Stryker Says It’s Restoring Systems After Pro-Iran Hackers Wiped Thousands of Employee Devices
Stryker is restoring its computers and internal network after a March 11 cyberattack that allowed pro‑Iranian hackers to remotely wipe tens of thousands of employee devices. The breach exploited a compromised Microsoft Intune administrator account, giving the attackers near‑unlimited control over laptops and phones without deploying ransomware. The Handala group claimed the attack was retaliation for a U.S. airstrike on an Iranian school, and Stryker says its internet‑connected medical products remain safe. Operations such as order processing, manufacturing and shipping continue to be disrupted while the investigation proceeds.
_Tithi_Luadthong_alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Warlock Ransomware Group Augments Post-Exploitation Activities
Warlock ransomware group is expanding its post‑exploitation tactics, leveraging a bring‑your‑own‑vulnerable‑driver (BYOVD) exploit against Microsoft SharePoint servers and deploying tools such as TightVNC and the Yuze reverse‑proxy. The group now uses the NSecKrnl.sys driver to disable security products at the...
4 KVM Vendors, 9 Vulns – Including an Unfixed CVSS 9.8
Researchers at Eclypsium uncovered nine security flaws across consumer‑grade IP KVM devices from four vendors, including two critical vulnerabilities rated CVSS 9.8 and 8.8 that remain unpatched. The affected products range from single‑port, $30 units popular with homelab enthusiasts to...
'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment
Proofpoint researchers identified a new attack called CursorJack that abuses Model Context Protocol (MCP) deeplinks in the Cursor AI‑focused IDE. By crafting a malicious link, an attacker can trick a developer into clicking it and approving an installation, causing the...
Advanced Phishing Intrusion Against Security Firm Exec Detailed
Outpost24 disclosed a sophisticated phishing campaign that targeted a C‑suite executive using the newly emerged Kratos phishing‑as‑a‑service kit. The attackers sent a spoofed JP Morgan email containing a “review document” link that first redirected through Cisco Secure Web and Nylas, then...
KakaoTalk Weaponized in Konni Spear-Phishing Campaign
North Korean APT group Konni weaponized South Korea's KakaoTalk in a sophisticated spear‑phishing campaign. The group sent emails posing as a lecturer on North Korean human‑rights issues, tricking recipients into running a malicious shortcut that installed remote‑access malware. After compromising...
SecurityInfoWatch and SecureXperts Launch CSfC Certification Program
SecurityInfoWatch and SecureXperts have unveiled Cybersecure, a training initiative that launches with an NSA‑backed Commercial Solutions for Classified (CSfC) Trusted Integrator Workshop at ISC West. The program targets the chronic shortage of qualified integrators capable of designing CSfC‑compliant architectures for federal...
Top 5 Things CISOs Need to Do Today to Secure AI Agents
Agentic AI is reshaping enterprises by giving autonomous software agents the ability to write code, move data, and execute transactions without human oversight. Traditional AI security relies on prompt filtering and output monitoring, which only constrain behavior after access is...
How Forensic Investigation Techniques Help Solve Cybercrime Cases
The article outlines how digital forensics transforms fragmented cyber‑crime traces into courtroom‑ready evidence. It walks through the four‑stage workflow—preserve, acquire, analyze, report—and highlights the pitfalls of mishandling volatile data or losing cloud logs. Core techniques such as timeline reconstruction, artifact...
Email Remains Organizations' Most Serious Cybersecurity Threat
AI is accelerating the frequency of cyber incidents, yet email and multi‑factor authentication (MFA) remain the dominant entry points for ransomware. Cybersecurity veteran Robert Herjavec notes that 85% of ransomware attacks originate from phishing emails or compromised MFA credentials. The...
AI Changes the Calculus for the Cybersecurity Arms Race, Says Shark Tank Star
Robert Herjavec, the Shark Tank investor and security tech founder, argues that artificial intelligence is reshaping the cybersecurity arms race. He believes AI‑driven tools can identify and neutralize attacks as quickly as they are launched, turning the speed advantage toward...
Orchid Security Recognized by Gartner® as a Representative Vendor of Guardian Agents
Orchid Security has been named a Representative Vendor in Gartner’s inaugural Market Guide for Guardian Agents, which focuses on managing identities and access for AI agents with zero‑trust policies. The guide warns that AI agents expand “identity dark matter,” creating...
