Organisations or entities from six countries likely used Israeli spyware named "Graphite" to harvest data from Whatsapp and other messaging apps.

According to a report by The Citizen Lab, a human rights research laboratory based at the University of Toronto, the countries where the spyware was used included Australia, Canada, Cyprus, Denmark, Israel, and Singapore.

The development comes nearly two months after Meta-owned WhatsApp said it notified around 90 journalists and civil society members that it said were targeted by Graphite. The attacks were disrupted in December 2024.

Who created the spyware?

Paragon Solutions, founded in 2019 by Ehud Barak and Ehud Schneorson, a former commander of signals intelligence agency Unit 8200 of the Israel Defense Force (IDF), is the maker of a surveillance tool called Graphite that's capable of harvesting sensitive data from instant messaging applications such as Whatsapp.

Paragon pitches its tools as helping governments and law enforcement agencies to catch criminals and terrorists.

Unlike infamous tools like NSO Group’s Pegasus, which can hijack your entire phone, Graphite supposedly sticks to snooping on apps like WhatsApp or Signal.

How it works

Graphite’s tech is slick - using a zero-click exploit. What this means is that you don’t need to click a shady link—just having WhatsApp installed could be enough.

The target user is added to a chat group and a PDF will be sent. Even without clicking or doing anything, the user's Whatsapp will be exploited.

Once in, Graphite can grab your chats, track your moves, and more, all while you’re none the wiser.

The Citizen Lab worked with Meta (WhatsApp’s parent company) to spot and block it, but not before infected Android phones in Italy left clues—like the codename “BIGPRETZEL”—tying it to Paragon.

Apple has since addressed the attack vector with the release of iOS 18.

Tracing where the spyware was used

Researchers mapped Graphite’s digital fingerprints—its servers and IP addresses—across the internet. What they found was a sprawling network touching countries like Australia, Canada, Cyprus, Denmark, Israel, and Singapore.

It is important to note, however, that the use of a proxy server such as a VPN, may introduce inaccuracies.

"As our findings are based on country-level geolocation of DNS servers, factors such as VPNs and satellite Internet teleport locations can introduce inaccuracies," the Citizen Lab said in 2018.

Singapore servers commonly used to deploy spyware

In 2018, a data leak containing more than 50,000 phone numbers were suspected to be infected with the spyware Pegasus, also sold by an Israeli surveillance company. An investigation conducted by The Citizen Lab found that some of the phones suspected to be infected by the Pegasus spyware were in the UK, US and Singapore.

Back then, the Singapore Government said it is aware of these claims but cannot verify them as no reports have been filed.

In 2023, the Citizen Lab identified also traced suspected operating servers for the QuaDream spyware - another Israeli-made spyware - to 10 countries – Bulgaria, the Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, the United Arab Emirates and Uzbekistan.

The QuaDream spyware allowed third parties to record audio from phone calls and the microphone, take pictures through the device's cameras, and track the device's location. It also contained a self-destruct feature that would wipe any traces left behind by the spyware, leaving users none the wiser.

Singapore does not discuss specifics of technologies used

According to a 2023 CNA report, Minister of State for Home Affairs Desmond Tan, when asked if Singapore employs the QuaDream spyware back in 2022, he said then: "...agencies charged with the mission of safeguarding national security necessarily have to rely on a range of intelligence capabilities, including harnessing technology.

“For obvious reasons, the Government cannot and should not discuss specifics on any operational aspects or capabilities regarding our national security.”

A spokesman for the Ministry of Home Affairs said the Government does not generally provide details of how security agencies carry out their work.

“Our security agencies’ task is to keep Singapore safe, secure and sovereign,” he said.

“Serious threats to national security are varied, and include terrorism, and foreign subversion, espionage and interference,” he added.

As of publishing time, Singapore's authorities have not commented on the Graphite spyware.

Oracle announced last week (Mar 21) that it secured a significant contract with Singapore's Defence Science and Technology Agency (DSTA) to provide an **Oracle Cloud services for the Ministry of Defence (MINDEF) and Singapore Armed Forces (SAF). The Digital and Intelligence Service will also partner with Oracle to accelerate AI deployment for military missions.

In the same month, OCBC announced a partnership with Oracle to shift its finance operations to the cloud.

Just a day earlier (Mar 20), a user with the moniker "rose87168" posted on a hacking forum purportedly selling 6 million records extracted from Oracle Cloud's servers. The data included sensitive information such as encrypted credentials for authentication and other private keys of approximately 140K tenants.

It was the dubbed the biggest supply chain hack of 2025. The hacker claimed that the breach occurred 40 days ago in late February.

Hacker demanded ransom from Oracle in February 2025

A month before the hack, the hacker contacted Oracle with a demand for more than 200 million dollars in crypto coins.

Oracle refused to comply.

The hacker is currently coercing affected companies and organizations to pay for data removal, increasing financial and reputational risks.

Oracle initially denied the breach but investigations show leak is real

"There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data," the company told BleepingComputer shortly after news organizations reported on the hack.

