This is the online edition of The Wiretap newsletter, your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.

As missiles have continued to hit targets in Tehran, many feared a swift response from Iran’s cyber units. So far, it’s been muted.

Rafe Pilling, director of threat intelligence at cybersecurity company Sophos, said there has been nothing out of the ordinary so far. The groups that are active do still have the capability to “harass” organizations using hack and leak tactics, but not the ability to pull off larger operations, he said.

One of the few groups pledging to retaliate, known as the Handala Group, has claimed attacks on Jordan’s energy infrastructure, which have not been verified, and threatened to carry out further attacks. Pilling said that they are overblown claims, typical of Handala, though it has successfully breached senior Israeli officials in the past. However, Handala may struggle to maintain a platform on some of the social sites where it has been especially vocal; X deactivated its premium account after Forbes reported on the hackers’ ties to Iran’s Ministry of Intelligence and Security.

Despite the lack of significant cyber response, caution remains. The U.K.’s National Cyber Security Centre, a branch of the GCHQ intelligence agency, said that while there was no change in its guidance for U.K. companies, “there is almost certainly a heightened risk of indirect cyber threat for those organizations and entities who have a presence, or supply chains, in the Middle East.”

Pavel Gurvich, a former programmer for the Israel Defense Force, noted that while Tehran has invested heavily in offensive cyber capabilities, often it has been focused on spying on and censoring Iranians. That could change now that the regime’s future is in question, said Gurvich, now CEO and cofounder of AI-focused cybersecurity startup Tenzai.

“Capabilities that were once held back as long term strategic assets can quickly become tools for immediate impact,” he said. “In that moment, the likelihood of destructive cyber operations rises. Restraint fades, survival takes over, and the risk environment shifts accordingly.”

Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.

OpenAI Blurs Its Mass Surveillance Red Line With New Pentagon Contract

OpenAI wins a Department of War contract from under the nose of chief rival Anthropic. But critics fear it’s gone too far in giving Pete Hegseth’s agency concessions for mass surveillance.

Stories You Have To Read Today

There’s been an uptick in jamming attacks on satellite navigation systems, hitting as many as 1,100 ships in the Middle East since the U.S. and Israel launched missiles into Iran, Wired reports.

DDoSecrets, a resource for leaked documents, published data on ICE contracts allegedly stolen by a hacker group called the Department of Peace from the DHS's Office of Industry Partnership. On releasing the data, the hackers wrote, “Why hack the DHS? I can think of a couple Pretti Good reasons!”

Tel Aviv cybersecurity startup Gambit Security raised $61 million in a round funded by Spark Capital, Kleiner Perkins and Cyberstarts. Gambit offers AI that continuously measures resilience against the latest threats, whether cyberattacks or unintentional downtime, so companies can stay online when disaster strikes.

Ukrainian national Yurii Nazarenko, also known as “John Wick,” was charged and pled guilty for his role in operating the website “OnlyFake,” which sold fake photos of identification documents such as passports and driver’s licenses. The DOJ said it was among the “first ever charges for digital fake identification documents.”

© Forbes