Nvidia's Agentic AI Stack Is the First Major Platform to Ship with Security at Launch, but Governance Gaps Remain
Nvidia unveiled its agentic AI stack at GTC, marking the first major AI platform to ship with security baked in rather than added later. Five security vendors—CrowdStrike, Palo Alto Networks, JFrog, Cisco, and World Wide Technology—each cover a distinct layer...
Press Release: S&P: Insurance Brief Says Middle East War Is Fuelling Cyber Risk
S&P Global Ratings warns that the ongoing Middle East war is amplifying cyber‑threat activity, with threat actors launching more DDoS attacks, phishing campaigns and network intrusions. While no large insured cyber losses have been reported yet, the situation remains fluid...
Why Sorority Video Recruitment Risks Members’ Digital Identities
Sorority recruitment has shifted toward self‑submitted videos, a trend amplified by platforms like RushTok. These polished clips capture voice, facial features and personal details, creating biometric datasets that AI firms and malicious actors can exploit. In the era of generative...
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
GitGuardian’s 2026 State of Secrets Sprawl report reveals an 81% year‑over‑year surge in AI‑service credential leaks, pushing total exposed secrets on public GitHub to roughly 29 million. AI‑assisted coding, exemplified by Claude Code, shows a 3.2% leak rate—about twice the platform...
Phishing Emails Target AI Defenses with Unique Obfuscation
Cybercriminals are deploying a new email obfuscation method to bypass NLP‑based phishing filters. The tactic inserts hundreds of line breaks and large blocks of benign graymail or random text after the malicious payload, diluting the malicious signal and inflating email...
Cooper University Health Care’s Curran Says Cross-Functional Collaboration Was the Key to Securing More Than 10,000 Edge Devices
Cooper University Health Care completed an 18‑month program that lifted device visibility from 25 percent to 100 percent across more than 10,000 IoT and medical devices. The effort relied on passive network‑monitoring tools, rigorous network segmentation, and a new security‑by‑procurement framework. A...
New York-Presbyterian’s Linsangan Says Live Simulations Expose What Tabletop Exercises Miss
New York‑Presbyterian launched live downtime simulations across its ten hospitals after a cyberattack at a peer institution highlighted systemic vulnerabilities. The exercises, run during peak daytime hours on real patient scenarios, revealed that many clinicians lacked paper‑charting experience, struggled with medication...
Beyond Integration Theatre: Building Stronger Cyber Platforms
Chief information security officers are confronting a threat landscape where the integration layer—APIs, OAuth tokens, and automation workflows—has become the new enterprise perimeter. While unified platforms promise simplicity, attackers exploit weakly governed connections, turning integrations into single points of failure....
New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit
Cybersecurity firm Acronis TRU uncovered a large‑scale campaign distributing the Vidar 2.0 infostealer through fake game‑cheat files hosted on GitHub and promoted on Reddit and Discord. The malware, rewritten in C for greater speed and stealth, is sold as Malware‑as‑a‑Service for $130‑$750...
Average Number of Daily API Attacks Up 113% Annually
Akamai’s 2025 State of the Internet report shows API attacks more than doubled, rising 113% to an average of 258 incidents per organization. Unauthorized workflows now account for 61% of attacks, indicating a shift toward behavior‑based exploits. The most common...
Hackers Turned a Compromised Npm Package Into Full AWS Admin Access in 72 Hours
Security researchers reported that a maliciously altered npm package was used to obtain full AWS administrative privileges within just 72 hours. The attackers leveraged the compromised library to enumerate S3 buckets, terminate production EC2 and RDS instances, and decrypt application...
UK Cyber Monitoring Centre Sets Its Sights on US Expansion One Year After Launch
The UK Cyber Monitoring Centre (CMC), launched in February 2025, quantifies the economic impact of major cyber incidents using a proprietary 0‑to‑5 scale. In its first year it assessed two high‑profile breaches: a Category 2 attack on Marks & Spencer and the Co‑op...
EU Sanctions Chinese, Iranian Hacking Groups for Device Breaches and Olympic Cyberattacks
On March 16, the European Union Council imposed new cyber sanctions on three entities and two individuals linked to China and Iran. The measures target Integrity Technology Group for compromising over 65,000 devices across six EU states, Anxun Information Technology...