On Tuesday (Mar 25), the hacker shared a 10,000-line sample to further substantiate their claims. The sample alone contains data from 1,500+ unique organisations, indicating a significant breach.

The dataset includes a substantial number of personal email addresses, likely due to organisations allowing SSO-based authentication for their users and customers.

DSTA, OCBC among organisations listed in the data leak

Fathership has identified dsta.gov.sg and ocbc.com as being listed in the data leak. Even if the entity do not use Oracle as the primary cloud, if someone tried Oracle at some point, even as a trial use, the domain might be present in the list shared by the hacker.

The authenticity of the hack is debated. Some analysts question the hacker’s inability to decrypt the data, suggesting it might be outdated (e.g., from 2022 backups) or exaggerated.

As of now, it’s unresolved, with Oracle standing by its denial and the cybersecurity community urging affected organizations to rotate credentials, monitor systems, and engage Oracle for clarification.

Nearly two decades ago, Harpreet Nehal Singh — Harvard-educated, mentored by legal giant Davinder Singh, and bold enough to spar with Lee Kuan Yew on live television — sought entry into Singapore’s ruling elite.

Between 2005 to 2006, Harpreet met with the top brass of PAP's leadership - including multiple one-on-ones with Lee Hsien Loong, Tharman Shamugaratnam, S Jayakumar (then deputy prime minister) and the late Lee Kuan Yew.

As Jom confirms in a 2024 interview with Harpreet: “The cabinet deliberated” before rejecting him with the ambiguous, “There are different ways to contribute to this country.”

Now, at 59, Harpreet traded the establishment’s orbit for the opposition’s front line.

From PAP Aspirant to WP Member — or mole?

Harpreet's rejection didn’t end his political ambitions — he applied for an NMP role in 2007 but was again unsuccessful.

By the 2010s, Jom notes his growing disillusionment with PAP, mirrored by its declining vote share (75.3% in 2001 to 61.2% in 2020).

In 2021, he began volunteering with then - WP MP Leon Perera, and by 2023, he was seen in WP’s light blue uniform, engaging in walkabouts and Hammer newspaper sales.

The timing and context of Harpreet’s PAP meeting invite close to two decades ago invite speculation: was his rejection genuine, or a staged exit to position him as a long-term asset?

Meeting senior PAP leaders suggests trust — why entertain a high-profile candidate only to dismiss him without cause?

Harpreet is Establishment material

Harpreet’s resume screams establishment: Straits Times columns, elite circles, a career thriving in the PAP’s ecosystem.

His 2023 pivot to the WP feels dramatic—too dramatic, perhaps.

Jom quotes him decrying POFMA, Yale-NUS’s closure, and media control: “I don’t see this thing self-correcting.”

It’s a sharp but measured critique, never fully anti-establishment - almost as if he’s playing a part, staying within bounds set by unseen handlers. But it’s also rehearsed, polished — “carefully primed, bullet-proofed,” as Jom puts it.

Could Harpreet’s 2005-2006 encounter have been a directive to embed himself elsewhere, resurfacing in the WP as it gains traction ahead of the 2025 General Election?

The mole hypothesis

Here’s the theory: the PAP, masters of control, saw in Harpreet not a liability but an asset.

They let him simmer, maintaining his insider ties — think Davinder Singh’s mentorship, his establishment perch — while grooming him for a covert role.

That 2005-2006 meeting wasn’t a dead end — it was a starting line. He’s not hiding disillusionment; he’s concealing loyalty.

The WP’s growth threatens the PAP’s grip; who better to embed than a credentialed ally who can pass as a convert?

If he wins a seat, he’s not just a voice — he’s a listener, a conduit back to the ruling elite.

Jom calls him a potential “big fish” for the opposition, but what if he’s bait, dangling to keep the WP in check?

The PAP didn’t lose him — they deployed him.

Harpreet the Harpoon

Harpreet’s WP role is public: he’s been photographed with leaders like Pritam Singh and Sylvia Lim, and his March 18, 2025, Facebook post declares pride in the party, advocating “balanced politics.”

Yet, the PAP’s silence on his departure is telling — no rebuttal, no narrative.

His insider roots — mentored by Davinder Singh, a PAP stalwart — contrast with his late opposition turn at 59.

The WP’s rise (10 seats in 2020) makes it a target for monitoring; Harpreet, with his credentials, fits as a potential plant.

No hard proof exists — his 2005-2006 meeting’s details remain opaque — but the hypothesis lingers.

What’s 'Harpreet the Harpoon' burying? A directive, whispered by senior leaders, to infiltrate and report? A promise of reward if he pulls it off? He’s not the naive reformer Jom lionizes; he’s a chess piece, moved by the party he claims to oppose.

Evidence is thin, but the pattern fits: a man too connected to break free, too strategic to act on whim.

What’s next?

Harpreet’s next steps will clarify his intent.

