: your own software kneecapped you before hackers even got socks on. IT admins now playing ACL-Jenga at 2 a.m. — still love that Galaxy Connect bloat, or ready to nuke it?\n\nMonday morning, 10 March: your Galaxy Book chirps “Update ready!” You click, coffee in hand, and—**BAM** —the screen vomits turquoise death. C:\\ turns into Hotel California: you can check out any time you like, but you can never _access_ your files.\n\n### WTF Just Happened?\n\nKB5079473 itself is clean; the arsonist is Samsung’s Galaxy Connect app. Its 9 March auto-update rewrote NTFS permissions like a drunk notary—stripping SYSTEM and TrustedInstaller rights from the root folder. Windows 11 tries to load drivers, gets doors slammed in its face, and rage-quits with bug-check 0x9F. Reboot loop, tears, profanity.\n\n### Damage in One Sip\n\n  * **Scope** : 0.8 % of Windows 11 PCs—roughly **8 million** Galaxy Books—walked the plank.\n  * **Symptoms** : BSOD, “C:\\ is not accessible,” Outlook/Chrome/Office.exe digitally ghosted.\n  * **Geography** : US leads the bitching parade, followed by Brazil, India, SK, China, SA.\n\n\n\n### Quick & Dirty Bail-Outs\n\n  * Roll back KB5079473 (Settings > Update > Uninstall).\n  * Nuke Galaxy Connect v2.1.2; ACL reset script from Microsoft’s doc restores default permissions.\n  * Reinstall the patch after Samsung drops v2.1.3 (due “late March”).\n\n\n\n### Forecast of Fun\n\n  * **0–30 days** : Support lines will melt; most users patched or app-nuked → incidents fade.\n  * **30–90 days** : Samsung’s fix + Microsoft’s May cumulative wrap the wound.\n  * **> 90 days**: New OEM certification rulebook bans file-system cowboys; ACL corruptions become campfire lore.\n\n\n\n### TL;DR\n\nMicrosoft delivered a rock-solid update; Samsung’s “helpful” Android-sync bloatware turned it into a $1,200 paperweight facilitator. Par for the course: corporate giants finger-point while users foot the pain bill. Disable the junk, reclaim your C:, and remember—**never let an OEM app babysit your NTFS permissions again**.\n\n* * *\n\n## 🪓 Instagram Kills Encrypted DMs: 1 M Users Dumped, May 8 Deadline Looms\n\n> 0.3 % of IG chats ever bothered to turn on E2EE—so Meta’s yeeting the padlock 8 May 🪓. Translation: your \"secret\" convos were lonely AF & now they’re server-fodder. Export or watch Zuckerberg’s cloud slurp your nudes—Nevada AG’s already cheering. Who’s migrating to WhatsApp before the purge?\n\n**Ouch.** Remember when Meta pinky-swore 2021-grade privacy? Yeah, that promise just got un-friended. By 8 May 2026 Instagram’s opt-in end-to-end encryption (E2EE) flatlines—because fewer than 0.3 % of its DM cattle ever clicked the magic toggle. Translation: ~1 million privacy nerds out of 2 billion monthly scroll-zombies. 🪦\n\n### How did we get here?\n\n  * **Late 2023** : Meta quietly slides Signal-protocol tech into Instagram chats—region-locked, buried in settings, zero marketing bling.\n  * **2024-25** : Nevada & New Mexico AGs sue, whining E2EE hides child-sexual-abuse material. Regulators wave pitchforks; Meta accountants wave spreadsheets showing server-cost hemorrhage for a ghost-town feature.\n  * **13 Mar 2026** : In-app pop-up: “Download your secret crap before May 8 or watch it vanish.” Users collectively shrug.\n\n\n\n### Impact scorecard (because bullet points hurt less)\n\n  * **Privacy** : 100 % of opted-in chats go cleartext → Meta’s servers can once again slurp keyword vibes for ad algos.\n  * **Security theatre** : AGs cheer louder CSAM detection; actual detection numbers? Crickets.\n  * **Wallet** : Meta trims key-management overhead; savings undisclosed but you can bet it’s bigger than your annual coffee budget.\n  * **Competition** : WhatsApp keeps default E2EE for 2 B souls—Meta’s polite way of saying “move over there, whiners.”\n  * **Migration pool** : ≤1 M users—roughly the population of a mid-tier city—now shopping Signal or Telegram stickers.\n\n\n\n### Outlook—grab your crystal beer mug\n\n  * **Q2 2026** : Export deadline passes; Instagram DM crypto becomes an urban legend told at hacker camps.\n  * **2027** : If EU encryption roadmap hardens, Meta may U-turn and bolt E2EE back onto Instagram—this time default-on, lawsuits 2.0 included.\n  * **2028-29** : Expect every state AG to clone Nevada’s playbook: “Encryption = obstruction,” rinse, litigate, settle, repeat.\n\n\n\n### Parting shot\n\nBottom line: Instagram just proved “privacy” is a checkbox CFOs can un-check the moment bean-counters scream. The rest of us get a free lesson—if you want real secrecy, stop expecting billion-dollar ad empires to babysit your secrets.\n\n* * *\n\n### In Other News\n\n  * Rust community debates syntax overhaul: proposals to replace 'let mut' with shorter keywords spark debate over backward compatibility and ergonomic trade-offs\n\n",
  "title": "2.5M Gulf X-rays Hijacked: Tor Auctions 110 GB, Hospitals Held Hostage",
  "updatedAt": "2026-03-16T13:59:44.046Z"
}