It’s Time to Get Serious About Post-Quantum Security. Here’s Where to Start.
Quantum computers are nearing practical use, threatening current encryption like RSA and ECC, with a potential "Q‑Day" as early as 2029. The economic fallout of a successful quantum attack could exceed $3 trillion, prompting CISOs and CTOs to prioritize post‑quantum cryptography...
Vox and Nymbis Cloud Solutions Partner to Deliver a Unified Cloud, Connectivity & Security Solution
Vox announced a strategic partnership with Nymbis Cloud Solutions to embed advanced cloud, connectivity and security services into its portfolio. The initial offering focuses on managed backup, with plans to roll out cloud computing and colocation services within six months....
SMB Cybersecurity in 2026: From Reactive Defense to Strategic Partnership
Small and medium‑size enterprises in the UK are confronting a rapidly evolving cyber threat environment, with 67% lacking fully actionable security strategies. Daily, Kaspersky flags roughly 500,000 malicious files—a 7% year‑over‑year rise—while password‑stealer detections surge 59%. SMB leaders are moving...
Document Protection: Why Hybrid Storage Is the Future of Security
Companies are increasingly leveraging AI, which boosts productivity but also escalates sophisticated cyber threats. Digital document storage provides speed and collaboration, yet its exposure to breaches forces a security rethink. Experts recommend a hybrid model that keeps regularly accessed files...
What to Do in the First 24 Hours of a Breach
Help Net Security released a video featuring CYGNVS CEO Arvind Parthasarathi outlining a ten‑step framework for handling a cyber breach. The first five steps focus on preparation, including establishing an out‑of‑band communication channel, mapping internal stakeholders, engaging external legal and...
The Security Priorities APAC And EMEA Leaders Doubled Down On — And Deprioritized — In H2 2025
In H2 2025 APAC and EMEA security leaders shifted priorities, placing GRC at the top, focusing on AI agentic risk, and boosting API/software supply‑chain security. AI adoption moved to securing autonomous systems, while application security resurfaced. Quantum security and human...
Marcel’s Visa Campaign Turns Online Fraudsters’ AI Tactics Against Them
Visa’s Europe‑wide "The Feathered Lamb" campaign, created by Marcel, deployed AI‑generated images and videos to bait social‑media users and then reveal the deception. When commenters fell for the fake posts, a personalized video disclosed the trick and directed them to...
Under Attack? How Fastly Can Help
Fastly’s Cloud Security Operations Center (CSOC) promises a 15‑minute SLA for critical incidents, yet its median first‑response time is just one minute. The service relies on human analysts at every stage, leveraging the company’s globally distributed edge network to identify...
Global Cybercrime Clampdown Disrupts over 45K Illicit IP Addresses
Operation Synergia III, coordinated by Interpol, removed over 45,000 malicious IP addresses between July 2025 and January 2026, involving law‑enforcement agencies from 72 countries and private partners like Trend Micro and Group‑IB. The campaign also seized 212 servers, apprehended 94 individuals, and opened investigations into...
Trump Cyber Plan Leaves Identity Gap Unresolved
The White House released a seven‑page cyber strategy that prioritizes offensive capabilities, zero‑trust architecture, AI security, blockchain protection, and deregulation, but it stops short of outlining a national digital identity framework. The plan frames cyberspace as a geopolitical battleground and...
Telus, Fortanix Partner to Bring Confidential AI Solution to Regulated Organizations in Canada
Telus and Fortanix have unveiled a Confidential AI solution built on NVIDIA infrastructure, enabling Canadian regulated firms to train and deploy AI while keeping data encrypted within Canada. The platform leverages Telus’s Sovereign AI Factory in Rimouski and uses cryptographic...
South Korea Urged to Review Biometric Mandate for Mobile Phone Numbers
South Korea’s National Human Rights Commission has asked the Ministry of Science and ICT to reconsider its plan to mandate facial‑recognition authentication for all new mobile phone numbers, set to launch on March 23. The watchdog recommends three fixes: a...