If he contests in 2025 and wins, his parliamentary actions — loyalty to WP or subtle PAP alignment — could reveal more.

For now, his journey from a 2005-2006 PAP meeting to WP prominence is fact; whether it masks a mole’s agenda is conjecture.

The timeline holds: he met PAP leaders nearly two decades ago, was rebuffed, and now challenges them — or does he?

新加坡最迟须在2025年11月举行大选，而工人党（WP）正高调造势，仿佛已准备好接管政权。

该党目前拥有10个议席（阿裕尼、盛港和后港），如今更瞄准其他选区如马林百列、东海岸、淡滨尼及白沙—榜鹅。随着新面孔涌现，包括资深律师哈普雷特·辛格（Harpreet Singh）的加入，坊间热议“蓝色浪潮（指工人党支持率的上升势头）”即将来袭。

但在欢呼声背后，工人党的执政表现却一团糟。我们真该给这些人更多话语权吗？且让我们深入分析。

工人党连胜势头强劲

工人党深谙胜选之道。2011年，陈硕茂助该党夺下阿裕尼集选区，震惊人民行动党（PAP）。

2020年，林志蔚（Jamus Lim）以“暖我的心房（warm my cockles，指感动人心）”的言论赢得盛港选区，此言至今仍被津津乐道。

如今，新晋党员哈普雷特·辛格·内哈尔（Harpreet Singh Nehal）——这位从知名律师转型的政坛新人——可能成为下一颗明星。他被发现活跃于马林百列选区，其履历令人瞩目（堪称法庭精英与草根战士的结合体）。

尽管行动党和新加坡前进党（PSP）也推出新人，但工人党团队更显亲民——少些官僚做派，多些“感同身受”的共鸣。

再夺四个集选区？根据2020年选举数据，该党在竞争选区得票率达50.49%，而东部地区饱受生活压力的家庭或许会转向工人党。但胜选是一回事，执政能力则是另一回事。

未来英雄还是危机暗涌？

真相如下：工人党包袱重重。

林志蔚虽魅力十足，但他关于不平等的“觉醒”言论更适合TikTok，难吸引只求鸡饭降价的基层选民。

党魁普里坦·辛格（Pritam Singh）因就拉希莎·汗（Raeesah Khan）事件向国会特权委员会撒谎，刚被罚款1.4万新元。这一污点令反对党领袖形象蒙尘。

2023年，梁文辉（Leon Perera）与妮可·Seah（Nicole Seah）的绯闻风波？比起严肃政治，更像肥皂剧情节。

这些并非偶然失误，而是判断力持续欠佳的体现。工人党绝非行动党那般纪律严明的“钢铁坦克”，反倒像一辆吱呀作响的破旧摩托。

工人党应获更多权力吗？

若工人党大胜（例如阿裕尼59%、盛港52%、东部两集选区51%，总议席超20席），这并非因其完美无缺，而是选民渴求变革。物价飞涨、住房压力、年轻世代不满现状——工人党正瞄准这些痛点。哈普雷特或许是助力，但他们的政策构想必须比失误更耀眼。

他们高呼公平，但能否在执政时不自乱阵脚？国会辩论或将更激烈，但也可能更失序。

关键结论

工人党虽有胜绩与豪言，但其光环正迅速褪色。哈普雷特等新面孔无法掩盖裂痕——执政能力不稳、领袖信誉存疑、丑闻接连不断。其竞选宣言固然可观，但带来的混乱恐得不偿失。

若你已厌倦行动党执政，大可支持工人党，但别期待奇迹——唯有更多的喧嚣罢了。

Japan's cherry blossom experts on Monday (Mar 24) officially confirmed the initial blooming of the nation's beloved flower, marking the start of the joyous season in Tokyo.

A Japan Meteorological Agency (JMA) official closely inspected the Somei Yoshino specimen tree at Yasukuni Shrine in Tokyo, declaring that it bore more than five blossoms—the minimum threshold for the announcement.

According to the JMA, this year's bloom aligns with the average and is five days ahead of last year's schedule.

Known as "sakura," cherry blossoms are Japan’s cherished flower, typically reaching full bloom from late March to early April, coinciding with the beginning of the new academic and business year. Many locals celebrate by strolling or picnicking beneath the blooming trees.

For centuries, sakura have shaped Japanese culture, frequently appearing in poetry and literature as a poignant emblem of life’s fleeting nature, mortality, and renewal.

Tokyo’s announcement follows unusually warm weather, with temperatures hovering around 19°C (66°F). Just a day earlier, on Sunday, the season’s first cherry blossom was confirmed in Kochi, a southwestern city on Shikoku Island.

The JMA monitors over 50 "benchmark" cherry trees nationwide. These trees typically bloom for about two weeks, from the first buds to the final petals falling, with their peak expected in roughly 10 days.

Sensitive to temperature shifts, cherry trees offer critical insights into climate change research. In recent years, Japan’s cherry blossom season has trended earlier than historical averages, raising questions about the potential effects of global warming.