Consultation Questions, Companies House Incident Highlight UK IDV Industry’s Fears
The UK government’s consultation on a national digital identity system omits private Digital Verification Service (DVS) providers, prompting the Association of Digital Verification Professionals (ADVP) to warn of data‑ownership and market‑distortion concerns. Simultaneously, a security breach at Companies House exposed...
Zero Lessons Learned: Convicted Scammer Allegedly Ran Another Athlete-Focused Phishing Scam From Federal Prison
Kwamaine Jerell Ford, a 34‑year‑old Georgia man, allegedly operated a new phishing operation against NBA and NFL athletes while incarcerated for a prior cyber‑fraud scheme. Posing as an adult‑film star, he tricked victims into revealing iCloud login credentials and MFA...
Zoom Expands Pindrop Deepfake Detection to Customer Service
Zoom is extending its partnership with voice‑biometrics firm Pindrop by embedding Pindrop Passport authentication and Pindrop Protect risk analysis into its Zoom Contact Center. The move adds real‑time deepfake detection, previously offered via Pulse for Meetings, to the platform’s customer‑service...
Virtual Event to Focus on Cyber Incident Response and Recovery
A virtual event will convene cybersecurity leaders to discuss incident response and recovery strategies, drawing lessons from recent high‑profile breaches such as Stryker’s global ransomware attack. The agenda incorporates new government initiatives, including the White House’s executive order on state‑sponsored...
Augustus v0.0.9: Multi-Turn Attacks for LLMs That Fight Back
Augustus v0.0.9 adds a unified engine for multi‑turn LLM attacks, offering four distinct strategies—Crescendo, GOAT, Hydra, and Mischievous User. The tool demonstrates that conversational context can bypass modern guardrails, extracting step‑by‑step instructions from GPT‑4o‑mini in as few as two turns. Hydra’s back‑tracking...
Checkmarx Unveils AppSec Platform for the Age of Agentic Development
Checkmarx introduced Checkmarx One, an application security platform designed for the era of AI‑driven, or “agentic,” development. The solution embeds autonomous AI agents that provide real‑time vulnerability triage, automated remediation, and governance of AI assets across the software supply chain....
Zenarmor Launches SASE Partner Program for MSPs and Channel Providers
Zenarmor has launched an industry‑first, architecture‑driven SASE Channel Partner Program targeting MSPs, MSSPs, ISPs and VARs. The program offers a structured framework, go‑to‑market positioning, enablement resources and tiered margins, enabling partners to deploy, manage and sell SASE without relying on...
New Texas Cyber Command Looks to ‘Bind the State Together’
Gov. Greg Abbott signed legislation creating Texas Cyber Command, which officially launched in September 2025 and is housed at the University of Texas at San Antonio. Led by Ret. Admiral TJ White, the command is legally required to build an...
Rise with SAP Security Risk Is Increasingly Shaped by Timing, Data, Assurance
RISE with SAP customers are rapidly moving SAP S/4HANA Cloud Private Edition into production, exposing security risks tied to migration timing, data movement, and assurance. Smaller firms lead the migration curve, while larger enterprises remain in planning, creating uneven risk...
Cyberattack Disrupts Parking Payments in Russian City
The Russian city of Perm restored its automated parking payment system after a large‑scale distributed denial‑of‑service (DDoS) attack knocked the service offline, temporarily making parking free from March 10 to March 13. Authorities confirmed the system is fully operational and all payment...
9 Mobile Device Management Best Practices for Businesses
Mobile device management (MDM) is essential for securing smartphones, tablets, and laptops in modern enterprises, especially as BYOD expands. The article outlines nine best‑practice steps, from establishing comprehensive MDM policies and enforcing PIN/MFA to integrating DLP, remote wipe, automated OS...
Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact
The Cl0p ransomware group claims a massive Oracle E‑Business Suite breach that exploited zero‑day flaws, affecting over 100 organizations. Among the victims, Broadcom, Bechtel, Estée Lauder and Abbott have not issued any public comment despite leaks of 2 TB, 870 GB and other...
Stryker Attack Raises Concerns About Role of Device Management Tool
Stryker, a leading medical‑device maker, suffered a wiper attack that used Microsoft Intune to remotely erase data on thousands of phones and workstations. The Iran‑linked Handala group claimed responsibility, alleging the theft of 50 TB of data and the destruction of...